Se connecter / S'enregistrer
Votre question

Erreur de chargement de fastRX [résolu]

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
31 Janvier 2009 19:31:57

Bonsoir,

Au démarrage de mon pc j'ai le message :"Erreur de chargement de fastRX.dll" et j'ai le dossier system 32 qui s'ouvre
Comment puis je faire pour résoudre ce problème ?
merci d'avance

Après scan de HijackThis j'obtiens :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:32, on 31/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\QuickTime4\QTTask.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Fichiers communs\AOL\1168789452\ee\AOLSoftware.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Program Files\Philips ToUcam Camera\VProperty.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
c:\program files\fichiers communs\aol\1168789452\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\NICARD\Local Settings\Temporary Internet Files\Content.IE5\6261DUAR\HiJackThis[1].exe
C:\Program Files\Windows Live\Mail\wlmail.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Ins3DT] D:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Wait4Ip] C:\net2plug\Wait4Ip
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime4\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168789452\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [MyWebSearch Email Plugin]
O4 - HKLM\..\Run: [kfvjfcynkf] c:\windows\system32\kfvjfcynkf.exe kfvjfcynkf
O4 - HKLM\..\Run: [vqpngwzxb] c:\windows\system32\vqpngwzxb.exe vqpngwzxb
O4 - HKLM\..\Run: [bflnctzx] c:\windows\system32\bflnctzx.exe bflnctzx
O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
O4 - HKLM\..\Run: [kpx] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\fastRX.dll DllInitApp
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Meow body.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Ace coal] C:\DOCUME~1\NICARD\APPLIC~1\TITLEG~1\boldadminplus.exe
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [DelayShred] "C:\Program Files\McAfee\McAfee Shared Components\Shredder 5\SHRED32.EXE" /q C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\TFOH9D6M\MYMSN_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\JACKPO~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\01X3RULD\OGAME_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\18X5CA~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\FKCASJRS\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5ERKXH1A\IEFIRS~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\O9GXVYVV\METEOV~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\339QWFEU\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\ADS_7_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\TAG_AN~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\SAVE_3~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\ADS_10~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\U4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_10...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoD...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 17015 bytes

Autres pages sur : erreur chargement fastrx resolu

a b 9 Windows
31 Janvier 2009 22:41:32

ton pc est infecté jusqu'à l'os (sans jeu de mot)

vas dans la section "sécurité et virus", ils vont te dépanner très vite.
m
0
l
a c 267 8 Sécurité
a b 9 Windows
31 Janvier 2009 23:23:40

Salut,

Effectivement, PC infecté.

  • Télécharge Lop S&D sur ton Bureau.
  • Double-clique dessus pour lancer l'installation.
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    m
    0
    l
    Contenus similaires
    1 Février 2009 10:50:23

    Voici le rapport,


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NICARD ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1169 [VPS 090131-0] 4.8.1169 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:2 Go)
    D:\ (CD or DVD) - UDF - Total:6 Go (Free:0 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (USB) - FAT32 - Total:7597 Mo (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 01/02/2009|10:44 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [26/11/2008|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [11/11/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [05/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [05/11/2007|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
    [26/11/2008|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [26/11/2008|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [28/09/2007|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [06/08/2004|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [08/06/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DFX
    [22/09/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    [17/01/2007|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [16/09/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [05/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [29/09/2007|01:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    [29/09/2007|00:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [29/09/2007|00:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
    [17/02/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/12/2008|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [05/12/2004|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
    [17/01/2007|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
    [28/01/2005|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [22/09/2007|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [05/12/2007|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
    [29/09/2007|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\proc send owns dart
    [05/02/2005|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [10/06/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [18/04/2006|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
    [10/02/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SRS Labs
    [16/09/2007|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [19/08/2007|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Two Idol Wave Flag
    [12/03/2005|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [07/01/2007|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vivendi Universal Games
    [14/01/2007|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [14/01/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [17/12/2008|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [15/03/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [13/11/2008|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [27/11/2007|22:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [16/09/2007|19:58] C:\DOCUME~1\HELPAS~1\APPLIC~1\Microsoft

    [16/09/2007|20:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [17/01/2007|18:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
    [14/01/2007|16:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
    [26/05/2008|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [12/09/2007|16:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\TitleGridBind

    [30/11/2007|23:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [11/01/2009|16:02] C:\DOCUME~1\NICARD\APPLIC~1\Adobe
    [16/09/2007|22:23] C:\DOCUME~1\NICARD\APPLIC~1\AdobeUM
    [05/11/2007|19:59] C:\DOCUME~1\NICARD\APPLIC~1\AOL
    [29/01/2009|19:47] C:\DOCUME~1\NICARD\APPLIC~1\Apple Computer
    [08/09/2005|20:45] C:\DOCUME~1\NICARD\APPLIC~1\ArcSoft
    [02/01/2005|15:21] C:\DOCUME~1\NICARD\APPLIC~1\Atari
    [22/06/2007|16:54] C:\DOCUME~1\NICARD\APPLIC~1\Audacity
    [01/02/2009|09:50] C:\DOCUME~1\NICARD\APPLIC~1\AVG7
    [06/08/2004|10:26] C:\DOCUME~1\NICARD\APPLIC~1\CyberLink
    [22/12/2007|13:59] C:\DOCUME~1\NICARD\APPLIC~1\DivX
    [14/06/2006|16:58] C:\DOCUME~1\NICARD\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [18/02/2005|13:52] C:\DOCUME~1\NICARD\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [13/01/2009|21:04] C:\DOCUME~1\NICARD\APPLIC~1\dvdcss
    [17/01/2007|14:31] C:\DOCUME~1\NICARD\APPLIC~1\Google
    [30/08/2004|09:00] C:\DOCUME~1\NICARD\APPLIC~1\Help
    [09/03/2008|20:38] C:\DOCUME~1\NICARD\APPLIC~1\ICQ
    [09/03/2008|20:37] C:\DOCUME~1\NICARD\APPLIC~1\ICQ Toolbar
    [21/10/2007|21:05] C:\DOCUME~1\NICARD\APPLIC~1\Identities
    [09/03/2008|19:13] C:\DOCUME~1\NICARD\APPLIC~1\InstallShield
    [06/08/2004|10:21] C:\DOCUME~1\NICARD\APPLIC~1\InterTrust
    [11/01/2009|16:02] C:\DOCUME~1\NICARD\APPLIC~1\Macromedia
    [14/01/2007|16:28] C:\DOCUME~1\NICARD\APPLIC~1\McAfee
    [01/04/2007|15:29] C:\DOCUME~1\NICARD\APPLIC~1\McAfee.com Personal Firewall
    [17/02/2007|15:29] C:\DOCUME~1\NICARD\APPLIC~1\MessengerSkinner
    [17/12/2008|22:18] C:\DOCUME~1\NICARD\APPLIC~1\Microsoft
    [05/12/2004|13:31] C:\DOCUME~1\NICARD\APPLIC~1\Microsoft Games
    [26/07/2007|20:53] C:\DOCUME~1\NICARD\APPLIC~1\Mozilla
    [26/07/2007|20:10] C:\DOCUME~1\NICARD\APPLIC~1\MSN6
    [10/12/2008|19:03] C:\DOCUME~1\NICARD\APPLIC~1\OpenOffice.org2
    [21/03/2007|22:38] C:\DOCUME~1\NICARD\APPLIC~1\Radios Media Player
    [31/08/2008|12:51] C:\DOCUME~1\NICARD\APPLIC~1\Real
    [05/10/2008|22:44] C:\DOCUME~1\NICARD\APPLIC~1\REAPER
    [24/03/2007|15:26] C:\DOCUME~1\NICARD\APPLIC~1\Screenshot Sender
    [01/12/2007|17:33] C:\DOCUME~1\NICARD\APPLIC~1\SecuROM
    [31/01/2009|10:41] C:\DOCUME~1\NICARD\APPLIC~1\Skype
    [01/02/2009|09:52] C:\DOCUME~1\NICARD\APPLIC~1\skypePM
    [18/04/2006|16:02] C:\DOCUME~1\NICARD\APPLIC~1\Sony Corporation
    [10/02/2007|11:32] C:\DOCUME~1\NICARD\APPLIC~1\SoundSpectrum
    [11/12/2008|22:36] C:\DOCUME~1\NICARD\APPLIC~1\Sun
    [10/06/2007|21:04] C:\DOCUME~1\NICARD\APPLIC~1\teamspeak2
    [29/09/2007|00:15] C:\DOCUME~1\NICARD\APPLIC~1\TitleGridBind
    [29/11/2007|21:39] C:\DOCUME~1\NICARD\APPLIC~1\Todae
    [22/04/2008|18:52] C:\DOCUME~1\NICARD\APPLIC~1\U3
    [22/07/2008|21:03] C:\DOCUME~1\NICARD\APPLIC~1\vlc
    [22/10/2007|21:03] C:\DOCUME~1\NICARD\APPLIC~1\Windows Desktop Search
    [30/08/2007|17:37] C:\DOCUME~1\NICARD\APPLIC~1\Xfire
    [13/11/2008|21:33] C:\DOCUME~1\NICARD\APPLIC~1\Yahoo!
    [12/03/2005|17:51] C:\DOCUME~1\NICARD\APPLIC~1\You've Got Pictures Screensaver

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [26/01/2009 22:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [01/02/2009 09:47][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [24/04/2003 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [04/04/2007|21:15] C:\Program Files\3B Software
    [13/02/2007|19:30] C:\Program Files\7-Zip
    [01/04/2007|14:36] C:\Program Files\ACD Systems
    [11/02/2007|18:31] C:\Program Files\Acoustica Mixcraft
    [11/11/2008|12:07] C:\Program Files\Adobe
    [28/09/2007|23:52] C:\Program Files\Alwil Software
    [05/11/2007|19:57] C:\Program Files\AOL
    [16/03/2007|18:52] C:\Program Files\AOL 9.0
    [05/11/2007|20:36] C:\Program Files\AOL 9.0 VR
    [16/03/2007|18:52] C:\Program Files\AOL 9.0a
    [16/09/2007|13:05] C:\Program Files\AOL 9.0b
    [16/09/2007|13:05] C:\Program Files\AOL 9.0c
    [16/09/2007|13:05] C:\Program Files\AOL 9.0d
    [26/11/2008|17:58] C:\Program Files\Apple Software Update
    [08/09/2005|20:43] C:\Program Files\ArcSoft
    [23/04/2008|21:54] C:\Program Files\Atari
    [22/12/2007|10:46] C:\Program Files\AviSynth 2.5
    [07/08/2004|14:17] C:\Program Files\Bethesda Softworks
    [15/12/2008|22:35] C:\Program Files\Bonjour
    [17/02/2007|13:57] C:\Program Files\Boonty
    [06/08/2004|10:19] C:\Program Files\B's CLiP
    [10/11/2004|17:19] C:\Program Files\B's Recorder GOLD7
    [27/09/2007|00:51] C:\Program Files\CCleaner
    [02/03/2007|19:43] C:\Program Files\Common Files
    [06/08/2004|10:17] C:\Program Files\CyberLink
    [06/08/2004|10:18] C:\Program Files\CyberLink DVD Solution
    [13/11/2008|21:30] C:\Program Files\DivX
    [06/08/2004|10:19] C:\Program Files\DVD-RAM
    [22/12/2007|09:28] C:\Program Files\EA GAMES
    [06/01/2009|21:23] C:\Program Files\eChanblard
    [07/08/2004|09:14] C:\Program Files\Enlight
    [17/12/2008|20:40] C:\Program Files\Fichiers communs
    [20/06/2007|16:36] C:\Program Files\FRIENDS
    [28/01/2007|08:48] C:\Program Files\FunWebProducts
    [28/08/2006|13:53] C:\Program Files\FX-INTERFACE PROFESSIONAL
    [16/09/2007|13:06] C:\Program Files\GameSpy Arcade
    [27/01/2007|11:44] C:\Program Files\Google
    [16/09/2007|19:59] C:\Program Files\Grisoft
    [26/03/2008|20:54] C:\Program Files\GUILD WARS
    [22/02/2008|13:06] C:\Program Files\Hewlett-Packard
    [22/02/2008|13:07] C:\Program Files\HP
    [09/03/2008|20:38] C:\Program Files\ICQ6
    [31/01/2009|22:43] C:\Program Files\ICQToolbar
    [16/03/2007|18:55] C:\Program Files\Infogrames
    [04/11/2008|13:10] C:\Program Files\InstallShield Installation Information
    [16/01/2005|20:43] C:\Program Files\InterActual
    [04/04/2007|21:14] C:\Program Files\Internet Cleaner
    [14/12/2008|00:09] C:\Program Files\Internet Explorer
    [26/11/2008|18:06] C:\Program Files\iPod
    [26/11/2008|18:07] C:\Program Files\iTunes
    [16/08/2008|22:42] C:\Program Files\Java
    [27/05/2005|17:37] C:\Program Files\JoWood
    [12/03/2005|17:51] C:\Program Files\Learn2.com
    [27/01/2008|14:51] C:\Program Files\Livre Album Fuji Photo
    [30/08/2007|17:39] C:\Program Files\LucasArts
    [05/09/2004|14:43] C:\Program Files\Maxis
    [29/09/2007|01:24] C:\Program Files\McAfee.com
    [30/09/2008|20:43] C:\Program Files\Messenger
    [18/01/2009|17:26] C:\Program Files\Messenger Plus! Live
    [07/01/2005|18:56] C:\Program Files\Microids
    [17/12/2008|22:02] C:\Program Files\Microsoft
    [04/08/2004|16:00] C:\Program Files\microsoft frontpage
    [04/11/2008|13:21] C:\Program Files\Microsoft Games
    [05/09/2004|14:43] C:\Program Files\Microsoft Office
    [21/10/2007|21:05] C:\Program Files\Microsoft SQL Server Compact Edition
    [17/12/2008|22:09] C:\Program Files\Microsoft Sync Framework
    [23/09/2007|22:58] C:\Program Files\Microsoft Works
    [30/09/2008|20:21] C:\Program Files\Movie Maker
    [13/04/2008|23:01] C:\Program Files\Mozilla Firefox
    [16/03/2007|18:56] C:\Program Files\MSN
    [04/08/2004|15:56] C:\Program Files\MSN Gaming Zone
    [22/12/2007|16:49] C:\Program Files\MSN Messenger
    [20/03/2005|13:39] C:\Program Files\MUSICMATCH
    [27/01/2007|21:41] C:\Program Files\MyWebSearch
    [22/06/2007|17:52] C:\Program Files\MyXOFT
    [30/09/2008|20:03] C:\Program Files\NetMeeting
    [23/01/2008|19:04] C:\Program Files\OpenOffice.org 2.3
    [01/10/2008|16:53] C:\Program Files\Outlook Express
    [17/08/2005|17:58] C:\Program Files\Packard Bell
    [09/09/2008|21:56] C:\Program Files\PCFriendly
    [17/05/2007|18:33] C:\Program Files\Philips ToUcam Camera
    [25/11/2007|12:26] C:\Program Files\PhotoFiltre
    [13/02/2007|21:00] C:\Program Files\Project64 v1.5
    [05/02/2005|20:44] C:\Program Files\QT
    [05/02/2005|21:13] C:\Program Files\QuickTime
    [26/11/2008|18:04] C:\Program Files\QuickTime4
    [12/03/2005|17:51] C:\Program Files\Real
    [31/05/2008|11:24] C:\Program Files\REAPER
    [27/06/2005|17:13] C:\Program Files\Rockstar Games
    [04/08/2004|15:59] C:\Program Files\Services en ligne
    [10/06/2007|21:18] C:\Program Files\Skype
    [18/04/2006|15:59] C:\Program Files\Sony
    [18/04/2006|15:59] C:\Program Files\Sony Corporation
    [10/02/2007|11:31] C:\Program Files\SoundSpectrum
    [30/08/2006|09:23] C:\Program Files\Starcraft
    [12/03/2005|17:49] C:\Program Files\TechCity Solutions
    [18/02/2005|13:55] C:\Program Files\Trellix Corporation
    [05/10/2008|21:55] C:\Program Files\TubeMaster
    [12/03/2005|20:22] C:\Program Files\Ubi Soft
    [22/07/2008|20:20] C:\Program Files\VideoLAN
    [12/03/2005|17:51] C:\Program Files\Viewpoint
    [26/02/2007|13:36] C:\Program Files\Virtools
    [20/06/2008|14:31] C:\Program Files\VirtualDJ
    [16/09/2007|13:07] C:\Program Files\Winamp
    [21/10/2007|21:05] C:\Program Files\Windows Desktop Search
    [17/12/2008|22:09] C:\Program Files\Windows Live
    [17/12/2008|22:01] C:\Program Files\Windows Live SkyDrive
    [17/12/2008|22:09] C:\Program Files\Windows Live Toolbar
    [10/02/2007|11:19] C:\Program Files\Windows Media Bonus Pack for Windows XP
    [24/01/2007|16:46] C:\Program Files\Windows Media Connect 2
    [01/10/2008|16:56] C:\Program Files\Windows Media Player
    [30/09/2008|20:03] C:\Program Files\Windows NT
    [04/08/2004|16:00] C:\Program Files\xerox
    [16/09/2007|13:07] C:\Program Files\Xfire
    [13/11/2008|21:28] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [11/11/2008|12:09] C:\Program Files\Fichiers communs\Adobe
    [05/11/2007|19:59] C:\Program Files\Fichiers communs\AOL
    [12/03/2005|17:51] C:\Program Files\Fichiers communs\aolback
    [05/11/2007|19:58] C:\Program Files\Fichiers communs\aolshare
    [26/11/2008|18:06] C:\Program Files\Fichiers communs\Apple
    [13/02/2008|11:43] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [17/08/2004|19:29] C:\Program Files\Fichiers communs\DESIGNER
    [13/02/2005|15:04] C:\Program Files\Fichiers communs\DirectX
    [18/02/2005|13:52] C:\Program Files\Fichiers communs\Hewlett-Packard
    [09/01/2005|13:07] C:\Program Files\Fichiers communs\InstallShield
    [16/08/2008|22:39] C:\Program Files\Fichiers communs\Java
    [17/12/2008|22:01] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/08/2004|15:58] C:\Program Files\Fichiers communs\MSSoap
    [30/08/2005|09:00] C:\Program Files\Fichiers communs\muvee Technologies
    [12/03/2005|17:51] C:\Program Files\Fichiers communs\Nullsoft
    [23/09/2007|01:20] C:\Program Files\Fichiers communs\ODBC
    [04/09/2008|18:27] C:\Program Files\Fichiers communs\Real
    [24/02/2007|18:54] C:\Program Files\Fichiers communs\Scanner
    [04/08/2004|15:58] C:\Program Files\Fichiers communs\Services
    [13/11/2008|19:18] C:\Program Files\Fichiers communs\Skype
    [18/04/2006|15:57] C:\Program Files\Fichiers communs\Sony Shared
    [04/08/2004|22:55] C:\Program Files\Fichiers communs\SpeechEngines
    [17/08/2008|14:04] C:\Program Files\Fichiers communs\SWF Studio
    [01/10/2008|16:53] C:\Program Files\Fichiers communs\System
    [07/01/2007|16:20] C:\Program Files\Fichiers communs\Vivendi Universal Games
    [17/12/2008|20:40] C:\Program Files\Fichiers communs\Windows Live
    [15/03/2008|12:32] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [04/09/2008|18:28] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 73 Processes )

    IEXPLORE.EXE ~ [PID:1484]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Two Idol Wave Flag
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\nsc91.tmp
    C:\DOCUME~1\NICARD\Cookies\nicard@advertstream[1].txt
    C:\DOCUME~1\NICARD\Cookies\nicard@bigpoint[2].txt
    C:\DOCUME~1\NICARD\Cookies\nicard@fr.darkorbit.bigpoint[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Stupid Data Dart Wave"="C:\\Documents and Settings\\All Users\\Application Data\\flag ace stupid data\\Meow body.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 [ 70 ## added by CiD ]

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-01 10:46:14
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 79

    --------------------\\ Recherche d'autres infections

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "kfvjfcynkf"="c:\\windows\\system32\\kfvjfcynkf.exe kfvjfcynkf"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "vqpngwzxb"="c:\\windows\\system32\\vqpngwzxb.exe vqpngwzxb"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bflnctzx"="c:\\windows\\system32\\bflnctzx.exe bflnctzx"

    C:\DOCUME~1\NICARD\APPLIC~1\MessengerSkinner
    C:\DOCUME~1\NICARD\APPLIC~1\MessengerSkinner\Userdata
    C:\WINDOWS\Pack.epk
    C:\WINDOWS\System32\nvs2.inf

    C:\WINDOWS\System32\bflnctzx.dat
    C:\WINDOWS\System32\bflnctzx_nav.dat
    C:\WINDOWS\System32\bflnctzx_navps.dat
    C:\WINDOWS\System32\kfvjfcynkf.dat
    C:\WINDOWS\System32\kfvjfcynkf_nav.dat
    C:\WINDOWS\System32\kfvjfcynkf_navps.dat
    C:\WINDOWS\System32\unbwngkj.dat
    C:\WINDOWS\System32\unbwngkj.exe
    C:\WINDOWS\System32\unbwngkj_nav.dat
    C:\WINDOWS\System32\unbwngkj_navps.dat
    C:\WINDOWS\System32\vqpngwzxb.dat
    C:\WINDOWS\System32\vqpngwzxb_nav.dat
    C:\WINDOWS\System32\vqpngwzxb_navps.dat
    ==> EGDACCESS <==



    [F:3127][D:207]-> C:\DOCUME~1\NICARD\LOCALS~1\Temp
    [F:111][D:0]-> C:\DOCUME~1\NICARD\Cookies
    [F:7502][D:9]-> C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 01/02/2009|10:55 - Option : [1]

    --------------------\\ Fin du rapport a 10:55:26
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Février 2009 15:29:19

  • Relance Lop S&D.
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    m
    0
    l
    1 Février 2009 16:25:19

    voici le rapport,


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NICARD ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1169 [VPS 090131-0] 4.8.1169 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:2 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (USB) - FAT32 - Total:7597 Mo (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 01/02/2009|16:25 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\NICARD\LOCALS~1\Temp\nsc91.tmp
    Supprime! - C:\DOCUME~1\NICARD\Cookies\nicard@advertstream[1].txt
    Supprime! - C:\DOCUME~1\NICARD\Cookies\nicard@bigpoint[2].txt
    Supprime! - C:\DOCUME~1\NICARD\Cookies\nicard@fr.darkorbit.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Two Idol Wave Flag
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Viewpoint
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [26/11/2008|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [11/11/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [05/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [05/11/2007|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
    [26/11/2008|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [26/11/2008|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [28/09/2007|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [06/08/2004|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [08/06/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DFX
    [17/01/2007|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [16/09/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [05/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [29/09/2007|01:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    [29/09/2007|00:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [29/09/2007|00:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
    [17/02/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/12/2008|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [05/12/2004|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
    [17/01/2007|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
    [28/01/2005|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [22/09/2007|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [05/12/2007|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
    [29/09/2007|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\proc send owns dart
    [05/02/2005|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [10/06/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [18/04/2006|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
    [10/02/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SRS Labs
    [16/09/2007|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [07/01/2007|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vivendi Universal Games
    [14/01/2007|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [14/01/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [17/12/2008|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [15/03/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [13/11/2008|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [27/11/2007|22:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [16/09/2007|19:58] C:\DOCUME~1\HELPAS~1\APPLIC~1\Microsoft

    [16/09/2007|20:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [17/01/2007|18:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
    [14/01/2007|16:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
    [26/05/2008|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [12/09/2007|16:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\TitleGridBind

    [30/11/2007|23:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [11/01/2009|16:02] C:\DOCUME~1\NICARD\APPLIC~1\Adobe
    [16/09/2007|22:23] C:\DOCUME~1\NICARD\APPLIC~1\AdobeUM
    [05/11/2007|19:59] C:\DOCUME~1\NICARD\APPLIC~1\AOL
    [29/01/2009|19:47] C:\DOCUME~1\NICARD\APPLIC~1\Apple Computer
    [08/09/2005|20:45] C:\DOCUME~1\NICARD\APPLIC~1\ArcSoft
    [02/01/2005|15:21] C:\DOCUME~1\NICARD\APPLIC~1\Atari
    [22/06/2007|16:54] C:\DOCUME~1\NICARD\APPLIC~1\Audacity
    [01/02/2009|09:50] C:\DOCUME~1\NICARD\APPLIC~1\AVG7
    [06/08/2004|10:26] C:\DOCUME~1\NICARD\APPLIC~1\CyberLink
    [22/12/2007|13:59] C:\DOCUME~1\NICARD\APPLIC~1\DivX
    [14/06/2006|16:58] C:\DOCUME~1\NICARD\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [18/02/2005|13:52] C:\DOCUME~1\NICARD\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [13/01/2009|21:04] C:\DOCUME~1\NICARD\APPLIC~1\dvdcss
    [17/01/2007|14:31] C:\DOCUME~1\NICARD\APPLIC~1\Google
    [30/08/2004|09:00] C:\DOCUME~1\NICARD\APPLIC~1\Help
    [09/03/2008|20:38] C:\DOCUME~1\NICARD\APPLIC~1\ICQ
    [09/03/2008|20:37] C:\DOCUME~1\NICARD\APPLIC~1\ICQ Toolbar
    [21/10/2007|21:05] C:\DOCUME~1\NICARD\APPLIC~1\Identities
    [09/03/2008|19:13] C:\DOCUME~1\NICARD\APPLIC~1\InstallShield
    [06/08/2004|10:21] C:\DOCUME~1\NICARD\APPLIC~1\InterTrust
    [11/01/2009|16:02] C:\DOCUME~1\NICARD\APPLIC~1\Macromedia
    [14/01/2007|16:28] C:\DOCUME~1\NICARD\APPLIC~1\McAfee
    [01/04/2007|15:29] C:\DOCUME~1\NICARD\APPLIC~1\McAfee.com Personal Firewall
    [17/02/2007|15:29] C:\DOCUME~1\NICARD\APPLIC~1\MessengerSkinner
    [17/12/2008|22:18] C:\DOCUME~1\NICARD\APPLIC~1\Microsoft
    [05/12/2004|13:31] C:\DOCUME~1\NICARD\APPLIC~1\Microsoft Games
    [26/07/2007|20:53] C:\DOCUME~1\NICARD\APPLIC~1\Mozilla
    [26/07/2007|20:10] C:\DOCUME~1\NICARD\APPLIC~1\MSN6
    [10/12/2008|19:03] C:\DOCUME~1\NICARD\APPLIC~1\OpenOffice.org2
    [21/03/2007|22:38] C:\DOCUME~1\NICARD\APPLIC~1\Radios Media Player
    [31/08/2008|12:51] C:\DOCUME~1\NICARD\APPLIC~1\Real
    [05/10/2008|22:44] C:\DOCUME~1\NICARD\APPLIC~1\REAPER
    [24/03/2007|15:26] C:\DOCUME~1\NICARD\APPLIC~1\Screenshot Sender
    [01/12/2007|17:33] C:\DOCUME~1\NICARD\APPLIC~1\SecuROM
    [31/01/2009|10:41] C:\DOCUME~1\NICARD\APPLIC~1\Skype
    [01/02/2009|16:02] C:\DOCUME~1\NICARD\APPLIC~1\skypePM
    [18/04/2006|16:02] C:\DOCUME~1\NICARD\APPLIC~1\Sony Corporation
    [10/02/2007|11:32] C:\DOCUME~1\NICARD\APPLIC~1\SoundSpectrum
    [11/12/2008|22:36] C:\DOCUME~1\NICARD\APPLIC~1\Sun
    [10/06/2007|21:04] C:\DOCUME~1\NICARD\APPLIC~1\teamspeak2
    [29/09/2007|00:15] C:\DOCUME~1\NICARD\APPLIC~1\TitleGridBind
    [29/11/2007|21:39] C:\DOCUME~1\NICARD\APPLIC~1\Todae
    [22/04/2008|18:52] C:\DOCUME~1\NICARD\APPLIC~1\U3
    [22/07/2008|21:03] C:\DOCUME~1\NICARD\APPLIC~1\vlc
    [22/10/2007|21:03] C:\DOCUME~1\NICARD\APPLIC~1\Windows Desktop Search
    [30/08/2007|17:37] C:\DOCUME~1\NICARD\APPLIC~1\Xfire
    [13/11/2008|21:33] C:\DOCUME~1\NICARD\APPLIC~1\Yahoo!
    [12/03/2005|17:51] C:\DOCUME~1\NICARD\APPLIC~1\You've Got Pictures Screensaver

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [26/01/2009 22:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [01/02/2009 09:47][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [24/04/2003 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [04/04/2007|21:15] C:\Program Files\3B Software
    [13/02/2007|19:30] C:\Program Files\7-Zip
    [01/04/2007|14:36] C:\Program Files\ACD Systems
    [11/02/2007|18:31] C:\Program Files\Acoustica Mixcraft
    [11/11/2008|12:07] C:\Program Files\Adobe
    [28/09/2007|23:52] C:\Program Files\Alwil Software
    [05/11/2007|19:57] C:\Program Files\AOL
    [16/03/2007|18:52] C:\Program Files\AOL 9.0
    [05/11/2007|20:36] C:\Program Files\AOL 9.0 VR
    [16/03/2007|18:52] C:\Program Files\AOL 9.0a
    [16/09/2007|13:05] C:\Program Files\AOL 9.0b
    [16/09/2007|13:05] C:\Program Files\AOL 9.0c
    [16/09/2007|13:05] C:\Program Files\AOL 9.0d
    [26/11/2008|17:58] C:\Program Files\Apple Software Update
    [08/09/2005|20:43] C:\Program Files\ArcSoft
    [23/04/2008|21:54] C:\Program Files\Atari
    [22/12/2007|10:46] C:\Program Files\AviSynth 2.5
    [07/08/2004|14:17] C:\Program Files\Bethesda Softworks
    [15/12/2008|22:35] C:\Program Files\Bonjour
    [17/02/2007|13:57] C:\Program Files\Boonty
    [06/08/2004|10:19] C:\Program Files\B's CLiP
    [10/11/2004|17:19] C:\Program Files\B's Recorder GOLD7
    [27/09/2007|00:51] C:\Program Files\CCleaner
    [02/03/2007|19:43] C:\Program Files\Common Files
    [06/08/2004|10:17] C:\Program Files\CyberLink
    [06/08/2004|10:18] C:\Program Files\CyberLink DVD Solution
    [13/11/2008|21:30] C:\Program Files\DivX
    [06/08/2004|10:19] C:\Program Files\DVD-RAM
    [22/12/2007|09:28] C:\Program Files\EA GAMES
    [06/01/2009|21:23] C:\Program Files\eChanblard
    [07/08/2004|09:14] C:\Program Files\Enlight
    [17/12/2008|20:40] C:\Program Files\Fichiers communs
    [20/06/2007|16:36] C:\Program Files\FRIENDS
    [28/01/2007|08:48] C:\Program Files\FunWebProducts
    [28/08/2006|13:53] C:\Program Files\FX-INTERFACE PROFESSIONAL
    [16/09/2007|13:06] C:\Program Files\GameSpy Arcade
    [27/01/2007|11:44] C:\Program Files\Google
    [16/09/2007|19:59] C:\Program Files\Grisoft
    [26/03/2008|20:54] C:\Program Files\GUILD WARS
    [22/02/2008|13:06] C:\Program Files\Hewlett-Packard
    [22/02/2008|13:07] C:\Program Files\HP
    [09/03/2008|20:38] C:\Program Files\ICQ6
    [31/01/2009|22:43] C:\Program Files\ICQToolbar
    [16/03/2007|18:55] C:\Program Files\Infogrames
    [04/11/2008|13:10] C:\Program Files\InstallShield Installation Information
    [16/01/2005|20:43] C:\Program Files\InterActual
    [04/04/2007|21:14] C:\Program Files\Internet Cleaner
    [14/12/2008|00:09] C:\Program Files\Internet Explorer
    [26/11/2008|18:06] C:\Program Files\iPod
    [26/11/2008|18:07] C:\Program Files\iTunes
    [16/08/2008|22:42] C:\Program Files\Java
    [27/05/2005|17:37] C:\Program Files\JoWood
    [12/03/2005|17:51] C:\Program Files\Learn2.com
    [27/01/2008|14:51] C:\Program Files\Livre Album Fuji Photo
    [30/08/2007|17:39] C:\Program Files\LucasArts
    [05/09/2004|14:43] C:\Program Files\Maxis
    [29/09/2007|01:24] C:\Program Files\McAfee.com
    [30/09/2008|20:43] C:\Program Files\Messenger
    [18/01/2009|17:26] C:\Program Files\Messenger Plus! Live
    [07/01/2005|18:56] C:\Program Files\Microids
    [17/12/2008|22:02] C:\Program Files\Microsoft
    [04/08/2004|16:00] C:\Program Files\microsoft frontpage
    [04/11/2008|13:21] C:\Program Files\Microsoft Games
    [05/09/2004|14:43] C:\Program Files\Microsoft Office
    [21/10/2007|21:05] C:\Program Files\Microsoft SQL Server Compact Edition
    [17/12/2008|22:09] C:\Program Files\Microsoft Sync Framework
    [23/09/2007|22:58] C:\Program Files\Microsoft Works
    [30/09/2008|20:21] C:\Program Files\Movie Maker
    [13/04/2008|23:01] C:\Program Files\Mozilla Firefox
    [16/03/2007|18:56] C:\Program Files\MSN
    [04/08/2004|15:56] C:\Program Files\MSN Gaming Zone
    [22/12/2007|16:49] C:\Program Files\MSN Messenger
    [20/03/2005|13:39] C:\Program Files\MUSICMATCH
    [27/01/2007|21:41] C:\Program Files\MyWebSearch
    [22/06/2007|17:52] C:\Program Files\MyXOFT
    [30/09/2008|20:03] C:\Program Files\NetMeeting
    [23/01/2008|19:04] C:\Program Files\OpenOffice.org 2.3
    [01/10/2008|16:53] C:\Program Files\Outlook Express
    [17/08/2005|17:58] C:\Program Files\Packard Bell
    [09/09/2008|21:56] C:\Program Files\PCFriendly
    [17/05/2007|18:33] C:\Program Files\Philips ToUcam Camera
    [25/11/2007|12:26] C:\Program Files\PhotoFiltre
    [13/02/2007|21:00] C:\Program Files\Project64 v1.5
    [05/02/2005|20:44] C:\Program Files\QT
    [05/02/2005|21:13] C:\Program Files\QuickTime
    [26/11/2008|18:04] C:\Program Files\QuickTime4
    [12/03/2005|17:51] C:\Program Files\Real
    [31/05/2008|11:24] C:\Program Files\REAPER
    [27/06/2005|17:13] C:\Program Files\Rockstar Games
    [04/08/2004|15:59] C:\Program Files\Services en ligne
    [10/06/2007|21:18] C:\Program Files\Skype
    [18/04/2006|15:59] C:\Program Files\Sony
    [18/04/2006|15:59] C:\Program Files\Sony Corporation
    [10/02/2007|11:31] C:\Program Files\SoundSpectrum
    [30/08/2006|09:23] C:\Program Files\Starcraft
    [12/03/2005|17:49] C:\Program Files\TechCity Solutions
    [18/02/2005|13:55] C:\Program Files\Trellix Corporation
    [05/10/2008|21:55] C:\Program Files\TubeMaster
    [12/03/2005|20:22] C:\Program Files\Ubi Soft
    [22/07/2008|20:20] C:\Program Files\VideoLAN
    [26/02/2007|13:36] C:\Program Files\Virtools
    [20/06/2008|14:31] C:\Program Files\VirtualDJ
    [16/09/2007|13:07] C:\Program Files\Winamp
    [21/10/2007|21:05] C:\Program Files\Windows Desktop Search
    [17/12/2008|22:09] C:\Program Files\Windows Live
    [17/12/2008|22:01] C:\Program Files\Windows Live SkyDrive
    [17/12/2008|22:09] C:\Program Files\Windows Live Toolbar
    [10/02/2007|11:19] C:\Program Files\Windows Media Bonus Pack for Windows XP
    [24/01/2007|16:46] C:\Program Files\Windows Media Connect 2
    [01/10/2008|16:56] C:\Program Files\Windows Media Player
    [30/09/2008|20:03] C:\Program Files\Windows NT
    [04/08/2004|16:00] C:\Program Files\xerox
    [16/09/2007|13:07] C:\Program Files\Xfire
    [13/11/2008|21:28] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [11/11/2008|12:09] C:\Program Files\Fichiers communs\Adobe
    [05/11/2007|19:59] C:\Program Files\Fichiers communs\AOL
    [12/03/2005|17:51] C:\Program Files\Fichiers communs\aolback
    [05/11/2007|19:58] C:\Program Files\Fichiers communs\aolshare
    [26/11/2008|18:06] C:\Program Files\Fichiers communs\Apple
    [13/02/2008|11:43] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [17/08/2004|19:29] C:\Program Files\Fichiers communs\DESIGNER
    [13/02/2005|15:04] C:\Program Files\Fichiers communs\DirectX
    [18/02/2005|13:52] C:\Program Files\Fichiers communs\Hewlett-Packard
    [09/01/2005|13:07] C:\Program Files\Fichiers communs\InstallShield
    [16/08/2008|22:39] C:\Program Files\Fichiers communs\Java
    [17/12/2008|22:01] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/08/2004|15:58] C:\Program Files\Fichiers communs\MSSoap
    [30/08/2005|09:00] C:\Program Files\Fichiers communs\muvee Technologies
    [12/03/2005|17:51] C:\Program Files\Fichiers communs\Nullsoft
    [23/09/2007|01:20] C:\Program Files\Fichiers communs\ODBC
    [04/09/2008|18:27] C:\Program Files\Fichiers communs\Real
    [24/02/2007|18:54] C:\Program Files\Fichiers communs\Scanner
    [04/08/2004|15:58] C:\Program Files\Fichiers communs\Services
    [13/11/2008|19:18] C:\Program Files\Fichiers communs\Skype
    [18/04/2006|15:57] C:\Program Files\Fichiers communs\Sony Shared
    [04/08/2004|22:55] C:\Program Files\Fichiers communs\SpeechEngines
    [17/08/2008|14:04] C:\Program Files\Fichiers communs\SWF Studio
    [01/10/2008|16:53] C:\Program Files\Fichiers communs\System
    [07/01/2007|16:20] C:\Program Files\Fichiers communs\Vivendi Universal Games
    [17/12/2008|20:40] C:\Program Files\Fichiers communs\Windows Live
    [15/03/2008|12:32] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [04/09/2008|18:28] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 69 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\NICARD\Cookies\nicard@advertising[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-01 16:27:19
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 79

    --------------------\\ Recherche d'autres infections

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "kfvjfcynkf"="c:\\windows\\system32\\kfvjfcynkf.exe kfvjfcynkf"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "vqpngwzxb"="c:\\windows\\system32\\vqpngwzxb.exe vqpngwzxb"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bflnctzx"="c:\\windows\\system32\\bflnctzx.exe bflnctzx"

    C:\DOCUME~1\NICARD\APPLIC~1\MessengerSkinner
    C:\DOCUME~1\NICARD\APPLIC~1\MessengerSkinner\Userdata
    C:\WINDOWS\Pack.epk
    C:\WINDOWS\System32\nvs2.inf

    C:\WINDOWS\System32\bflnctzx.dat
    C:\WINDOWS\System32\bflnctzx_nav.dat
    C:\WINDOWS\System32\bflnctzx_navps.dat
    C:\WINDOWS\System32\kfvjfcynkf.dat
    C:\WINDOWS\System32\kfvjfcynkf_nav.dat
    C:\WINDOWS\System32\kfvjfcynkf_navps.dat
    C:\WINDOWS\System32\unbwngkj.dat
    C:\WINDOWS\System32\unbwngkj.exe
    C:\WINDOWS\System32\unbwngkj_nav.dat
    C:\WINDOWS\System32\unbwngkj_navps.dat
    C:\WINDOWS\System32\vqpngwzxb.dat
    C:\WINDOWS\System32\vqpngwzxb_nav.dat
    C:\WINDOWS\System32\vqpngwzxb_navps.dat
    ==> EGDACCESS <==



    [F:3126][D:206]-> C:\DOCUME~1\NICARD\LOCALS~1\Temp
    [F:131][D:0]-> C:\DOCUME~1\NICARD\Cookies
    [F:5422][D:9]-> C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 01/02/2009|10:55 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 01/02/2009|16:30 - Option : [2]

    --------------------\\ Fin du rapport a 16:30:30
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Février 2009 16:42:04

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe afin de lancer l'installation.
  • Si le fix ne lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.
  • Appuie sur F ou f puis valide par Entrée.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente jusqu'au message : *** Analyse terminée le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

    N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
    m
    0
    l
    1 Février 2009 17:12:39

    voici le résultat,

    Search Navipromo version 3.7.1 commencé le 01/02/2009 à 16:56:56,09

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NICARD ( Administrator )
    BOOT : Normal boot

    Antivirus : avast! antivirus 4.8.1169 [VPS 090131-0] 4.8.1169 (Activated)


    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:2 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (USB) - FAT32 - Total:7597 Mo (Free:0 Go)


    Recherche executé en mode normal

    *** Recherche Programmes installés ***


    *** Recherche dossiers dans "C:\WINDOWS" ***


    *** Recherche dossiers dans "C:\Program Files" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\NICARD\applic~1" ***

    ...\MessengerSkinner trouvé !

    *** Recherche dossiers dans "C:\DOCUME~1\HELPAS~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\NICARD\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\HELPAS~1\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\NICARD\menudm~1\progra~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\HELPAS~1\menudm~1\progra~1" ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\WINDOWS\system32" *

    Fichiers trouvés :

    unbwngkj.exe trouvé !
    unbwngkj.dat trouvé !
    unbwngkj_nav.dat trouvé !
    unbwngkj_navps.dat trouvé !

    * Recherche dans "C:\Documents and Settings\NICARD\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\HELPAS~1\locals~1\applic~1" *



    *** Recherche fichiers ***


    C:\WINDOWS\Downloaded Program Files\IaLdr32.inf trouvé !
    C:\WINDOWS\pack.epk trouvé !
    C:\WINDOWS\system32\nvs2.inf trouvé !

    *** Recherche clés spécifiques dans le Registre ***
    !! Les clés trouvées ne sont pas forcément infectées !!

    HKEY_CURRENT_USER\Software\Lanconfig

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "kfvjfcynkf"="c:\\windows\\system32\\kfvjfcynkf.exe kfvjfcynkf"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "vqpngwzxb"="c:\\windows\\system32\\vqpngwzxb.exe vqpngwzxb"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bflnctzx"="c:\\windows\\system32\\bflnctzx.exe bflnctzx"


    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\WINDOWS\system32" :

    bflnctzx.dat trouvé !
    bflnctzx_nav.dat trouvé !
    bflnctzx_navps.dat trouvé !
    kfvjfcynkf.dat trouvé !
    kfvjfcynkf_nav.dat trouvé !
    kfvjfcynkf_navps.dat trouvé !
    unbwngkj.exe trouvé !
    unbwngkj.dat trouvé !
    unbwngkj_nav.dat trouvé !
    unbwngkj_navps.dat trouvé !
    vqpngwzxb.dat trouvé !
    vqpngwzxb_nav.dat trouvé !
    vqpngwzxb_navps.dat trouvé !

    * Dans "C:\Documents and Settings\NICARD\locals~1\applic~1" :


    * Dans "C:\DOCUME~1\HELPAS~1\locals~1\applic~1" :


    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche autres dossiers et fichiers connus :



    *** Analyse terminée le 01/02/2009 à 17:17:17,73 ***
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Février 2009 17:18:20

    Ne réinstalle pas MessengerSkinner.

  • Relance Navilog1, fais l'option 2 et poste le rapport.
    m
    0
    l
    1 Février 2009 17:52:58

    J'ai encore eu le même message au démarrage et voici le rapport,

    Clean Navipromo version 3.7.1 commencé le 01/02/2009 à 17:36:23,15

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NICARD ( Administrator )
    BOOT : Normal boot

    Antivirus : avast! antivirus 4.8.1169 [VPS 090131-0] 4.8.1169 (Activated)


    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:2 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (USB) - FAT32 - Total:7597 Mo (Free:0 Go)


    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    Nettoyage exécuté au redémarrage de l'ordinateur


    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\WINDOWS\System32" *


    unbwngkj.exe trouvé !
    Copie unbwngkj.exe réalisée avec succès !
    unbwngkj.exe supprimé !

    unbwngkj.dat trouvé !
    Copie unbwngkj.dat réalisée avec succès !
    unbwngkj.dat supprimé !

    unbwngkj_nav.dat trouvé !
    Copie unbwngkj_nav.dat réalisée avec succès !
    unbwngkj_nav.dat supprimé !

    unbwngkj_navps.dat trouvé !
    Copie unbwngkj_navps.dat réalisée avec succès !
    unbwngkj_navps.dat supprimé !


    * Suppression dans "C:\Documents and Settings\NICARD\locals~1\applic~1" *



    * Suppression dans "C:\DOCUME~1\HELPAS~1\locals~1\applic~1" *



    *** Suppression dossiers dans "C:\WINDOWS" ***


    *** Suppression dossiers dans "C:\Program Files" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\NICARD\applic~1" ***

    ...\MessengerSkinner ...suppression...
    ...\MessengerSkinner supprimé !


    *** Suppression dossiers dans "C:\DOCUME~1\HELPAS~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\NICARD\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\HELPAS~1\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\NICARD\menudm~1\progra~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\HELPAS~1\menudm~1\progra~1" ***



    *** Suppression fichiers ***

    C:\WINDOWS\Downloaded Program Files\IaLdr32.inf supprimé !
    C:\WINDOWS\pack.epk supprimé !
    C:\WINDOWS\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\NICARD\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\WINDOWS\system32" *


    bflnctzx.dat trouvé !
    Copie bflnctzx.dat réalisée avec succès !
    bflnctzx.dat supprimé !

    bflnctzx_nav.dat trouvé !
    Copie bflnctzx_nav.dat réalisée avec succès !
    bflnctzx_nav.dat supprimé !

    bflnctzx_navps.dat trouvé !
    Copie bflnctzx_navps.dat réalisée avec succès !
    bflnctzx_navps.dat supprimé !

    kfvjfcynkf.dat trouvé !
    Copie kfvjfcynkf.dat réalisée avec succès !
    kfvjfcynkf.dat supprimé !

    kfvjfcynkf_nav.dat trouvé !
    Copie kfvjfcynkf_nav.dat réalisée avec succès !
    kfvjfcynkf_nav.dat supprimé !

    kfvjfcynkf_navps.dat trouvé !
    Copie kfvjfcynkf_navps.dat réalisée avec succès !
    kfvjfcynkf_navps.dat supprimé !

    vqpngwzxb.dat trouvé !
    Copie vqpngwzxb.dat réalisée avec succès !
    vqpngwzxb.dat supprimé !

    vqpngwzxb_nav.dat trouvé !
    Copie vqpngwzxb_nav.dat réalisée avec succès !
    vqpngwzxb_nav.dat supprimé !

    vqpngwzxb_navps.dat trouvé !
    Copie vqpngwzxb_navps.dat réalisée avec succès !
    vqpngwzxb_navps.dat supprimé !


    * Dans "C:\Documents and Settings\NICARD\locals~1\applic~1" *



    * Dans "C:\DOCUME~1\HELPAS~1\locals~1\applic~1" *



    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group supprimé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit supprimé !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Recherche autres dossiers et fichiers connus ***



    *** Nettoyage terminé le 01/02/2009 à 17:49:15,95 ***
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Février 2009 18:17:34

  • Désinstalle Navilog1.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    m
    0
    l
    1 Février 2009 18:51:57

    bien infecté quand mm ^^

    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1713
    Windows 5.1.2600 Service Pack 3

    01/02/2009 18:57:59
    mbam-log-2009-02-01 (18-57-58).txt

    Type de recherche: Examen rapide
    Eléments examinés: 63033
    Temps écoulé: 18 minute(s), 14 second(s)

    Processus mémoire infecté(s): 1
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 69
    Valeur(s) du Registre infectée(s): 6
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 17
    Fichier(s) infecté(s): 88

    Processus mémoire infecté(s):
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
    C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\fastrx.fastrx (Adware.EnrgyPlus) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\fastrx.fastrx.1 (Adware.EnrgyPlus) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b08f361e-e7fb-4104-aa9a-71d26f4e9df0} (Adware.EnrgyPlus) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e09962e7-a39e-4f60-8003-66d57bed27b7} (Adware.EnrgyPlus) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{37855e95-ddef-4203-b258-6b62fcd1bc70} (Adware.EnrgyPlus) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df1c8e21-4045-4d67-b528-335f1a4f0de9} (Adware.Navipromo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{201b9b37-848f-40bd-90ea-7b8f0aa89d6a} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{aa59202c-5e41-48fc-af7d-324f5fd6a9f1} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FastRX.IconRX (Adware.EnrgyPlus) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
    C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
    C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
    C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
    C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\calcsci.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Delete on reboot.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\001B217E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\001B3814.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\001B39F8.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\001B3CA8.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DB75F4 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DB78C3.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DB9777.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DB98DE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DB9A26.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DB9C39.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DB9DA1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DB9F08.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DBA0CD.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01DBA215 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01E65325.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01E654CB.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\ScreenSaver\Images\01E69C53.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\01DFF13C.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> Delete on reboot.
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Février 2009 19:39:29

    Un peu de tri ^^

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparait à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
    m
    0
    l
    1 Février 2009 20:04:04

    ça fait toujours du bien xD
    bonne lecture

    alors fichier info =>

    info.txt logfile of random's system information tool 1.05 2009-02-01 20:07:38

    ======Uninstall list======

    -->"C:\Program Files\AOL\AOL Toolbar 4.0\uninstall.exe"
    -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x40c UNINSTALL
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.42-->"C:\Program Files\7-Zip\Uninstall.exe"
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    AOL - Assistant de désinstallation-->C:\Program Files\Fichiers communs\AOL\uninstaller.exe
    AOL Auto-diagnostic-->C:\Program Files\TechCity Solutions\AOLSAV\uninstall.exe
    AOL Coach Version 1.0(Build:20040229.1 fr)-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
    Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ArcSoft Camera Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4677AAF8-8D7A-4EE2-BCE4-0068BB052353}\setup.exe" -l0x40c -uninst
    ArcSoft PhotoImpression-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\ArcSoft\ArcSoft Software\PhotoImpression\Uninst.isu"
    Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
    AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
    BHA B's Recorder GOLD BASIC 7.13-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{36D00AE6-69DE-4087-A1A9-84ADD10E5530}\Setup.exe" -l0x40c
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    B's CLiP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}\Setup.exe" -l0x40c
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"
    Empire Earth - The Art of Conquest-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49C924C-A651-4378-94F6-5D9BF44A959F}\Setup.exe" -l0x40c
    Empire Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2447500B-22D7-47BD-9B13-1A927F43A267}\Setup.exe" -l0x40c
    FRIENDS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F603DDA-5D2E-437B-822A-30799A293899}\s.exe" -l0x40c -removeonly
    FX-INTERFACE PROFESSIONAL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD869122-24E1-11D4-A99B-204C4F4F5020}\setup.exe" -norepairmode
    Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
    GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
    G-Force-->C:\Program Files\SoundSpectrum\G-Force\Uninstall.exe
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
    GUILD WARS-->"C:\Program Files\GUILD WARS\Gw.exe" -uninstall
    HijackThis 2.0.2-->"C:\Documents and Settings\NICARD\Local Settings\Temporary Internet Files\Content.IE5\6261DUAR\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Precisionscan Pro 3.1-->MsiExec.exe /I{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}
    HP Share-to-Web-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\setup.exe" --MAIN -l1036
    ICQ Toolbar-->regsvr32 /u /s "C:\PROGRA~1\ICQTOO~1\toolbaru.dll"
    ICQ6-->C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe -runfromtemp -l0x0009 -removeonly
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
    iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
    J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
    Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
    Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
    Macromedia Flash Player-->MsiExec.exe /X{4ecaf021-478c-40c1-b777-3368a15f9966}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Standard Edition 2003-->MsiExec.exe /I{9112040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Search Enhancement Pack-->MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
    Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
    Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
    Mozilla Firefox (2.0)-->C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
    MS Access 97 SP2-->C:\Program Files\Microsoft Office\setup\setup.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    Multimedia Launcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
    Need for Speed™ Most Wanted-->C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
    net2plug Wizard-->C:\WINDOWS\plcunins.exe
    NVIDIA Display Driver-->C:\WINDOWS\System32\nvudisp.exe Uninstall C:\WINDOWS\System32\nvdisp.nvu,NVIDIA Display Driver
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA nForce Drivers-->C:\WINDOWS\System32\nvuninst.exe Uninstall C:\WINDOWS\System32\NVU001.nvu,NVIDIA nForce Drivers
    OpenMG Limited Patch 4.0-04-11-01-01-->C:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.0-04-11-01-01\HotFixSetup\setup.exe /u
    OpenMG Secure Module 4.0.05-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{BB92E35A-F5B8-4D59-90F3-CF863871BCF3} /l1033 UNINSTALL
    OpenOffice.org 2.3-->MsiExec.exe /I{331DFBF7-734D-4545-8A9D-48CB5D73AF07}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Packard Bell net2plug Assistant de configuration-->C:\Program Files\Packard Bell\setup.exe /remove:D lanconf
    Packard Bell net2plug Informer-->C:\Program Files\Packard Bell\setup.exe /remove:D slmon
    PCFriendly-->C:\Program Files\PCFriendly\inuninst.exe
    Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,DefaultUninstall
    Philips Key Ring Audio Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82A468C-E6DB-4B54-A061-60130F532F30}\Setup.exe" -l0x40c
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    Picture Package-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x40c UNINSTALL
    Pilote du DVD-RAM-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\Setup.exe" DVD-RAM Driver
    Planestate-->C:\PROGRA~1\PLANES~1\UNWISE.EXE C:\PROGRA~1\PLANES~1\INSTALL.LOG
    Plus! MP3 Audio Converter LE-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\audcle.inf,DefaultUninstall
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
    PowerPuffs Screen Saver-->C:\WINDOWS\NCUNINST.EXe RMSCR PowerPuffs
    QuickTime for Windows (32-bit)-->C:\WINDOWS\QTW32DEL.EXE
    QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    REAPER-->"C:\Program Files\REAPER\Uninstall.exe"
    Restaurant Empire-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99A51EBF-47E0-11D7-B796-0050BFE4DB80}\setup.exe" -l0x40c -uninst
    screensaver-800x600-->C:\WINDOWS\screensaver-800x600.scr /u
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    SonicStage 2.3.00-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}\setup.exe" -l0x40c UNINSTALL
    Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
    Star Wars Battlefront II-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x40c -removeonly
    Star Wars Battlefront-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C79CB9C7-10A4-4814-8402-F574672C2192}\Setup.exe" -l0x40c
    Star Wars Galactic Battlegrounds: Clone Campaigns-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0314ED3D-26A7-4F62-86A2-6B23353445E8}\Setup.exe"
    Star Wars Galactic Battlegrounds-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A202BDBA-753F-41B9-B649-CFB0B45FC03E}\Setup.exe"
    Star Wars JK II Jedi Outcast-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}\Setup.exe" -l0x40c
    Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}\setup.exe" -l0x40c -removeonly
    Todae - Live Media-->C:\Program Files\Windows Media Player\Plugins\Todae\RMP\uninstall_fr.exe
    Trellix Web Express Site Building-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D666E437-158C-43D0-AC69-F67F6C5EC2B8}\Setup.exe" UNINSTALL
    TubeMaster-->"C:\Program Files\TubeMaster\uninstall.exe"
    VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
    Windows Desktop Search 3.01-->"C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe"
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
    Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
    Windows Live Toolbar-->MsiExec.exe /X{915809D6-1F93-45F2-9699-5F1DA64DC24B}
    Windows Media Bonus Pack for Windows XP-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmbonus.inf,DefaultUninstall
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Media Player Playlist Import to Excel Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mpxlswiz.inf,DefaultUninstall
    Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wa2wmp.inf,DefaultUninstall
    Windows Media Player Tray Control-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mpxptray.inf,DefaultUninstall
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
    Yahoo! Anti-Spy-->C:\PROGRA~1\Yahoo!\Common\unypsr.exe
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

    ======Security center information======

    AV: AVG 7.5.552
    AV: avast! antivirus 4.8.1169 [VPS 090201-0]

    System event log

    Computer Name: NICARD
    Event Code: 7036
    Message: Le service avast! Mail Scanner est entré dans l'état : en cours d'exécution.

    Record Number: 22765
    Source Name: Service Control Manager
    Time Written: 20081205195139.000000+060
    Event Type: Informations
    User:

    Computer Name: NICARD
    Event Code: 7036
    Message: Le service Windows Installer est entré dans l'état : en cours d'exécution.

    Record Number: 22764
    Source Name: Service Control Manager
    Time Written: 20081205194545.000000+060
    Event Type: Informations
    User:

    Computer Name: NICARD
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer.

    Record Number: 22763
    Source Name: Service Control Manager
    Time Written: 20081205194545.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: NICARD
    Event Code: 7036
    Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution.

    Record Number: 22762
    Source Name: Service Control Manager
    Time Written: 20081205194143.000000+060
    Event Type: Informations
    User:

    Computer Name: NICARD
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL.

    Record Number: 22761
    Source Name: Service Control Manager
    Time Written: 20081205194130.000000+060
    Event Type: Informations
    User: AUTORITE NT\SERVICE LOCAL

    Application event log

    Computer Name: DOMICILE
    Event Code: 101
    Message: MsnMsgr (2752) Le moteur de base de données est arrêté.

    Record Number: 2669
    Source Name: ESENT
    Time Written: 20081011003432.000000+120
    Event Type: Informations
    User:

    Computer Name: DOMICILE
    Event Code: 103
    Message: MsnMsgr (2752) \\.\C:\Documents and Settings\NICARD\Local Settings\Application Data\Microsoft\Messenger\henry.quentinou@hotmail.fr\SharingMetadata\Working\database_5C6C_48A5_6C48_7C30\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 2668
    Source Name: ESENT
    Time Written: 20081011003432.000000+120
    Event Type: Informations
    User:

    Computer Name: DOMICILE
    Event Code: 101
    Message: wlmail (3932) Le moteur de base de données est arrêté.

    Record Number: 2667
    Source Name: ESENT
    Time Written: 20081010231743.000000+120
    Event Type: Informations
    User:

    Computer Name: DOMICILE
    Event Code: 103
    Message: wlmail (3932) WindowsLiveMail0: Le moteur de base de données a arrêté une instance (0).

    Record Number: 2666
    Source Name: ESENT
    Time Written: 20081010231743.000000+120
    Event Type: Informations
    User:

    Computer Name: DOMICILE
    Event Code: 213
    Message: wlmail (3932) WindowsLiveMail0: La procédure de sauvegarde est terminée.

    Record Number: 2665
    Source Name: ESENT
    Time Written: 20081010195852.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime4\QTSystem\
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
    "PROCESSOR_REVISION"=0a00
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO
    "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.5.0\lib\ext\QTJava.zip

    -----------------EOF-----------------


    et le fichier log =>

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by NICARD at 2009-02-01 20:06:54
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 7 GB (10%) free of 79 GB
    Total RAM: 511 MB (21% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:07:15, on 01/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\DVDRAMSV.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\net2plug\Wait4Ip.exe
    C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    C:\Program Files\QuickTime4\QTTask.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
    C:\Program Files\Philips ToUcam Camera\VProperty.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Fichiers communs\AOL\1168789452\ee\aolsoftware.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
    c:\program files\fichiers communs\aol\1168789452\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\Program Files\AOL 9.0 VR\waol.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\AOL 9.0 VR\shellmon.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Documents and Settings\NICARD\Bureau\RSIT.exe
    C:\Program Files\trend micro\NICARD.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [Ins3DT] D:\INSTALL4\INS3DT.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [Wait4Ip] C:\net2plug\Wait4Ip
    O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime4\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168789452\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
    O4 - HKLM\..\Run: [kpx] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\fastRX.dll DllInitApp
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [Ace coal] C:\DOCUME~1\NICARD\APPLIC~1\TITLEG~1\boldadminplus.exe
    O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\RunOnce: [DelayShred] "C:\Program Files\McAfee\McAfee Shared Components\Shredder 5\SHRED32.EXE" /q C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\TFOH9D6M\MYMSN_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\JACKPO~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\01X3RULD\OGAME_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\18X5CA~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\FKCASJRS\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5ERKXH1A\IEFIRS~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\O9GXVYVV\METEOV~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\339QWFEU\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\ADS_7_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\TAG_AN~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\SAVE_3~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\ADS_10~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\U4
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoD...
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 16005 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-09-04 308856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    AOL Toolbar Launcher - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll [2007-02-09 970752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]
    {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll [2007-02-09 970752]
    {855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Ins3DT"=D:\INSTALL4\INS3DT.EXE []
    "RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
    "B'sCLiP"=C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe [2004-01-08 1392640]
    "Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2001-07-03 57344]
    "Wait4Ip"=C:\net2plug\Wait4Ip []
    "AOLSAV"=C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe [2004-03-15 73728]
    "AOLDialer"=C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe [2007-06-21 70952]
    "QuickTime Task"=C:\Program Files\QuickTime4\QTTask.exe [2008-11-04 413696]
    "ezShieldProtector for Px"=C:\WINDOWS\System32\ezSP_Px.exe [2002-08-20 40960]
    "MPFTray"=C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe []
    "HostManager"=C:\Program Files\Fichiers communs\AOL\1168789452\ee\AOLSoftware.exe [2006-11-17 50736]
    "ToUcamVProperty"=C:\Program Files\Philips ToUcam Camera\VProperty.exe [2002-06-28 118784]
    "kpx"=C:\WINDOWS\system32\fastRX.dll DllInitApp []
    "AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2008-10-18 590848]
    "nwiz"=nwiz.exe /install []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-03-29 79224]
    "MISAggregator"= []
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-11-12 8523776]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-11-12 81920]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0\bin\jusched.exe [2008-08-16 36972]
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-09-04 185896]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-01-14 399504]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-01-14 1273488]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "PowerBar"= []
    "Ace coal"=C:\DOCUME~1\NICARD\APPLIC~1\TITLEG~1\boldadminplus.exe []
    "Windows Registry Repair Pro"=C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4 []
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-12-02 3882312]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "DelayShred"=C:\Program Files\McAfee\McAfee Shared Components\Shredder 5\SHRED32.EXE /q C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\TFOH9D6M\MYMSN_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\JACKPO~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\01X3RULD\OGAME_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\18X5CA~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\FKCASJRS\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5ERKXH1A\IEFIRS~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\O9GXVYVV\METEOV~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\339QWFEU\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\ADS_7_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\TAG_AN~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\SAVE_3~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\ADS_10~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\U4XGCA~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\TA1VCA~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\BOOTST~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\TCVNFY0Y\METEOV~1.SH! []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\AOL 9.0a\waol.exe"="C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL9~1.0A"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe"="C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
    "C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\Program Files\AOL 9.0a\aol.exe"="C:\Program Files\AOL 9.0a\aol.exe:*:Enabled:AOL 9.0"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe"="C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:D isabled:EE-AOC"
    "C:\Program Files\AOL 9.0b\waol.exe"="C:\Program Files\AOL 9.0b\waol.exe:*:Enabled:AOL"
    "C:\Program Files\AOL 9.0c\waol.exe"="C:\Program Files\AOL 9.0c\waol.exe:*:Enabled:AOL"
    "C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
    "C:\Program Files\AOL 9.0d\waol.exe"="C:\Program Files\AOL 9.0d\waol.exe:*:Enabled:AOL"
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL Autoconnect"
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:module de connexion AOL"
    "C:\Program Files\Fichiers communs\AOL\1168789452\ee\aolsoftware.exe"="C:\Program Files\Fichiers communs\AOL\1168789452\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
    "C:\Program Files\eChanblard\emule.exe"="C:\Program Files\eChanblard\emule.exe:*:Enabled:eChanblard"
    "C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
    "C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
    "C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
    "C:\Program Files\Grisoft\AVG7\avgemc.exe"="C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe"
    "C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe"="C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
    "C:\Program Files\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe"="C:\Program Files\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
    "C:\Program Files\Metin2_France\metin2.bin"="C:\Program Files\Metin2_France\metin2.bin:*:Enabled:metin2"
    "C:\Program Files\AOL 9.0 VR\waol.exe"="C:\Program Files\AOL 9.0 VR\waol.exe:*:Enabled:AOL"
    "C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
    "C:\Program Files\Fichiers communs\AOL\System Information\sinf.exe"="C:\Program Files\Fichiers communs\AOL\System Information\sinf.exe:*:Enabled:AOL System Information"
    "C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe"="C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe:*:Enabled:speed"
    "C:\Program Files\Electronic Arts\Need for Speed ProStreet\nfs.exe"="C:\Program Files\Electronic Arts\Need for Speed ProStreet\nfs.exe:*:Enabled:nfs"
    "C:\Documents and Settings\NICARD\metin2.bin"="C:\Documents and Settings\NICARD\metin2.bin:*:Enabled:metin2"
    "C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
    "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\AOL 9.0b\waol.exe"="C:\Program Files\AOL 9.0b\waol.exe:*:Enabled:AOL"
    "C:\Program Files\AOL 9.0c\waol.exe"="C:\Program Files\AOL 9.0c\waol.exe:*:Enabled:AOL"
    "C:\Program Files\AOL 9.0d\waol.exe"="C:\Program Files\AOL 9.0d\waol.exe:*:Enabled:AOL"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16639694-1094-11dd-990b-00038a000015}]
    shell\AutoRun\command - F:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19677d30-f0ae-11db-bef4-00038a000015}]
    shell\AutoRun\command - F:\StartPortableApps.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{927ef26c-e662-11d8-b227-806d6172696f}]
    shell\AutoRun\command - E:\BIN\WIN32\START.EXE


    ======List of files/folders created in the last 1 months======

    2009-02-01 20:06:58 ----D---- C:\Program Files\trend micro
    2009-02-01 20:06:54 ----D---- C:\rsit
    2009-02-01 18:58:20 ----A---- C:\Program Files\vqdewj.txt
    2009-02-01 18:36:39 ----D---- C:\Documents and Settings\NICARD\Application Data\Malwarebytes
    2009-02-01 18:36:27 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-02-01 18:36:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-02-01 17:36:23 ----A---- C:\cleannavi.txt
    2009-02-01 16:56:56 ----A---- C:\fixnavi.txt
    2009-02-01 16:55:30 ----D---- C:\Program Files\Navilog1
    2009-02-01 10:43:37 ----A---- C:\lopR.txt
    2009-02-01 10:42:50 ----D---- C:\Lop SD
    2009-01-14 23:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$

    ======List of files/folders modified in the last 1 months======

    2009-02-01 20:06:58 ----RD---- C:\Program Files
    2009-02-01 20:06:53 ----D---- C:\WINDOWS\Prefetch
    2009-02-01 20:04:53 ----D---- C:\Program Files\Mozilla Firefox
    2009-02-01 20:01:50 ----A---- C:\WINDOWS\win.ini
    2009-02-01 19:12:25 ----D---- C:\WINDOWS\Temp
    2009-02-01 18:58:20 ----D---- C:\WINDOWS\system32\drivers
    2009-02-01 18:57:57 ----D---- C:\Program Files\MyWebSearch
    2009-02-01 18:57:53 ----D---- C:\WINDOWS\system32
    2009-02-01 17:53:21 ----HD---- C:\WINDOWS\inf
    2009-02-01 17:53:02 ----D---- C:\Documents and Settings\NICARD\Application Data\Skype
    2009-02-01 17:46:06 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-02-01 17:46:06 ----D---- C:\WINDOWS
    2009-02-01 17:45:56 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-02-01 17:43:47 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-02-01 16:02:54 ----D---- C:\Documents and Settings\NICARD\Application Data\skypePM
    2009-02-01 09:50:27 ----D---- C:\Documents and Settings\NICARD\Application Data\AVG7
    2009-01-31 22:43:36 ----D---- C:\Program Files\ICQToolbar
    2009-01-29 19:47:26 ----D---- C:\Documents and Settings\NICARD\Application Data\Apple Computer
    2009-01-18 17:26:59 ----D---- C:\Program Files\Messenger Plus! Live
    2009-01-14 23:46:08 ----SHD---- C:\WINDOWS\Installer
    2009-01-14 23:46:08 ----HD---- C:\Config.Msi
    2009-01-14 23:45:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-01-14 23:44:39 ----HD---- C:\WINDOWS\$hf_mig$
    2009-01-13 22:00:43 ----D---- C:\WINDOWS\system32\Adobe
    2009-01-13 21:04:39 ----D---- C:\Documents and Settings\NICARD\Application Data\dvdcss
    2009-01-11 16:02:50 ----D---- C:\Documents and Settings\NICARD\Application Data\Adobe
    2009-01-11 16:02:48 ----D---- C:\Documents and Settings\NICARD\Application Data\Macromedia
    2009-01-11 16:02:46 ----D---- C:\WINDOWS\system32\Macromed
    2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-01-06 21:23:34 ----D---- C:\Program Files\eChanblard

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-03-29 26944]
    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 75856]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-03-29 42912]
    R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2007-10-23 821856]
    R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2007-09-16 4224]
    R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2007-09-16 27776]
    R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2007-12-21 10760]
    R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
    R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
    R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-06-20 225856]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-03-29 94544]
    R2 AvgTdi;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdi.sys [2007-09-16 4960]
    R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver; C:\WINDOWS\system32\plcndis5.sys [2003-03-13 17018]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-03-29 23152]
    R3 ATWPKT2;ATWPKT2; \??\C:\WINDOWS\system32\drivers\ATWPKT2.SYS []
    R3 camvid20;Philips ToUcam Camera; Video; C:\WINDOWS\System32\DRIVERS\camdrv21.sys [2001-08-17 223232]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-11-12 7433504]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-10-24 38784]
    R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-11-27 80896]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-10-24 311936]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-01-31 10368]
    R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]
    R4 BsUDF;B.H.A UDF Filesystem; C:\WINDOWS\system32\drivers\BsUDF.sys [2004-01-08 394496]
    S3 A_USBETHMP;USB PowerPacket Network Adapter; C:\WINDOWS\System32\Drivers\usbethmp.sys [2003-07-14 14342]
    S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
    S3 Bridge;Pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 catchme;catchme; \??\C:\DOCUME~1\NICARD\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCANDIS5.SYS []
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter.sys [2006-11-20 34176]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=D
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Février 2009 23:40:07

    Citation :
    ICQ Toolbar-->regsvr32 /u /s "C:\PROGRA~1\ICQTOO~1\toolbaru.dll"

    ---> Si tu ne t'en sers pas, désinstalle-la.

    Tu as deux antivirus, tu dois en désinstaller un.

  • Cherche ce fichier : C:\Program Files\trend micro\NICARD.exe
  • Double-clique sur ce fichier.
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O4 - HKLM\..\Run: [Ins3DT] D:\INSTALL4\INS3DT.EXE

    O4 - HKLM\..\Run: [Wait4Ip] C:\net2plug\Wait4Ip

    O4 - HKLM\..\Run: [kpx] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\fastRX.dll DllInitApp

    O4 - HKCU\..\RunOnce: [DelayShred] "C:\Program Files\McAfee\McAfee Shared Components\Shredder 5\SHRED32.EXE" /q C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\TFOH9D6M\MYMSN_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\JACKPO~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\01X3RULD\OGAME_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\18X5CA~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\FKCASJRS\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5ERKXH1A\IEFIRS~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\O9GXVYVV\METEOV~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\339QWFEU\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\ADS_7_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\TAG_AN~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\SAVE_3~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\ADS_10~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\U4

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.
    m
    0
    l
    7 Février 2009 19:10:39

    Citation :
    Cherche ce fichier : C:\Program Files\trend micro\NICARD.exe


    Je n'ai pas ce fichier :s
    Que faire ?
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    7 Février 2009 19:16:09

    Ça correspond à lancer HijackThis.
    m
    0
    l
    7 Février 2009 19:57:19

    Et après cette opération, que dois-je faire ?
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    8 Février 2009 01:32:01

    On reprend :

  • Lance HijackThis.
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O4 - HKLM\..\Run: [Ins3DT] D:\INSTALL4\INS3DT.EXE

    O4 - HKLM\..\Run: [Wait4Ip] C:\net2plug\Wait4Ip

    O4 - HKLM\..\Run: [kpx] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\fastRX.dll DllInitApp

    O4 - HKCU\..\RunOnce: [DelayShred] "C:\Program Files\McAfee\McAfee Shared Components\Shredder 5\SHRED32.EXE" /q C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\TFOH9D6M\MYMSN_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\JACKPO~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\01X3RULD\OGAME_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5DLF8I2Y\18X5CA~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\FKCASJRS\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\5ERKXH1A\IEFIRS~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\O9GXVYVV\METEOV~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\339QWFEU\RUNONC~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\ADS_7_~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\TAG_AN~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\SAVE_3~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\WTJEZ8PH\ADS_10~1.SH! C:\DOCUME~1\NICARD\LOCALS~1\TEMPOR~1\Content.IE5\I1OK2SKA\U4

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.
    m
    0
    l
    8 Février 2009 13:00:43

    c'est fait
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    8 Février 2009 16:34:09

  • Télécharge DirLook sur ton Bureau.
  • Double-clique sur DirLook.exe pour lance l'outil.
  • Vérifie que les deux cases situées derrière "Show hidden files/folders:" et "BBCode Output:" soient cochées.
  • Copie le texte ci-dessous :

    C:\DOCUME~1\NICARD\APPLIC~1\TitleGridBind
    C:\DOCUME~1\LOCALS~1\APPLIC~1\TitleGridBind


  • Dans la petite fenêtre de DirLook, faire un clic droit dans la zone blanche et choisir Coller.
    Note : les lignes sélectionnées précédemment doivent avoir été recopiées dans la zone blanche de DirLook.

  • Clique sur le bouton DirLook pour lancer la recherche. Lorsque l'outil a terminé cette recherche, le Bloc-notes s'ouvre.
    Note : Dans le Bloc-notes, vérifie dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.

  • Enregistre le rapport sous le nom DirLook1.txt et ferme le Bloc-notes.
  • Ferme DirLook en cliquant sur le bouton Exit puis poste le rapport.
    m
    0
    l
    8 Février 2009 16:44:37

    DirLook.exe v2.0 by jpshortstuff
    Log created at 16:52 on 08/02/2009
    ==================================
    Contents of "C:\DOCUME~1\NICARD\APPLIC~1\TitleGridBind"

    ---FOLDERS---

    (none found)

    ---FILES---

    (none found)

    ==================================
    Contents of "C:\DOCUME~1\LOCALS~1\APPLIC~1\TitleGridBind"

    ---FOLDERS---

    (none found)

    ---FILES---

    (none found)

    ==================================
    =EOF=
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    8 Février 2009 16:53:39

    Citation :
    C:\Program Files\vqdewj.txt

    ---> Si tu ne connais pas ce fichier, supprime-le.


  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\DOCUME~1\NICARD\APPLIC~1\TitleGridBind
    C:\DOCUME~1\LOCALS~1\APPLIC~1\TitleGridBind
    C:\Program Files\MyWebSearch

    :reg
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "PowerBar"=-
    "Ace coal"=-
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{927ef26c-e662-11d8-b227-806d6172696f}]

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    ---> Poste un nouveau rapport HijackThis.
    m
    0
    l
    8 Février 2009 18:23:37

    rapport de OTMoveIt :
    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    C:\DOCUME~1\NICARD\APPLIC~1\TitleGridBind moved successfully.
    C:\DOCUME~1\LOCALS~1\APPLIC~1\TitleGridBind moved successfully.
    File/Folder C:\Program Files\MyWebSearch not found.
    ========== REGISTRY ==========
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PowerBar deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Ace coal deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{927ef26c-e662-11d8-b227-806d6172696f}\\ deleted successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\2FneVVvHrcjPJY1NEcLhmM4FcvHI= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\FG0xQN6EjD3vTnIod65j7rehuTo= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\GErfWlPq24Fu7XD5JUl9cHy1m5Q= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\laaN35wSfXyPE67fd6lxqh4Yo2E= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\oAgSp+1MyD4m+BUrg5lIaEmdVaI= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\ogfP6iSu83uZw+cRaqCXon7PoSU= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\Ow7JNUGCqFXx6LPMzov6Fqmc4WY= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\p1h2Fu8CoO1CKp8RwGNhOSjGXHXA= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\Pf8KsSaBXDhN9qQh0IRyUamAo04= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\Qw0yNRbx6Rr3pTe5OFEBtn47rc4= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\rpMPAgL9VCquQ2Fp0OJfGy2F1IGtI= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\sUbGxwM9t+UasGu7JATQ3Rjnoyg= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\tVb95KRA2FxJ3w97JrHl9rH5zEec= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\TWl4ylb6ag8TIup4PKvd7ujeX5Y= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\WwgzW2a3ikAh12FAZMQcEygUo1yk= scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\A9R4AE2.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\Perflib_Perfdata_67c.dat scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF4675.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF46D4.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF5097.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF50B3.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF558C.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF55E1.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF5F71.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF61A2.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF68BB.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF68EE.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF6A88.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF7E44.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF7FC1.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF8177.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF81AB.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF872E.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF876C.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF8987.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF89F5.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF911D.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF91B0.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_640.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02082009_172724

    Files moved on Reboot...
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\2FneVVvHrcjPJY1NEcLhmM4FcvHI= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\FG0xQN6EjD3vTnIod65j7rehuTo= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\GErfWlPq24Fu7XD5JUl9cHy1m5Q= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\laaN35wSfXyPE67fd6lxqh4Yo2E= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\oAgSp+1MyD4m+BUrg5lIaEmdVaI= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\ogfP6iSu83uZw+cRaqCXon7PoSU= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\Ow7JNUGCqFXx6LPMzov6Fqmc4WY= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\p1h2Fu8CoO1CKp8RwGNhOSjGXHXA= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\Pf8KsSaBXDhN9qQh0IRyUamAo04= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\Qw0yNRbx6Rr3pTe5OFEBtn47rc4= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\rpMPAgL9VCquQ2Fp0OJfGy2F1IGtI= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\sUbGxwM9t+UasGu7JATQ3Rjnoyg= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\tVb95KRA2FxJ3w97JrHl9rH5zEec= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\TWl4ylb6ag8TIup4PKvd7ujeX5Y= moved successfully.
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\MessengerCache\WwgzW2a3ikAh12FAZMQcEygUo1yk= moved successfully.
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\A9R4AE2.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\Perflib_Perfdata_67c.dat not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF4675.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF46D4.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF5097.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF50B3.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF558C.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF55E1.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF5F71.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF61A2.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF68BB.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF68EE.tmp not found!
    C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF6A88.tmp moved successfully.
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF7E44.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF7FC1.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF8177.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF81AB.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF872E.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF876C.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF8987.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF89F5.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF911D.tmp not found!
    File C:\DOCUME~1\NICARD\LOCALS~1\Temp\~DF91B0.tmp not found!
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    C:\WINDOWS\temp\Perflib_Perfdata_640.dat moved successfully.

    rapport de HijackThis :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:31:04, on 08/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\DVDRAMSV.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\notepad.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    C:\Program Files\QuickTime4\QTTask.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\AOL\1168789452\ee\AOLSoftware.exe
    C:\Program Files\Philips ToUcam Camera\VProperty.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    c:\program files\fichiers communs\aol\1168789452\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\Documents and Settings\NICARD\Local Settings\Temporary Internet Files\Content.IE5\S848YP14\HiJackThis[1].exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime4\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168789452\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoD...
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 14304 bytes
    m
    0
    l
    8 Février 2009 18:28:10

    et as-tu un antivirus à me conseiller ?
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    8 Février 2009 18:42:15

    1/

    ---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
    (Sur le site, il faut cliquer sur Download Windows Binary (.zip file))
  • Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
  • Double-clique sur le répertoire JavaRa.
  • Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
  • Choisis Français puis clique sur Select.
  • Clique sur Recherche de mises à jour.
  • Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
  • Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
  • L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
  • Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
  • Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
  • Ferme l'application.

    Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.


    2/

  • Désinstalle AVG et Avast.

  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.
    m
    0
    l
    8 Février 2009 20:35:57

    1/

    JavaRa 1.13 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Sun Feb 08 20:43:24 2009

    Found and removed: C:\Program Files\Java\jre1.5.0

    Found and removed: Software\JavaSoft\Java2D\1.5.0

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510000

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510000

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510000

    Found and removed: SOFTWARE\Classes\JavaPlugin.150

    Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510000

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510000

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150000}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0\

    ------------------------------------

    Finished reporting.



    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    10 Février 2009 20:16:31

    Tu peux supprimer JavaRa et faire le scan avec Antivir.
    m
    0
    l
    10 Février 2009 20:20:40



    Avira AntiVir Personal
    Date de création du fichier de rapport : mardi 10 février 2009 18:18

    La recherche porte sur 1327408 souches de virus.

    Détenteur de la licence :Avira AntiVir PersonalEdition Classic
    Numéro de série : 0000149996-ADJIE-0001
    Plateforme : Windows XP
    Version de Windows :( Service Pack 3) [5.1.2600]
    Mode Boot : Démarré normalement
    Identifiant : SYSTEM
    Nom de l'ordinateur :NICARD

    Informations de version :
    BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00
    AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00
    AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
    LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
    ANTIVIR1.VDF : 7.1.1.113 2817536 Bytes 14/01/2009 20:27:12
    ANTIVIR2.VDF : 7.1.1.240 1659904 Bytes 07/02/2009 20:27:55
    ANTIVIR3.VDF : 7.1.1.249 54272 Bytes 09/02/2009 20:25:32
    Version du moteur: 8.2.0.76
    AEVDF.DLL : 8.1.1.0 106868 Bytes 08/02/2009 20:28:35
    AESCRIPT.DLL : 8.1.1.43 344442 Bytes 08/02/2009 20:28:33
    AESCN.DLL : 8.1.1.6 127348 Bytes 08/02/2009 20:28:30
    AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
    AEPACK.DLL : 8.1.3.8 397684 Bytes 08/02/2009 20:28:28
    AEOFFICE.DLL : 8.1.0.33 196987 Bytes 08/02/2009 20:28:22
    AEHEUR.DLL : 8.1.0.90 1573237 Bytes 08/02/2009 20:28:20
    AEHELP.DLL : 8.1.2.0 119159 Bytes 08/02/2009 20:28:06
    AEGEN.DLL : 8.1.1.14 332148 Bytes 08/02/2009 20:28:04
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
    AECORE.DLL : 8.1.6.4 176501 Bytes 08/02/2009 20:28:00
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
    AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16
    RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43

    Configuration pour la recherche actuelle :
    Nom de la tâche..................: Contrôle intégral du système
    Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Documentation....................: bas
    Action principale................: interactif
    Action secondaire................: ignorer
    Recherche sur les secteurs d'amorçage maître: marche
    Recherche sur les secteurs d'amorçage: marche
    Secteurs d'amorçage..............: C:,
    Recherche dans les programmes actifs: marche
    Recherche en cours sur l'enregistrement: marche
    Recherche de Rootkits............: marche
    Fichier mode de recherche........: Sélection de fichiers intelligente
    Recherche sur les archives.......: marche
    Limiter la profondeur de récursivité: 20
    Archive Smart Extensions.........: marche
    Heuristique de macrovirus........: marche
    Heuristique fichier..............: moyen

    Début de la recherche : mardi 10 février 2009 18:18

    La recherche d'objets cachés commence.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Aavmker4\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswFsBlk\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswFsBlk\instances
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswFsBlk\Instances\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswFsBlk\Instances\aswfsblk instance
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswMon2\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswMon2\parameters
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswSP\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswSP\parameters
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswTdi\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswTdi\parameters
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Aavmker4\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswFsBlk\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswFsBlk\instances
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswFsBlk\Instances\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswFsBlk\Instances\aswfsblk instance
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswMon2\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswMon2\parameters
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswSP\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswSP\parameters
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswTdi\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
    [INFO] L'entrée d'enregistrement n'est pas visible.
    HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswTdi\parameters
    [INFO] L'entrée d'enregistrement n'est pas visible.
    '88114' objets ont été contrôlés, '22' objets cachés ont été trouvés.

    La recherche sur les processus démarrés commence :
    Processus de recherche 'wltuser.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AolTbServer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'searchprotocolhost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'searchfilterhost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'searchprotocolhost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wlmail.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wlcomm.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AOLSP Scheduler.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'WindowsSearch.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'RAMASST.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Residence.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'searchindexer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SonyTray.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wanmpsvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'DVDRAMSV.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'VProperty.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'aolsoftware.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ezSP_Px.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'QTTask.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'hpgs2wnf.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AOLAgent.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'hpgs2wnd.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AOLacsd.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'BsCLiP.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'PDVDServ.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
    '59' processus ont été contrôlés avec '59' modules

    La recherche sur les secteurs d'amorçage maître commence :
    Secteur d'amorçage maître HD0
    [INFO] Aucun virus trouvé !

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence.
    Le registre a été contrôlé ( '77' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\'
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306575.exe
    [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca0c.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306627.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca14.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306628.DLL
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca18.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306629.DLL
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca1b.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306630.DLL
    [RESULTAT] Contient le cheval de Troie TR/Killav.28714
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca1f.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306631.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca22.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306632.scr
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca29.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306633.exe
    [RESULTAT] Contient le cheval de Troie TR/Drop.Agent.BJY
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca2c.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306634.DLL
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca30.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306635.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca33.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306636.DLL
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca37.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306637.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca3b.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306638.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89cc.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306639.DLL
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca3c.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306640.SCR
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89cd.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306641.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca3e.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306642.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89cf.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306643.EXE
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca3d.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306644.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89ce.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306645.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca3f.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306647.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca20.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306648.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89d1.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306649.EXE
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89d3.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306651.DLL
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca24.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306653.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89b0.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306654.EXE
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca41.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306655.EXE
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89b2.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306656.DLL
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca43.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306657.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca40.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306690.EXE
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89b4.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306691.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca45.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306692.DLL
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb89b6.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP726\A0306693.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca47.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP733\A0307244.exe
    [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca5f.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP733\A0307245.exe
    [0] Type d'archive: NSIS
    --> ProgramFilesDir/[SystemDir]/calcsci.exe
    [RESULTAT] Contient le cheval de Troie TR/Drop.Agent.BJY
    --> ProgramFilesDir/[SystemDir]/calcsci.exe
    [1] Type d'archive: NSIS
    --> [SystemDir]/[SystemDir]/fastRX.dll
    [RESULTAT] Contient le cheval de Troie TR/Agent.BJY.1.B
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb8990.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP733\A0307246.exe
    [0] Type d'archive: NSIS
    --> [SystemDir]/[SystemDir]/fastRX.dll
    [RESULTAT] Contient le cheval de Troie TR/Agent.BJY.1.B
    [RESULTAT] Contient le cheval de Troie TR/Drop.Agent.BJY
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca61.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP733\A0307247.exe
    [0] Type d'archive: NSIS
    --> ProgramFilesDir/[SystemDir]/calcsci.exe
    [RESULTAT] Contient le cheval de Troie TR/Drop.Agent.BJY
    --> ProgramFilesDir/[SystemDir]/calcsci.exe
    [1] Type d'archive: NSIS
    --> [SystemDir]/[SystemDir]/fastRX.dll
    [RESULTAT] Contient le cheval de Troie TR/Agent.BJY.1.B
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca60.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP733\A0307248.exe
    [0] Type d'archive: NSIS
    --> [SystemDir]/[SystemDir]/fastRX.dll
    [RESULTAT] Contient le cheval de Troie TR/Agent.BJY.1.B
    [RESULTAT] Contient le cheval de Troie TR/Drop.Agent.BJY
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4adb8991.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\System Volume Information\_restore{1CE8B2EE-53B9-4DF3-809B-47DBFA4529DC}\RP733\A0307249.exe
    [0] Type d'archive: NSIS
    --> ProgramFilesDir/[SystemDir]/calcsci.exe
    [RESULTAT] Contient le cheval de Troie TR/Drop.Agent.BJY
    --> ProgramFilesDir/[SystemDir]/calcsci.exe
    [1] Type d'archive: NSIS
    --> [SystemDir]/[SystemDir]/fastRX.dll
    [RESULTAT] Contient le cheval de Troie TR/Agent.BJY.1.B
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c4ca62.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\WINDOWS\SoftwareDistribution\Download\b81d69b29589b2242f15410bffb0b638\BITD4.tmp
    [0] Type d'archive: CAB (Microsoft)
    --> hpc3505b.cab
    [1] Type d'archive: CAB (Microsoft)
    --> hpzhl4v3.cab
    [2] Type d'archive: CAB (Microsoft)
    --> hpzcs4v3.hlp
    [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
    --> hpzidr12.dll
    [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
    --> hpc3505b.cat
    [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
    C:\WINDOWS\system32\drivers\atwpkt2.sys
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Une copie de sécurité a été créée sous le nom 4a08cfd7.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.


    Fin de la recherche : mardi 10 février 2009 20:04
    Temps nécessaire: 1:46:02 Heure(s)

    La recherche a été effectuée intégralement

    11485 Les répertoires ont été contrôlés
    406518 Des fichiers ont été contrôlés
    45 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    40 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    40 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    1 Impossible de contrôler des fichiers
    406472 Fichiers non infectés
    4937 Les archives ont été contrôlées
    4 Avertissements
    40 Consignes
    88114 Des objets ont été contrôlés lors du Rootkitscan
    22 Des objets cachés ont été trouvés

    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    10 Février 2009 20:24:41

    Ton PC va comment ?

  • Poste un nouveau rapport HijackThis.
    m
    0
    l
    10 Février 2009 20:56:29

    Beaucoup mieux :)  plus de messages bizarres au démarrage ^^

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:05:07, on 10/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    C:\Program Files\QuickTime4\QTTask.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\Program Files\Fichiers communs\AOL\1168789452\ee\AOLSoftware.exe
    C:\Program Files\Philips ToUcam Camera\VProperty.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\DVDRAMSV.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    c:\program files\fichiers communs\aol\1168789452\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\avira\antivir personaledition classic\avcenter.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    c:\program files\avira\antivir personaledition classic\avcenter.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\WINDOWS\system32\notepad.exe
    c:\program files\fichiers communs\aol\1168789452\ee\aolsoftware.exe
    C:\Documents and Settings\NICARD\Local Settings\Temporary Internet Files\Content.IE5\90P7735W\HiJackThis[1].exe
    C:\WINDOWS\system32\SearchProtocolHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime4\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168789452\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoD...
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 13810 bytes
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    10 Février 2009 21:04:23

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar).
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

  • Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : Lien

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant sur Internet ;) 
    m
    0
    l
    10 Février 2009 21:21:01

    Merci pour tout :D 
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    10 Février 2009 21:23:13

    Tu peux poster le rapport ToolsCleaner ?
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS