Votre question

isearch.desktopsearch sur mon ordi

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Décembre 2006 11:22:42

Bonjour à tous,

J'ai un virus sur mon ordi, mais j'arrive pas à l'enlever. Quelqu'un peut-il m'aider SVP.

Voici mon hijack:

Logfile of HijackThis v1.99.1
Scan saved at 11:20:35, on 13/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\SYSTEM32\DNTUS26.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Compaq\EAB\EABSERVR.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MS_update_0610_KB72306.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\florence\Bureau\ordi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\Compaq\EAB\EABSERVR.EXE" /Start
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [vptray] "C:\Program Files\NavNT\vptray.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] "C:\WINDOWS\system32\LXSUPMON.EXE" RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: MS_update_0610_KB72306.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0075546E-5D3D-11D2-A3E5-0060971304D8} (WTX_Installer Class) - http://www.webtrends.com/Download/Browser/Plugins/WordU...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lepouliguen2005.spaces.msn.com//PhotoUpload/MsnP...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera1.mairie-brest.fr/activex/AxisCamControl.c...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zyloml...
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp12.photoprintit.de/microsite/1156/defaults/ac...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AD8D127-082A-4B0C-90EC-AEA45589D5D7}: NameServer = 84.103.237.144 86.64.145.144
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: IEFilter - {22117A33-5FE1-4D63-818A-D302AFE29584} - (no file)
O23 - Service: Apache - Unknown owner - C:\site\easyphp\Apache\apache.exe" --ntservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DNTUS26.EXE
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:\site\easyphp\MySql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe

De plus j'ai fait un scan avec counterspy et voici ce qu'il m'a trouvé:

iSearch.DesktopSearch Spyware more information...
Details: Removes the users access to use Windows Search and replaces it with C:\WINDOWS\isrvs\desktop.exe.
Status: Ignored

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID {17492023-C23A-453E-A040-C7C580BBF700} 1

Mais comme j'ai passé la période d'essai, impossible de le mettre en quarantaine.

Merci de votre aide

Autres pages sur : isearch desktopsearch ordi

13 Décembre 2006 11:33:10

Bonjour,

Il y avait un petit moment que tu n'avais pas eu de probleme :) 

La procédure est longue et en partie en mode sans échec. Attention, tu n'as pas accès à Internet dans ce mode, enregistre cette page Web (clique sur fichier/enregistrer sous/choisis « Bureau ») ou imprime ce que tu as à faire.

1/ Télécharge la version d'évaluation d'AVG Anti-Spyware 7.5

Installe-le sur ton bureau

- Démarre AVG Anti-Spyware 7.5 avec l'icône qui se trouve sur ton Bureau.
Clique sur Mise à jour.
Sous Mise à jour manuelle clique sur Commencer la mise à jour et attend la fin de cette mise à jour puis ferme le programme.

2/ Télécharge Ccleaner

Installe le dans un répertoire dédié (attention à l'installation pense à décocher l'installation de Yahoo toolbar).

3/ Redémarre en mode Sans Échec
(au démarrage, tapote immédiatement la touche F8), puis tu verras un écran avec choix de démarrages :
choisis Mode sans échec avec les flèches du clavier, puis valide avec Entrée.
Choisis ton compte usuel (et non Administrateur).

Si tu n’arrives vraiment pas à redémarrer en mode sans échec je te propose ce lien :

Redémarrer en mode sans échec

4/ Lance Ccleaner

Puis clique sur le bouton « Analyse » ensuite bouton « Lancer le Nettoyage ». Ensuite fait de même sur le bouton « Erreurs » puis « chercher des erreurs » et « réparer les erreurs sélectionnées ».

5/ Lance AVG Anti-Spyware 7.5 et clique sur Analyse et ensuite clique sur Analyse complète du système.
A la fin du scan il affichera une liste des fichiers détectés.
Clique sur le bouton Appliquer toutes les actions.
Clique sur Enregistrer le rapport, puis Enregistrer le rapport sous, je te conseille de le mettre sur ton bureau.

6/ Redémarre en mode normal.
Poste le rapport AVG Anti-Spyware 7.5 dans ta prochaine réponse et poste un nouveau rapport HijackThis.
13 Décembre 2006 11:47:00

Bonjour Bob,

Merci pour ton aide. Cependant, je ne peux pas utiliser AVG anti-spyware, car il se bloque toujours au début du scan, sur la mémoire...

Que puis-je utiliser d'autre.

Contenus similaires
13 Décembre 2006 12:23:13

J'ai fait toute la partie ccleaner mais comme je le redoutai, AVG s'est encore planté sur la mémoire, et donc impossible d'aller plus loin.
J'ai fait une analyse du registre seul et voici ce qu'il a trouvé:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 12:11:11 13/12/2006

+ Résultat de l'analyse:



HKU\S-1-5-21-57989841-1078145449-854245398-1013\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport


Voici mon nouveau hijack:

Logfile of HijackThis v1.99.1
Scan saved at 12:22:54, on 13/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\SYSTEM32\DNTUS26.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Compaq\EAB\EABSERVR.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MS_update_0610_KB72306.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\florence\Bureau\ordi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\Compaq\EAB\EABSERVR.EXE" /Start
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [vptray] "C:\Program Files\NavNT\vptray.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] "C:\WINDOWS\system32\LXSUPMON.EXE" RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: MS_update_0610_KB72306.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0075546E-5D3D-11D2-A3E5-0060971304D8} (WTX_Installer Class) - http://www.webtrends.com/Download/Browser/Plugins/WordU...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lepouliguen2005.spaces.msn.com//PhotoUpload/MsnP...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://camera1.mairie-brest.fr/activex/AxisCamControl.c...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zyloml...
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp12.photoprintit.de/microsite/1156/defaults/ac...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AD8D127-082A-4B0C-90EC-AEA45589D5D7}: NameServer = 84.103.237.145 86.64.145.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: IEFilter - {22117A33-5FE1-4D63-818A-D302AFE29584} - (no file)
O23 - Service: Apache - Unknown owner - C:\site\easyphp\Apache\apache.exe" --ntservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DNTUS26.EXE
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:\site\easyphp\MySql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe

Merci pour votre aide


13 Décembre 2006 14:39:07

Coucou,

quelqu'un peut-il me donner un petit coup de main svp

Merci beaucoup
13 Décembre 2006 18:07:02

  • Télécharge SpySweeper (de Webroot, version d'essai de 14 jours) :

    -Clique sur "Télécharger la version test".
    -Installe le programme en choississant "installation standard".
    -Accepte le redémarrage
    -L'option de le mettre à jour s'affichera, acceptes la mise à jour
    -Lorsque les mises à jour seront installées, dans colonne de gauche clique sur l'onglet Options puis analyse.
    -Sous Eléments à analyser et Autres options coche toutes les cases.
    -Ferme SpySweeper

    La suite étant faite en mode sans échec, imprime ou copie/colle dans un fichier texte les instructions suivantes

  • Redémarre en mode sans échec : au redémarrage, tapotes immédiatement la touche F8, tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

    Si tu n’arrives vraiment pas à redémarrer en mode sans échec je te propose ce lien :

    Redémarrer en mode sans échec

  • Démarre SpySweeper
    -Clique Analyser sur la gauche puis sur Démarrer l'analyse.
    -Quand le scan est terminé, clique sur Suivant.
    -Assure-toi que tous les éléments trouvés sont tous cochés, puis clic sur Suivant.
    -Tous les éléments cochés seront alors mis en quarantaine.
    -Dans "Récapitulatif", sélectionne en bas Afficher le journal de session puis Enregistrer dans un fichier afin de sauvegarder le rapport.

  • Redémarre normalement

  • Désinstalle SpySweeper à partir de ajout/suppression de programme sauf si tu veux continuer l'évaluation pendant 15 jours.

  • Copie/colle le rapport de SpySweeper ici
    14 Décembre 2006 08:59:27

    bonjour à tous,

    Impossible d'utiliser spysweeper car j'ai déjà fait ma période d'essai... Même en changeant l'adresse e-mail, il me demande de l'acheter maintenant...
    Y a t-il une autre possibilité?

    Merci pour votre aide
    15 Décembre 2006 08:37:41

    Bonjour à tous,

    Je me permet de faire un re, si quelqu'un a une idée.
    Merci pour votre aide
    18 Décembre 2006 08:49:47

    Bonjour à tous,

    Me revoici après un petit w-e.
    J'ai bien fait ce que tu m'as dit Bob, voici le rapport de spyware terminator:


    Spyware Terminator Version: 1.7.0.899
    Start time: 16/12/2006 09:00:14
    System: Windows XP
    User: Limited

    Processes Scan
    C:\WINDOWS\SYSTEM32\WINLOGON.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\SYNCOR11.DLL [SoundMAX],
    C:\WINDOWS\SYSTEM32\SERVICES.EXE [Microsoft Corporation] SYNCOR11.DLL,
    C:\WINDOWS\SYSTEM32\LSASS.EXE [Microsoft Corporation] SYNCOR11.DLL,
    C:\WINDOWS\SYSTEM32\SVCHOST.EXE [Microsoft Corporation] SYNCOR11.DLL, SYNCOR11.DLL, SYNCOR11.DLL,
    C:\WINDOWS\EXPLORER.EXE [Microsoft Corporation] SYNCOR11.DLL,
    C:\PROGRAM FILES\SUNBELT SOFTWARE\COUNTERSPY\CONSUMER\SUNTHREATENGINE.EXE [Sunbelt Software] C:\WINDOWS\SYSTEM32\XCEEDZIP.DLL [Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com], C:\WINDOWS\SYSTEM32\MD5.DLL [Traction Software],
    C:\PROGRAM FILES\SUNBELT SOFTWARE\COUNTERSPY\CONSUMER\SUNPROTECTIONSERVER.EXE [Sunbelt Software] MD5.DLL,
    C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATOR.EXE [Crawler.com] SYNCOR11.DLL,
    C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE [Crawler.com]

    Startup Scan

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "ctfmon.exe" = "C:\WINDOWS\SYSTEM32\CTFMON.EXE" [ Microsoft Corporation ]
    "swg" = "C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\1.2.908.5008\GOOGLETOOLBARNOTIFIER.EXE" [ Google Inc. ]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "eabconfg.cpl" = "C:\PROGRAM FILES\COMPAQ\EAB\EABSERVR.EXE" [ Compaq ]
    "SynTPLpr" = "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE" [ Synaptics, Inc. ]
    "SynTPEnh" = "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE" [ Synaptics, Inc. ]
    "ATIPTA" = "C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE" [ ATI Technologies, Inc. ]
    "vptray" = "C:\PROGRAM FILES\NAVNT\VPTRAY.EXE" [ Symantec Corporation ]
    "PrinTray" = "C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\PRINTRAY.EXE" [ Lexmark ]
    "LXSUPMON" = "C:\WINDOWS\SYSTEM32\LXSUPMON.EXE" [ Lexmark ]
    "SunJavaUpdateSched" = "C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\JUSCHED.EXE" [ Sun Microsystems, Inc. ]
    "TkBellExe" = "C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE" [ RealNetworks, Inc. ]
    "SunServer" = "C:\PROGRAM FILES\SUNBELT SOFTWARE\COUNTERSPY\CONSUMER\SUNSERVER.EXE" [ Sunbelt Software ]
    "SpywareTerminator" = "C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE" [ Crawler.com ]

    Toolbars Scan
    &Google {2318C2B1-4965-11d4-9B18-009027A5CD4F} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]

    BHO Scan
    SSVHelper Class {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\SSV.DLL [Sun Microsystems, Inc.]
    Google Toolbar Helper {AA58ED58-01DD-4d91-8333-CF10577473F7} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]
    Web Browser Applet Control {08B0E5C0-4FCB-11CF-AAA5-00401C608501} C:\WINDOWS\SYSTEM32\MSJAVA.DLL [Microsoft Corporation]
    {FB5F1910-F110-11d2-BB9E-00C04F795683} [file not found]

    HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
    {42071714-76d4-11d1-8b24-00a0c9068ff3} = Extension Affichage Panorama du Panneau de configuration (deskpan.dll) [file not found]
    {764BF0E1-F219-11ce-972D-00AA00A14F56} = Extensions de l'environnement de compression de fichiers () [file not found]
    {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} = Menu contextuel de cryptage () [file not found]
    {88895560-9AA2-1069-930E-00AA0030EBC8} = Extension icône HyperTerminal (C:\WINDOWS\SYSTEM32\HTICONS.DLL) [Hilgraeve, Inc.]
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} = Barre des tâches et menu Démarrer () [file not found]
    {87D62D94-71B3-4b9a-9489-5FE6850DC73E} = Avi Properties Handler () [file not found]
    {32683183-48a0-441b-a342-7c2a440a9478} = Media Band () [file not found]
    {7A9D77BD-5403-11d2-8785-2E0420524153} = Comptes d'utilisateurs () [file not found]
    {692E33B0-AF9D-11D0-B976-00A0C9190447} = Remote Storage Properties (C:\WINDOWS\SYSTEM32\RSSHELL.DLL) [Microsoft Corporation]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension (C:\PROGRAM FILES\WINRAR\RAREXT.DLL) [Empty]
    {E46E18A6-806B-4F4B-A893-C9F951ED2FFD} = AdBackup () [file not found]
    {BDA77241-42F6-11d0-85E2-00AA001FE28C} = LDVP Shell Extensions (C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\SSC\VPSHELL2.DLL) [Symantec Corporation]
    {00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL) [Microsoft Corporation]
    {0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL) [Microsoft Corporation]
    {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler (C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL) [Microsoft Corporation]
    {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} (C:\PROGRAM FILES\MICROSOFT OFFICE\VISIO11\VISSHE.DLL) [Empty]
    {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} (C:\PROGRAM FILES\MICROSOFT OFFICE\VISIO11\VISSHE.DLL) [Empty]
    {2F603045-309F-11CF-9774-0020AFD0CFF6} = Synaptics Control Panel (C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPCPL.DLL) [Synaptics, Inc.]
    {640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices (C:\WINDOWS\SYSTEM32\AUDIODEV.DLL) [Microsoft Corporation]
    {cc86590a-b60a-48e6-996b-41d25ed39a1e} = Portable Media Devices Menu (C:\WINDOWS\SYSTEM32\AUDIODEV.DLL) [Microsoft Corporation]
    {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} = Autoplay for SlideShow (C:\WINDOWS\SYSTEM32\SHIMGVW.DLL) [Microsoft Corporation]
    {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player (C:\PROGRAM FILES\REAL\REALPLAYER\RPSHELL.DLL) [RealNetworks, Inc.]
    {21569614-B795-46b1-85F4-E737A8DC09AD} = Shell Search Band (C:\WINDOWS\SYSTEM32\BROWSEUI.DLL) [Microsoft Corporation]
    {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} = Messenger Sharing Folders (C:\PROGRAM FILES\MSN MESSENGER\FSSHEXT.8.0.0792.00.DLL) [Microsoft Corporation]
    {7C9D5882-CB4A-4090-96C8-430BFE8B795B} = Webroot Spy Sweeper Context Menu Integration (C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll) [file not found]
    {BD88A479-9623-4897-8546-BC62B9628F44} = SPTHandler (C:\PROGRAM FILES\SPYWARE TERMINATOR\SPTCONTMENU.DLL) [Crawler.com]

    Winlogon Notify Scan
    WRNotifier = WRLogonNTF.dll (WRLogonNTF.dll) [file not found]

    Services Scan
    "aaudstum" = C:\DOCUME~1\remi\LOCALS~1\Temp\aaudstum.sys [file not found]
    "aeaudio" = C:\WINDOWS\SYSTEM32\DRIVERS\AEAUDIO.SYS [Andrea Electronics Corporation]
    "AIRPLUS" = System32\DRIVERS\AIRPLUS.sys [file not found]
    "aliadwdm" = C:\WINDOWS\SYSTEM32\DRIVERS\AC97ALI.SYS [Acer Laboratories Inc.]
    "AliIde" = C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS [Acer Laboratories Inc.]
    "Apache" = C:\SITE\EASYPHP\APACHE\APACHE.EXE [file not found]
    "Ati HotKey Poller" = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE [Empty]
    "ati2mtag" = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS [ATI Technologies Inc.]
    "ATITool" = C:\PROGRAM FILES\ATITOOL\ATITOOL.SYS [Empty]
    "ATIXPGAA" = C:\Program Files\Plutonium XP 8.1\Utila\ATIXPGAA.SYS [file not found]
    "AVG Anti-Spyware Driver" = C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.SYS [Empty]
    "AVG Anti-Spyware Guard" = C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.EXE [Anti-Malware Development a.s.]
    "AvgAsCln" = C:\WINDOWS\SYSTEM32\DRIVERS\AVGASCLN.SYS [GRISOFT, s.r.o.]
    "basic2" = C:\WINDOWS\SYSTEM32\DRIVERS\BASIC2.SYS [Conexant Systems]
    "BTDriver" = System32\DRIVERS\btport.sys [file not found]
    "BTWDNDIS" = System32\DRIVERS\btwdndis.sys [file not found]
    "BTWUSB" = System32\Drivers\btwusb.sys [file not found]
    "caboagp" = C:\WINDOWS\SYSTEM32\DRIVERS\ATISGKAF.SYS [ATI Technologies Inc.]
    "Chkstate" = C:\WINDOWS\SYSTEM32\DRIVERS\CHKSTATE.SYS [AMD]
    "ClntMgmt.sys" = C:\WINDOWS\system32\Drivers\ClntMgmt.sys [file not found]
    "cpqdfw" = C:\WINDOWS\SYSTEM32\DRIVERS\CPQDFW.SYS [Empty]
    "DefWatch" = C:\PROGRAM FILES\NAVNT\DEFWATCH.EXE [Symantec Corporation]
    "dmboot" = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS [Microsoft Corp., Veritas Software]
    "dmio" = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS [Microsoft Corp., Veritas Software]
    "DNTUS26" = C:\WINDOWS\SYSTEM32\DNTUS26.EXE [DameWare Development LLC]
    "DWMRCS" = C:\WINDOWS\SYSTEM32\DWRCS.EXE [DameWare Development LLC]
    "EABFiltr" = C:\WINDOWS\SYSTEM32\DRIVERS\EABFILTR.SYS [Compaq Computer Corp.]
    "eabusb" = C:\WINDOWS\SYSTEM32\DRIVERS\EABUSB.SYS [Compaq Computer Corp.]
    "Fallback" = C:\WINDOWS\SYSTEM32\DRIVERS\FALLBACK.SYS [Conexant Systems]
    "Fsks" = C:\WINDOWS\SYSTEM32\DRIVERS\FSKSNT.SYS [Conexant Systems]
    "hsf_msft" = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_MSFT.SYS [Conexant]
    "hwinfo" = C:\Documents and Settings\remi\Bureau\cpuz.sys [file not found]
    "ibeadr" = System32\Drivers\ibeadr.sys [file not found]
    "K56" = C:\WINDOWS\SYSTEM32\DRIVERS\K56NT.SYS [Conexant Systems]
    "LexBceS" = C:\WINDOWS\SYSTEM32\LEXBCES.EXE [Lexmark International, Inc.]
    "Macromedia Licensing Service" = C:\PROGRAM FILES\FICHIERS COMMUNS\MACROMEDIA SHARED\SERVICE\MACROMEDIA LICENSING.EXE [Empty]
    "mdmxsdk" = C:\WINDOWS\SYSTEM32\DRIVERS\MDMXSDK.SYS [Conexant]
    "MySql" = C:\site\easyphp\MySql\bin\mysqld-nt.exe [file not found]
    "NAVAP" = C:\PROGRAM FILES\NAVNT\NAVAP.SYS [Empty]
    "NAVAPEL" = C:\PROGRAM FILES\NAVNT\NAVAPEL.SYS [Empty]
    "NAVENG" = C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20061213.022\NAVENG.SYS [Symantec Corporation]
    "NAVEX15" = C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20061213.022\NAVEX15.SYS [Symantec Corporation]
    "Norton AntiVirus Server" = C:\PROGRAM FILES\NAVNT\RTVSCAN.EXE [Symantec Corporation]
    "NRKCTL32" = C:\Documents and Settings\remi\Bureau\NRKCTL32.SYS [file not found]
    "PalmUSBD" = system32\drivers\PalmUSBD.sys [file not found]
    "Pcouffin" = System32\Drivers\Pcouffin.sys [file not found]
    "pfc" = C:\WINDOWS\SYSTEM32\DRIVERS\PFC.SYS [Padus, Inc.]
    "Ptilink" = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS [Parallel Technologies, Inc.]
    "PxHelp20" = C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS [Sonic Solutions]
    "Rksample" = C:\WINDOWS\SYSTEM32\DRIVERS\RKSAMPLE.SYS [Conexant Systems]
    "rtl8139" = C:\WINDOWS\SYSTEM32\DRIVERS\R8139N51.SYS [Realtek Semiconductor Corporation]
    "rtl8180" = C:\WINDOWS\SYSTEM32\DRIVERS\RTL8180.SYS [Realtek Semiconductor Corporation]
    "Secdrv" = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS [Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.]
    "smwdm" = C:\WINDOWS\SYSTEM32\DRIVERS\SMWDM.SYS [Analog Devices, Inc.]
    "SoftFax" = C:\WINDOWS\SYSTEM32\DRIVERS\FAXNT.SYS [Conexant Systems]
    "SONYPVU1" = C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS [Sony Corporation]
    "sp_rsdrv2" = C:\WINDOWS\SYSTEM32\DRIVERS\SP_RSDRV2.SYS [Empty]
    "sp_rssrv" = C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE [Crawler.com]
    "StMp3Rec" = C:\WINDOWS\SYSTEM32\DRIVERS\STMP3REC.SYS [EXATELECOM Co., Ltd.]
    "SymEvent" = C:\PROGRAM FILES\SYMANTEC\SYMEVENT.SYS [Symantec Corporation]
    "SynTP" = C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS [Synaptics, Inc.]
    "TDIMSYS" = C:\WINDOWS\system32\drivers\TDIMSYS.SYS [file not found]
    "TOKENMON" = C:\WINDOWS\SYSTEM32\DRIVERS\TOKENM.SYS [Empty]
    "Tones" = C:\WINDOWS\SYSTEM32\DRIVERS\TONESNT.SYS [Conexant Systems]
    "V124" = C:\WINDOWS\SYSTEM32\DRIVERS\V124NT.SYS [Conexant Systems]
    "winachsf" = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.SYS [Conexant Systems]

    Protocol Filters Scan
    Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} (C:\WINDOWS\SYSTEM32\URLMON.DLL) [Microsoft Corporation]
    text/xml = {807553E5-5146-11D5-A672-00B0D022E945} (C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSOXMLMF.DLL) [Microsoft Corporation]

    Hosts Scan
    LOCALHOST mapping = 2

    IE Scan
    IERESET.INF missing Signature="$CHICAGO$"
    IERESET.INF missing AdvancedINF=2.5,"You need a new version of advpack.dll"
    IERESET.INF missing AddReg=RestoreHomePage.reg
    IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Start Page",0,%START_PAGE_URL%
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Page_URL",0,%START_PAGE_URL%
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Search_URL",0,%SEARCH_PAGE_URL%
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","1",0,"www.%s.com"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","2",0,"www.%s.org"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","3",0,"www.%s.net"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","4",0,"www.%s.edu"
    IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
    IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\SearchUrl","Provider",0,""
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","SearchAssistant",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","CustomizeSearch",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
    IERESET.INF missing HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites",%SAFESITE_VALUE%,0,"http://ie.search.msn.com/*"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","5"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","6"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","7"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","8"
    IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","9"
    IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","AutoSearch"
    IERESET.INF missing SEARCH_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    IERESET.INF missing AddReg=RestoreBrowserSettings.reg
    IERESET.INF missing DelReg=DeleteTemplates.reg or DelReg=DeleteTemplates.reg, DeleteAutosearch.reg
    IERESET.INF missing START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..." or START_PAGE_URL="http://www.msn.com"
    IERESET.INF missing SAFESITE_VALUE="http://home.microsoft.com/" or SAFESITE_VALUE="ie.search.msn.com"
    IERESET.INF missing MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..." or MS_START_PAGE_URL="http://www.msn.com"

    Voici le scan progress:


    Scan Progress (Full Scan)
    Start time: 16/12/2006 09:00:14
    Database: 1.0.534.280

    Processes Scanning
    Shdocvw : C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
    Startup Scanning
    Ctfmon : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ctfmon.exe
    Ctfmon : C:\WINDOWS\SYSTEM32\CTFMON.EXE
    swg : C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\1.2.908.5008\GOOGLETOOLBARNOTIFIER.EXE
    eabconfg.cpl : C:\PROGRAM FILES\COMPAQ\EAB\EABSERVR.EXE
    SynTPLpr : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SynTPLpr
    SynTPLpr : C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
    SynTPLpr : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SynTPEnh
    SynTPLpr : C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
    ATIPTA : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ATIPTA
    ATIPTA : C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE
    SymantecAntivirus : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run vptray
    SymantecAntivirus : C:\PROGRAM FILES\NAVNT\VPTRAY.EXE
    PrinTray : C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\PRINTRAY.EXE
    LXSUPMON : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LXSUPMON
    LXSUPMON : C:\WINDOWS\SYSTEM32\LXSUPMON.EXE
    SunJavaUpdateSched : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SunJavaUpdateSched
    SunJavaUpdateSched : C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\JUSCHED.EXE
    RealSched : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run TkBellExe
    RealSched : C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE
    SunServer : C:\PROGRAM FILES\SUNBELT SOFTWARE\COUNTERSPY\CONSUMER\SUNSERVER.EXE
    Spyware Terminator : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SpywareTerminator
    Spyware Terminator : C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
    Explorer : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Shell
    Explorer : C:\WINDOWS\EXPLORER.EXE
    Toolbars Scanning
    Google Toolbar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    Google Toolbar : C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
    Shdocvw : HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
    Shdocvw : C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
    Shdocvw : explorer.exe PID: 708
    Shdocvw : SpywareTerminator.exe PID: 864
    Shdocvw : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}
    Browser Helper Objects Scanning
    SSJava : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    SSJava : C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\SSV.DLL
    Google Toolbar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
    IE Explorer Bars
    IE Extensions
    Services Scanning
    Protocol filters Scanning
    Protocol handlers Scanning
    WinSock2 Scanning
    Uninstallers Scanning
    C:\WINDOWS\ISUN040C.EXE
    C:\GAMES\AOM\UNINSTAL.EXE
    C:\PROGRAM FILES\ATI TECHNOLOGIES\UNINSTALLALL\ATICIMUN.EXE
    C:\Program Files\AMD PowerNow! Dashboard\UNWISE.EXE
    C:\WINDOWS\SYSTEM32\ATIIIEXX.DLL
    C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\UNINSTALL.EXE
    C:\SIERRA\CAESAR3\UNWISE.EXE
    C:\PROGRAM FILES\CCLEANER\UNINST.EXE
    C:\PROGRAM FILES\FILEZILLA CLIENT\UNINSTALL.EXE
    C:\PROGRAM FILES\FICHIERS COMMUNS\GTK\2.0\UNINST.EXE
    C:\DOCUMENTS AND SETTINGS\FLORENCE\BUREAU\ORDI\HIJACKTHIS.EXE
    C:\PROGRAM FILES\SMART PROJECTS\ISOBUSTER\UNINST\UNINS000.EXE
    C:\PROGRAM FILES\JAVA WEB START\UNINST-JAVAWS.EXE
    C:\WINDOWS\$NTUNINSTALLKB834707$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB867282$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\MUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB873333$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB873339$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB883939$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB885250$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB885835$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB885836$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB885884$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB886185$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB887472$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB887742$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB888113$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB888302$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB890046$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB890047$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB890175$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB890859$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB890923$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB891781$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB893066$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB893086$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB893756$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$MSI31UNINSTALL_KB893803$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$MSI31UNINSTALL_KB893803V2$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB894391$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB896358$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB896422$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB896423$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB896424$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB896428$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB896688$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB896727$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB898461$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB899587$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB899588$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB899589$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB899591$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB900485$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB900725$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB901017$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB901214$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB902400$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB904706$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB905414$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB905749$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB905915$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB908519$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB908531$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB910437$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB911280$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB911562$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB911564$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB911565$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB911567$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB911927$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB912812$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB912919$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB913446$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB913580$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB914388$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB914389$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB916281$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB916595$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB917159$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB917344$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB917422$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB917734_WMP10$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB917953$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB918439$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB918899$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB919007$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB920213$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB920214$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB920670$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB920683$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB920685$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB921398$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB921883$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB922616$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB922760$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB922819$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB923191$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB923414$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB923980$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB924191$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB924270$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB924496$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\$NTUNINSTALLKB925486$\SPUNINST\SPUNINST.EXE
    C:\WINDOWS\INF\LHTTSFRF.INF
    C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\LSETUP.EXE
    C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
    C:\PROGRAM FILES\MON LIVRE PHOTO BY CEWE\UNINS000.EXE
    C:\WINDOWS\UNINSTALLFIREFOX.EXE
    C:\WINDOWS\UNINSTALLTHUNDERBIRD.EXE
    C:\WINDOWS\SYSTEM32\UNWISE.EXE
    C:\WINDOWS\system32\SETUPAPI.DLL
    C:\PROGRAM FILES\PDFCREATOR\UNINS000.EXE
    C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\R1PUNINST.EXE
    C:\PROGRAM FILES\RESTORATION\UNINSTALL.EXE
    C:\PROGRAM FILES\GAMES\RISK II\UNINSTALL.EXE
    C:\PROGRAM FILES\RISKII\UNINSTALL.EXE
    C:\WINDOWS\system32\Macromed\Shockwave 8\UNWISE.EXE
    C:\WINDOWS\SYSTEM32\MACROMED\FLASH\UNINSTFL.EXE
    C:\PROGRAM FILES\SPYWARE TERMINATOR\UNINS000.EXE
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNISDLL.DLL
    C:\PROGRAM FILES\2K SPORTS\TORINO WINTER OLYMPICS\UNINSTALL.EXE
    C:\WINDOWS\SYSTEM32\MSHTA.EXE
    C:\PROGRAM FILES\SIERRA ON-LINE\SUTIL32.EXE
    C:\WINDOWS\PSUNINST2.EXE
    C:\PROGRAM FILES\WINAMP\UNINSTWA.EXE
    C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMSETSDK.EXE
    C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\SETUP_WM.EXE
    C:\WINDOWS\$NTSERVICEPACKUNINSTALL$\SPUNINST\SPUNINST.EXE
    C:\PROGRAM FILES\WINRAR\UNINSTALL.EXE
    C:\PROGRAM FILES\XVID\UNINSTXVID.EXE
    C:\WINDOWS\system32\MSIEXEC.EXE
    C:\Program Files\Fichiers communs\InstallShield\engine\6\Intel 32\ctor.dll
    C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
    C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
    Google Toolbar : C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
    Google Toolbar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
    C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
    C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
    C:\PROGRAM FILES\DIVX\DIVX PLAYER 2.1\DIVXPLAYERUNINSTALL.EXE
    C:\PROGRAM FILES\INSTALLSHIELD INSTALLATION INFORMATION\{C1939820-A945-11D4-86F6-0001031E5712}\SETUP.EXE
    Start Menu Scanning
    RealTray : C:\Documents and Settings\florence\Menu Démarrer\Programmes\Accessoires\Divertissement\RealPlayer.lnk
    Explorer : C:\Documents and Settings\florence\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk
    SynchronizationManager : C:\Documents and Settings\florence\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk
    Ccleaner : C:\Documents and Settings\florence\Menu Démarrer\Programmes\CCleaner\CCleaner.lnk
    Explorer : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Connexions réseau.lnk
    Explorer : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk
    Explorer : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Outils système\Tâches planifiées.lnk
    SynchronizationManager : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk
    LXSUPMON : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Contrôleur de fournitures Lexmark\Contrôleur de fournitures Lexmark.lnk
    RealTray : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Real\RealPlayer\RealPlayer.lnk
    RealTray : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Real\RealPlayer\Vérifier les mises à jour RealPlayer.lnk
    RealTray : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RealPlayer.lnk
    Spyware Terminator : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spyware Terminator\Spyware Terminator.lnk
    MessengerService : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk
    Desktop Scanning
    Ccleaner : C:\Documents and Settings\florence\Bureau\CCleaner.lnk
    Favorites Scanning
    Cookies Scanning
    Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@ads.pointroll[2].txt
    Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@atdmt[2].txt
    Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@doubleclick[1].txt
    Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@ebay[1].txt
    Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@ebay[3].txt
    Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@hitbox[2].txt
    Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@mediaplex[2].txt
    Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@serving-sys[1].txt
    Registry Scanning
    Google Toolbar : HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}
    Google Toolbar : C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
    Google Toolbar : HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
    RXToolbar : HKCR\Interface\{ac368f5f-6670-4dde-a1a8-b9c064ea0402}
    YahooToolbar : HKCR\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    YahooToolbar : HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}
    MSDXM : HKCR\CLSID\{8E718888-423F-11D2-876E-00A0C9082467}
    MSDXM : C:\WINDOWS\SYSTEM32\MSDXM.OCX
    SSJava : HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    SSJava : C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\SSV.DLL
    Files Scanning
    Spyware Terminator : C:\Program Files\Spyware Terminator\Spywareterminatorshield.exe
    Spyware Terminator : C:\Program Files\Spyware Terminator\Spywareterminator.exe
    Spyware Terminator : C:\Program Files\Spyware Terminator\sptcontmenu.dll
    WinampAgent : C:\Program Files\Winamp\winampa.exe
    SoundMan : C:\Program Files\analog devices\soundmax\smtray.exe
    MessengerService : C:\Program Files\MSN Messenger\msnmsgr.exe
    MessengerService : C:\Program Files\Messenger\msmsgs.exe
    ATIModeChange : C:\WINDOWS\system32\Ati2mdxx.exe
    Ctfmon : C:\WINDOWS\system32\ctfmon.exe
    ATIPTA : C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    SynTPLpr : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    SynTPLpr : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    SymantecAntivirus : C:\Program Files\NavNT\vptray.exe
    SunJavaUpdateSched : C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    SunJavaUpdateSched : C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    MSConfig : C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
    SynchronizationManager : C:\WINDOWS\system32\mobsync.exe
    RealTray : C:\Program Files\Real\RealPlayer\RealPlay.exe
    MSDXM : C:\WINDOWS\system32\msdxm.ocx
    RealSched : C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    StillImageMonitor : C:\WINDOWS\system32\STIMON.EXE
    GrpConv : C:\WINDOWS\system32\grpconv.exe
    Trojan/Abwiz : C:\WINDOWS\system32\zlbw.dll
    Wextract : C:\WINDOWS\system32\advpack.dll
    KernelFaultCheck : C:\WINDOWS\system32\dumprep.exe
    Explorer : C:\WINDOWS\explorer.exe
    PowerProfile : C:\WINDOWS\system32\powrprof.dll
    BluetoothControlPanel : C:\WINDOWS\system32\bthprops.cpl
    SSJava : C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    SSJava : C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    Shdocvw : C:\WINDOWS\system32\shdocvw.dll
    PHIME2002ASync : C:\WINDOWS\system32\dllcache\tintsetp.exe
    LXSUPMON : C:\WINDOWS\system32\LXSUPMON.EXE
    Ccleaner : C:\Program Files\CCleaner\ccleaner.exe
    MSPY2002 : C:\WINDOWS\system32\dllcache\imscinst.exe
    Trojan/Smitfraud : C:\WINDOWS\system32\sysvx.exe
    Verclsid : C:\WINDOWS\system32\verclsid.exe
    Systray : C:\WINDOWS\system32\systray.exe
    comctl32 : C:\WINDOWS\WinSxS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\comctl32.dll
    Preparing DeepFile Scan
    DeepFiles Scanning
    SoundMan : C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    ATIPTA : C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    Ccleaner : C:\Program Files\CCleaner\ccleaner.exe
    RealSched : C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    Google Toolbar : C:\Program Files\Google\GoogleToolbar1.dll
    SunJavaUpdateSched : C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    SSJava : C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    SunJavaUpdateSched : C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    SSJava : C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    MessengerService : C:\Program Files\Messenger\msmsgs.exe
    MessengerService : C:\Program Files\MSN Messenger\msnmsgr.exe
    SymantecAntivirus : C:\Program Files\NavNT\vptray.exe
    RealTray : C:\Program Files\Real\RealPlayer\realplay.exe
    Spyware Terminator : C:\Program Files\Spyware Terminator\sptcontmenu.dll
    Spyware Terminator : C:\Program Files\Spyware Terminator\SpywareTerminator.exe
    Spyware Terminator : C:\Program Files\Spyware Terminator\Spywareterminatorshield.Exe
    SynTPLpr : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    SynTPLpr : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    WinampAgent : C:\Program Files\Winamp\winampa.exe
    Explorer : C:\WINDOWS\explorer.exe
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB824141$\user32.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB824141$\win32k.sys
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\dhcpcsvc.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\ndisuio.sys
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\netshell.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\wzcdlg.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\wzcsapi.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\wzcsvc.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\xpsp2res.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\es.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\dao360.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msexcl40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msjet40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msjetol1.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msjetoledb40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msjtes40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\mspbde40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msrepl40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\mstext40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msxbde40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\dao360.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\shell32.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx
    Unreadable Binary Files : C:\WINDOWS\$NtUninstallQ828026$\wmp.dll
    MSConfig : C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe
    Wextract : C:\WINDOWS\system32\advpack.dll
    ATIModeChange : C:\WINDOWS\system32\Ati2mdxx.exe
    BluetoothControlPanel : C:\WINDOWS\system32\bthprops.cpl
    Ctfmon : C:\WINDOWS\system32\ctfmon.exe
    MSPY2002 : C:\WINDOWS\system32\dllcache\imscinst.exe
    PHIME2002ASync : C:\WINDOWS\system32\dllcache\tintsetp.exe
    KernelFaultCheck : C:\WINDOWS\system32\dumprep.exe
    GrpConv : C:\WINDOWS\system32\grpconv.exe
    LXSUPMON : C:\WINDOWS\system32\LXSUPMON.EXE
    SynchronizationManager : C:\WINDOWS\system32\mobsync.exe
    MSDXM : C:\WINDOWS\system32\msdxm.ocx
    PowerProfile : C:\WINDOWS\system32\powrprof.dll
    Shdocvw : C:\WINDOWS\system32\shdocvw.dll
    StillImageMonitor : C:\WINDOWS\system32\stimon.exe
    Trojan/Smitfraud : C:\WINDOWS\system32\sysvx.exe
    Verclsid : C:\WINDOWS\system32\verclsid.exe
    Trojan/Abwiz : C:\WINDOWS\system32\zlbw.dll
    comctl32 : C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
    Done

    Scan Summary:

    Total Scanning Time : 4591.80 s
    Objects Scanned : 69 861
    Objects Identified : 160
    Objects Ignored : 0

    Critical Objects : 76


    Et voici ce qu'il a supprimé:

    Remove Process:

    Preparing structures
    Creating System Restore Point
    Hard File Remover Disabled
    Remove Trojan/Abwiz
    Deleted File: C:\WINDOWS\system32\zlbw.dll
    Remove Trojan/Smitfraud
    Deleted File: C:\WINDOWS\system32\sysvx.exe
    Remove RXToolbar
    Deleted Registry : HKCR\Interface\{ac368f5f-6670-4dde-a1a8-b9c064ea0402}
    Remove Affiliate tracking cookie
    Deleted File: C:\Documents and Settings\florence\cookies\florence@ads.pointroll[2].txt
    Deleted File: C:\Documents and Settings\florence\cookies\florence@atdmt[2].txt
    Deleted File: C:\Documents and Settings\florence\cookies\florence@doubleclick[1].txt
    Deleted File: C:\Documents and Settings\florence\cookies\florence@ebay[1].txt
    Deleted File: C:\Documents and Settings\florence\cookies\florence@ebay[3].txt
    Deleted File: C:\Documents and Settings\florence\cookies\florence@hitbox[2].txt
    Deleted File: C:\Documents and Settings\florence\cookies\florence@mediaplex[2].txt
    Deleted File: C:\Documents and Settings\florence\cookies\florence@serving-sys[1].txt
    Remove Unreadable Binary Files
    Deleted File: C:\WINDOWS\$NtUninstallKB824141$\user32.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB824141$\win32k.sys
    Deleted File: C:\WINDOWS\$NtUninstallKB826942$\dhcpcsvc.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
    Deleted File: C:\WINDOWS\$NtUninstallKB826942$\ndisuio.sys
    Deleted File: C:\WINDOWS\$NtUninstallKB826942$\netshell.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB826942$\wzcdlg.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB826942$\wzcsapi.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB826942$\wzcsvc.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB826942$\xpsp2res.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\es.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\dao360.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msexcl40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msjet40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msjetol1.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msjetoledb40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msjtes40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\mspbde40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msrepl40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\mstext40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msxbde40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB837001$\dao360.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB839645$\shell32.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
    Deleted File: C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll
    Deleted File: C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx
    Deleted File: C:\WINDOWS\$NtUninstallQ828026$\wmp.dll
    Closing System Restore Point


    Malheureusement je pense qu'il reste encore quelque chose car l'ordi continue à me connecter sur internet sans que je lui demande.

    Merci de votre aide
    18 Décembre 2006 21:29:12

    Coucou,

    Quelqu'un a t-il une idée SVP.
    Voici mon nouveau hijack:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:28:48, on 18/12/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\NavNT\defwatch.exe
    C:\WINDOWS\SYSTEM32\DNTUS26.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\NavNT\rtvscan.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\system32\MsgSys.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
    C:\Program Files\Compaq\EAB\EABSERVR.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\NavNT\vptray.exe
    C:\WINDOWS\system32\LXSUPMON.EXE
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
    C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MS_update_0610_KB72306.exe
    C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\florence\Bureau\ordi\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\Compaq\EAB\EABSERVR.EXE" /Start
    O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [vptray] "C:\Program Files\NavNT\vptray.exe"
    O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
    O4 - HKLM\..\Run: [LXSUPMON] "C:\WINDOWS\system32\LXSUPMON.EXE" RUN
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    O4 - Global Startup: MS_update_0610_KB72306.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0075546E-5D3D-11D2-A3E5-0060971304D8} (WTX_Installer Class) - http://www.webtrends.com/Download/Browser/Plugins/WordU...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lepouliguen2005.spaces.msn.com//PhotoUpload/MsnP...
    O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploade...
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://camera1.mairie-brest.fr/activex/AxisCamControl.c...
    O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zyloml...
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp12.photoprintit.de/microsite/1156/defaults/ac...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5AD8D127-082A-4B0C-90EC-AEA45589D5D7}: NameServer = 86.64.145.146 84.103.237.146
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: IEFilter - {22117A33-5FE1-4D63-818A-D302AFE29584} - (no file)
    O23 - Service: Apache - Unknown owner - C:\site\easyphp\Apache\apache.exe" --ntservice (file missing)
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
    O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DNTUS26.EXE
    O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MySql - Unknown owner - C:\site\easyphp\MySql\bin\mysqld-nt.exe (file missing)
    O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

    Merci de votre aide
    19 Décembre 2006 13:04:56

    bonjour

    personne n'aurai une ptite idée?

    Mrci de votre aide
    19 Décembre 2006 14:57:29

    Bonjour,

    1/ Télécharge SmitfraudFix de S!Ri :

    http://siri.urz.free.fr/Fix/SmitfraudFix.php

    Tu le dézippes sur le Bureau.

    2/ Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1

    Poste le rapport.
    19 Décembre 2006 16:23:43

    Salut Bob,

    Voici le rapport

    SmitFraudFix v2.131

    Rapport fait à 16:22:58.34, 19/12/2006
    Executé à partir de C:\Documents and Settings\florence\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\florence


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\florence\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\florence\Favoris


    »»»»»»»»»»»»»»»»»»»»»»»» Bureau


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"


    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""


    »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


    »»»»»»»»»»»»»»»»»»»»»»»» Fin

    20 Décembre 2006 08:36:08

    Bonjour,

    Un petit UP pour étudier mon dernier rapport

    Merci à tous
    20 Décembre 2006 17:59:18

    Coucou,

    Un petit coup de pouce SVP pour finir de nettoyer mon ordi. Merci de votre aide
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS