Antinul.a

nath -  
 nath -
Bonjour,
j'ai un souci,une fenetre arret de surfer,au travail!!s'affiche inopinement*
et a chaque connection internet dans la fenetre recherche apparait travailler plus.com
j'ai deja telecharge usbfix!!!mon antivir ne detecte plus rien!!
mais j'ai tjr la fenetre internet qui s'affiche avec travailler plus.com!!!
que dois je faire!
ou refaire sans oublier p etre d etape!
d'avance merci
Configuration: Windows XP
Internet Explorer 7.0

2 réponses

  1. kevin05 Messages postés 3814 Date d'inscription   Statut Contributeur sécurité Dernière intervention   147
     
    Salut

    - Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

    - Double-clique sur RSIT.exe afin de lancer le programme.

    - Clique sur Continue à l'écran Disclaimer.

    - Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    - Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
    0
    1. nath
       
      J'ai bien recu ton message voici le contenu de l'analyse log
      Logfile of random's system information tool 1.05 (written by random/random)
      Run by armocida at 2009-01-14 18:31:51
      Microsoft Windows XP Édition familiale Service Pack 2
      System drive C: has 20 GB (53%) free of 38 GB
      Total RAM: 478 MB (22% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 18:32:19, on 14/01/2009
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16762)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      C:\WINDOWS\system32\igfxtray.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\Booster Wanadoo\wanadoo_booster.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1105\fr-fr\bin\WindowsSearch.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Documents and Settings\armocida\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1105\fr-fr\bin\WindowsSearchIndexer.exe
      C:\Documents and Settings\armocida\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Windows Live\Toolbar\wltuser.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Documents and Settings\armocida\Local Settings\Temporary Internet Files\Content.IE5\F2QAGEEZ\RSIT[1].exe
      C:\Program Files\trend micro\armocida.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Travaillez plus.com
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Au travail !Arrêtez de surfer!
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\antinul.vbe
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
      O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
      O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
      O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [FNI.WFX5V_0001_F56E0811] "C:\DOCUME~1\armocida\LOCALS~1\Temp\WFXD9.exe"
      O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
      O4 - HKLM\..\Run: [Á³#  L"h'þ9Óœð3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\tmsjf.exe
      O4 - HKLM\..\Run: [wa7pcw] "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\wa7pcw.exe" -c
      O4 - HKLM\..\Run: [dc6cw] "C:\Program Files\Fichiers communs\DriveCleaner\dc6cw.exe" -c
      O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Fichiers communs\SystemDoctor\DNSE.exe" -c
      O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe"
      O4 - HKLM\..\Run: [Á³#  G"h'þ9Óœû3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\tmsjf.exe
      O4 - HKLM\..\Run: [Á²#  G"h'þ9Óœû3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\tmsjf.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [wa7pcw] "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\wa7pcw.exe" -c
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\armocida\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
      O4 - Global Startup: Booster Orange.lnk = C:\Program Files\Booster Wanadoo\wanadoo_booster.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1105\fr-fr\bin\WindowsSearch.exe
      O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e57caf97c6284d399e5aa9d6431ad9c3
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e57caf97c6284d399e5aa9d6431ad9c3
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
      O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
      O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      O24 - Desktop Component 0: (no name) - http://images-partners.google.com/images?q=tbn:vEulYdiLSZ8J:http://alnaute.free.fr/Image/Les%2520photos/superbike/Valentino%2520Rossi.jpg
      0
    2. nath
       
      J'ai bien recu ton message voici le contenu de l'analyse log
      Logfile of random's system information tool 1.05 (written by random/random)
      Run by armocida at 2009-01-14 18:31:51
      Microsoft Windows XP Édition familiale Service Pack 2
      System drive C: has 20 GB (53%) free of 38 GB
      Total RAM: 478 MB (22% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 18:32:19, on 14/01/2009
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16762)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      C:\WINDOWS\system32\igfxtray.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\Booster Wanadoo\wanadoo_booster.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1105\fr-fr\bin\WindowsSearch.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Documents and Settings\armocida\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1105\fr-fr\bin\WindowsSearchIndexer.exe
      C:\Documents and Settings\armocida\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Windows Live\Toolbar\wltuser.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Documents and Settings\armocida\Local Settings\Temporary Internet Files\Content.IE5\F2QAGEEZ\RSIT[1].exe
      C:\Program Files\trend micro\armocida.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Travaillez plus.com
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Au travail !Arrêtez de surfer!
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\antinul.vbe
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
      O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
      O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
      O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [FNI.WFX5V_0001_F56E0811] "C:\DOCUME~1\armocida\LOCALS~1\Temp\WFXD9.exe"
      O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
      O4 - HKLM\..\Run: [Á³#  L"h'þ9Óœð3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\tmsjf.exe
      O4 - HKLM\..\Run: [wa7pcw] "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\wa7pcw.exe" -c
      O4 - HKLM\..\Run: [dc6cw] "C:\Program Files\Fichiers communs\DriveCleaner\dc6cw.exe" -c
      O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Fichiers communs\SystemDoctor\DNSE.exe" -c
      O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe"
      O4 - HKLM\..\Run: [Á³#  G"h'þ9Óœû3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\tmsjf.exe
      O4 - HKLM\..\Run: [Á²#  G"h'þ9Óœû3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\tmsjf.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [wa7pcw] "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\wa7pcw.exe" -c
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\armocida\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
      O4 - Global Startup: Booster Orange.lnk = C:\Program Files\Booster Wanadoo\wanadoo_booster.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1105\fr-fr\bin\WindowsSearch.exe
      O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e57caf97c6284d399e5aa9d6431ad9c3
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e57caf97c6284d399e5aa9d6431ad9c3
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
      O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
      O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      O24 - Desktop Component 0: (no name) - http://images-partners.google.com/images?q=tbn:vEulYdiLSZ8J:http://alnaute.free.fr/Image/Les%2520photos/superbike/Valentino%2520Rossi.jpg
      0
  2. kevin05 Messages postés 3814 Date d'inscription   Statut Contributeur sécurité Dernière intervention   147
     
    Télécharge Malwarebytes’ Anti-Malware

    tuto ICI

    NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici

    - Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware
    - Enregistres le sur le bureau
    - Double cliques sur le fichier téléchargé pour lancer le processus d’installation
    - Lorsqu’il te le sera demandé, met à jour Malwarebytes anti malware
    - Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
    - Une fois la mise à jour terminée, ferme Malwarebytes
    - Double-cliques sur l’icône de malwarebytes pour le relancer
    - Dans l’onglet, Recherche, probablement ouvert par défaut,
    - Sélectionne Exécuter un examen complet
    - Clique sur Rechercher
    - Le scan démarre
    - A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
    - Cliques sur Ok pour poursuivre.
    - Si des malwares ont été détectés, cliques sur Afficher les résultats
    - Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
    - Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
    - Rends toi dans l’onglet rapport/log
    - Tu cliques dessus pour l’afficher une fois affiché
    - Tu cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
    - Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
    - Tu cliques droit dans le cadre de la réponse et coller
    0
    1. nath
       
      Malwarebytes' Anti-Malware 1.32
      Version de la base de données: 1653
      Windows 5.1.2600 Service Pack 2

      15/01/2009 07:26:48
      mbam-log-2009-01-15 (07-26-48).txt

      Type de recherche: Examen complet (C:\|)
      Eléments examinés: 95488
      Temps écoulé: 1 hour(s), 4 minute(s), 33 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 14
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 1
      Dossier(s) infecté(s): 31
      Fichier(s) infecté(s): 149

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_CLASSES_ROOT\Interface\{abcd4567-4d73-43e9-85e5-53a2dbd95422} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{abcd4567-d8e8-4df1-a3ea-d0aa72f42622} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{abcd4567-76b5-4bc7-aac5-396d70925b22} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{abcd4567-7437-43ef-ab74-4ab1d3a37422} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178f3fb-2560-458f-bdee-631e2fe0dfe4} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b5141620-c2b2-4d95-9f0f-134d99c87ab0} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{1417c633-8684-4e6b-8120-be47f31d30d7} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{28a5bd64-8d1f-4893-ac13-dc300d242848} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{adc92d90-63a3-4e70-bc4d-be00a573faf5} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\USLst (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\USS (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\drivecleaner (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\drivecleaner (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

      Dossier(s) infecté(s):
      C:\Program Files\WinAntiVirus Pro 2007 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\AWBase (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\Download (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\Download\cxzivxcd (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\Download\dabrflit (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\Download\jkhbpgoe (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\plugins (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\res (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\Fichiers communs\DriveCleaner (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
      C:\Program Files\Fichiers communs\SystemDoctor (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\1cf09c3b4365406592082199 (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\1cf09c3b4365406592082199\b29a17774e9242890a2cf881 (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\1cf09c3b4365406592082199\f1680e1f394f4d362b79edb3 (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\1cf09c3b4365406592082199\f549c7be0f564050d8394996 (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\499d4787120d46783c6791bf (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\499d4787120d46783c6791bf\5db48824b1374f00c0b2b0a7 (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\Download (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\Download\cnbbasyg (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\armocida\Application Data\SystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\armocida\Application Data\SystemDoctor Free\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\armocida\Application Data\DriveCleaner (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\armocida\Application Data\DriveCleaner\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\Program Files\WinAntiVirus Pro 2007\msvcp71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\msvcr71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\Download\cxzivxcd\enemies1840.exe (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\Download\dabrflit\enemies1840.exe (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\Download\jkhbpgoe\enemies1840.exe (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\WinAntiVirus Pro 2007\res\wa7p.gif (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\Fichiers communs\DriveCleaner\err.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Activate.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\atl71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\AV.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\dc.xml (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\DC6V.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\DCShell.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\DCShell.xml (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\diagnosis.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\incmp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\lapv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\license.rtf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\manual.pdf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\mfc71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\msvcp71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\msvcr71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\proc.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\ps.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\pv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\readme.rtf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\ResErrors.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\ScanReport.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Schedule.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\sr.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Support.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\unins000.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\unins000.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\unwizard.xml (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\up.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\updater.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\vbpv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\AE_CD_Cr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\AReadr4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\AReadr5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\ASDSEEpv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\ASPack.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\Babylon.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\BDelphi5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\CatchUp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\CBuildr5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\CCGA.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\CManager.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\CuteFTP4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\CuteHTML.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\DAcceler.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\DiscJug.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\ECDCreat4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\Far.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\FFTsks.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\FlashFXP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\FrntPage.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\FrontPEx.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\FtpEXP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\FtpVoya.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\GetRight.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\GoZilla.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\GravMRU.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\HomeSite.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\HotDogPr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\H_TxtPad.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\IconExtr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\iMesh.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\ImgReady3.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\InsShExp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\JASC_P_P.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\KaZaA.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\LView.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MacDir.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MacDrWea.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MicAng.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MicDes.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MMUnDisk.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MM_CON.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\Morpheus.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MPaint.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MPicPub.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MPImaGal.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MSExplorer.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MSoffice.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MSRegEdit.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MSWMP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\MSWordPad.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\Nero.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\NetShow.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\NTBackup.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\pfilelst.xda (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\PhotShel.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\PHPCoder.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\PowerZIP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\RapidBr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\RealAuPl.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\RealDown.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\SecurCRT.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\SL_BlWin.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\SmartClr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\Sonique.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\StuffIt.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\TelepPro.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\UGifAnim.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\UltraEd.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\UMedStud.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\UPhImpV.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\UPhotoEx.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\UVidStud.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\VNC.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\WebFeret.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\WebReap.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\WinACE.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\WinGate.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\WinRAR.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\WinZIP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\WiseInst.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\wordslst.xda (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\YahooPl.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\DriveCleaner\Appbase\ZipMagic.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data\mav_startupmon.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
      C:\Program Files\Fichiers communs\SystemDoctor\err.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\Abbr (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ActivationCode (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\HOURS (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ProductCode (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\Abbr (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\ActivationCode (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\CustomerEmail (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\CustomerName (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\InstallPath (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\OID (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\PCID (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\ProductCode (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\DriveCleaner\Data\Suspicious (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\wwfx5.dmp (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\1cf09c3b4365406592082199\#internal (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\1cf09c3b4365406592082199\b29a17774e9242890a2cf881\#internal (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\1cf09c3b4365406592082199\f1680e1f394f4d362b79edb3\#internal (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\1cf09c3b4365406592082199\f549c7be0f564050d8394996\#internal (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\499d4787120d46783c6791bf\#internal (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\499d4787120d46783c6791bf\5db48824b1374f00c0b2b0a7\#internal (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Program Files\WinFixer\Download\cnbbasyg\WFX5VUpdate.exe (Rogue.WinFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\armocida\Application Data\SystemDoctor Free\Logs\update.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
      C:\Documents and Settings\armocida\Application Data\DriveCleaner\activator_info.txt (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\armocida\Application Data\DriveCleaner\Logs\Activate.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\armocida\Application Data\DriveCleaner\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\stera.job (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
      VOICI le contenue d malware!
      que dois je faire ensuite
      0