Rapport HiJackThis

Fermé
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009 - 19 avril 2009 à 04:26
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009 - 21 avril 2009 à 04:30
Bonjour a tous mon pc rame parfois il gele totalement j'aimerais savoir si je suis infecté et que dois-je faire si c'est le cas , merci beaucoup j'espere avoir une reponse


le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:22:56, on 2009-04-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE
C:\WINDOWS.0\system32\cisvc.exe
C:\WINDOWS.0\system32\PSIService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\TUProgSt.exe
C:\WINDOWS.0\Explorer.EXE
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS.0\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS.0\system32\cidaemon.exe
C:\Documents and Settings\maxime\Bureau\Hi\HijackThis.exe
C:\Program Files\Safari\Safari.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VisualTool - {F3A54897-9E68-B11E-A37A-4D1422CE9CAA} - (no file)
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Windows Post Install] RunDll32 advpack.dll,LaunchINFSection "E:\$OEM$\RunWPI.inf",Execute
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - AppInit_DLLs:
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Service Google Update (gupdate1c9a63b17bac130) (gupdate1c9a63b17bac130) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS.0\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS.0\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS.0\System32\TUProgSt.exe

21 réponses

Utilisateur anonyme
19 avril 2009 à 04:35
Salut,

==>>Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.<<===


!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

▶ Double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...

▶ Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .

▶ Choisis l'option 1 ( "recherche") et tapes "entrée" .

▶Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
de son contenu dans ta prochaine réponse ...

( le rapport est en outre sauvegardé ici -> C:\TB.txt )

Tutoriel Toolbard-S&D

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.


0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
19 avril 2009 à 05:05
oupss pardon je n'avais pas bien lu ...


rapport toolbard-S&D :



-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : maxime ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
Firewall : Pare-feu BitDefender 12.0 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:56 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:19 Go (Free:19 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 2009-04-18|23:01 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\Crawler
C:\Program Files\Crawler\adrkeys.dat
C:\Program Files\Crawler\confirm.dat
C:\Program Files\Crawler\ctbcomm.dll
C:\Program Files\Crawler\ctbr.dll
C:\Program Files\Crawler\CTipsDef.dll
C:\Program Files\Crawler\CToolbar.exe
C:\Program Files\Crawler\CUpdate.exe
C:\Program Files\Crawler\Download
C:\Program Files\Crawler\Languages
C:\Program Files\Crawler\STWSGLanguageAct
C:\Program Files\Crawler\TBR5LanguageAct
C:\Program Files\Crawler\Toolbar
C:\Program Files\Crawler\Update
C:\Program Files\Crawler\WebSecurityGuard.dll
C:\Program Files\Crawler\WSGData
C:\Program Files\Crawler\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Languages\TBR5_FR.cab
C:\Program Files\Crawler\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Languages\TBR5_NL.cab
C:\Program Files\Crawler\Languages\TBR5_PL.cab
C:\Program Files\Crawler\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Languages\TBR5_RU.cab
C:\Program Files\Crawler\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\adrkeys.dat
C:\Program Files\Crawler\Toolbar\Cache
C:\Program Files\Crawler\Toolbar\COMMON_FF.dat
C:\Program Files\Crawler\Toolbar\confirm.dat
C:\Program Files\Crawler\Toolbar\ctbcomm.dll
C:\Program Files\Crawler\Toolbar\ctbr.dll
C:\Program Files\Crawler\Toolbar\CTConf.dat
C:\Program Files\Crawler\Toolbar\CTipsDef.dll
C:\Program Files\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Crawler\Toolbar\CUpdate.exe
C:\Program Files\Crawler\Toolbar\firefox
C:\Program Files\Crawler\Toolbar\Languages
C:\Program Files\Crawler\Toolbar\lookfor.dat
C:\Program Files\Crawler\Toolbar\majorse.dat
C:\Program Files\Crawler\Toolbar\rootmenu.dat
C:\Program Files\Crawler\Toolbar\services.dat
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct
C:\Program Files\Crawler\Toolbar\STWSG_FF.dat
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct
C:\Program Files\Crawler\Toolbar\Update
C:\Program Files\Crawler\Toolbar\WebSecurityGuard.dll
C:\Program Files\Crawler\Toolbar\WSGData
C:\Program Files\Crawler\Toolbar\Cache\COMMON
C:\Program Files\Crawler\Toolbar\Cache\STWSG
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\EMAIL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\POPBLOCKER_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SHOP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SPELL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\TRAVEL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WAYBACK_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\YP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\STBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\STBUTTON_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\STBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\firefox\chrome
C:\Program Files\Crawler\Toolbar\firefox\chrome.manifest
C:\Program Files\Crawler\Toolbar\firefox\components
C:\Program Files\Crawler\Toolbar\firefox\install.ini
C:\Program Files\Crawler\Toolbar\firefox\install.rdf
C:\Program Files\Crawler\Toolbar\firefox\stwsg_ff.ini
C:\Program Files\Crawler\Toolbar\firefox\chrome\common.jar
C:\Program Files\Crawler\Toolbar\firefox\chrome\stwsg.jar
C:\Program Files\Crawler\Toolbar\firefox\components\xcomm.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xplugin.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.dll
C:\Program Files\Crawler\Toolbar\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_NL.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_FR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_NL.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PL.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_RU.cab
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\Update\domains.cab
C:\Program Files\Crawler\Toolbar\Update\domains_001_diff.cab
C:\Program Files\Crawler\Toolbar\Update\domains_031_diff.cab
C:\Program Files\Crawler\Toolbar\WSGData\domains
C:\Program Files\Crawler\Toolbar\WSGData\g_S-1-5-21-1935655697-152049171-1343024091-1003.dat
C:\Program Files\Crawler\Toolbar\WSGData\p_S-1-5-21-1935655697-152049171-1343024091-1003.dat
C:\Program Files\Crawler\Toolbar\WSGData\ud_S-1-5-21-1935655697-152049171-1343024091-1003.dat
C:\Program Files\Crawler\Toolbar\WSGData\wfilter.dat
C:\Program Files\Crawler\Toolbar\WSGData\w_S-1-5-21-1935655697-152049171-1343024091-1003.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_030.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_030_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_031.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_031_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\index.dat
C:\Program Files\Crawler\WSGData\domains
C:\Program Files\Crawler\WSGData\g_S-1-5-21-117609710-436374069-839522115-1004.dat
C:\Program Files\Crawler\WSGData\p_S-1-5-21-117609710-436374069-839522115-1004.dat
C:\Program Files\Crawler\WSGData\w_S-1-5-21-117609710-436374069-839522115-1004.dat
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\Barre d'outils Crawler
C:\Program Files\FBrowserAdvisor
C:\WINDOWS.0\iun6002.exe

-----------\\ Extensions

(maxime) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS.0\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446"
"First Home Page"="https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


--------------------\\ Recherche d'autres infections

C:\Program Files\WebMediaPlayer
C:\Program Files\WebMediaPlayer\resources
C:\Program Files\WebMediaPlayer\skins
C:\Program Files\WebMediaPlayer\sqlite3.dll
C:\Program Files\WebMediaPlayer\updates
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\WebMediaPlayer
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\WebMediaPlayer\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\WebMediaPlayer\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\WebMediaPlayer\Website.url

C:\DOCUME~1\maxime\LOCALS~1\APPLIC~1\bygdqe.dat
C:\DOCUME~1\maxime\LOCALS~1\APPLIC~1\bygdqe_nav.dat
C:\DOCUME~1\maxime\LOCALS~1\APPLIC~1\bygdqe_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\maxime\Bureau\truc\musique\albums hip-hop queb\mixtape-lunderground_de_ta_ville_vol_1\hhqc_com-07-Goodfellaz fr Koriass et Prinz Ali Pure suburban crack.mp3
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
19 avril 2009 à 04:53
bon j'ai fais comme tu me la dis voici ce que ca donne

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:48:28, on 2009-04-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE
C:\WINDOWS.0\system32\cisvc.exe
C:\WINDOWS.0\system32\PSIService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\TUProgSt.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\ctfmon.exe
C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS.0\system32\cidaemon.exe
C:\WINDOWS.0\system32\wuauclt.exe
C:\Program Files\Windows NT\Accessoires\wordpad.exe
C:\Documents and Settings\maxime\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VisualTool - {F3A54897-9E68-B11E-A37A-4D1422CE9CAA} - (no file)
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Windows Post Install] RunDll32 advpack.dll,LaunchINFSection "E:\$OEM$\RunWPI.inf",Execute
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - AppInit_DLLs:
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE
O23 - Service: Service Google Update (gupdate1c9a63b17bac130) (gupdate1c9a63b17bac130) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS.0\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS.0\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS.0\System32\TUProgSt.exe
0
Utilisateur anonyme
19 avril 2009 à 06:32
Re,

▶ Nettoyage avec ToolBar S&D :

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

▶Relances Toolbar-S&D en double-cliquant sur le raccourci.

▶ Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".

Note : Ne touches à rien lors de la suppression !!

▶ Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
19 avril 2009 à 06:44
merci beaucoup pour l'aide..

voila ce que sa donne:


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : maxime ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Not Activated)
Firewall : Pare-feu BitDefender 12.0 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:56 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:19 Go (Free:19 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT - Total:962 Mo (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 2009-04-19| 0:39 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\Crawler\adrkeys.dat
Supprime! - C:\Program Files\Crawler\confirm.dat
Supprime! - C:\Program Files\Crawler\ctbcomm.dll
Supprime! - C:\Program Files\Crawler\ctbr.dll
Supprime! - C:\Program Files\Crawler\CTipsDef.dll
Supprime! - C:\Program Files\Crawler\CToolbar.exe
Supprime! - C:\Program Files\Crawler\CUpdate.exe
Supprime! - C:\Program Files\Crawler\Download
Supprime! - C:\Program Files\Crawler\Languages
Supprime! - C:\Program Files\Crawler\STWSGLanguageAct
Supprime! - C:\Program Files\Crawler\TBR5LanguageAct
Supprime! - C:\Program Files\Crawler\Toolbar
Supprime! - C:\Program Files\Crawler\Update
Supprime! - C:\Program Files\Crawler\WebSecurityGuard.dll
Supprime! - C:\Program Files\Crawler\WSGData
Supprime! - C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\Barre d'outils Crawler
Supprime! - C:\WINDOWS.0\iun6002.exe
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\Crawler
Supprime! - C:\Program Files\FBrowserAdvisor

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(maxime) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS.0\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446"
"First Home Page"="https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections

C:\Program Files\WebMediaPlayer
C:\Program Files\WebMediaPlayer\resources
C:\Program Files\WebMediaPlayer\skins
C:\Program Files\WebMediaPlayer\sqlite3.dll
C:\Program Files\WebMediaPlayer\updates
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\WebMediaPlayer
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\WebMediaPlayer\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\WebMediaPlayer\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1.0\MENUDM~1\PROGRA~1\WebMediaPlayer\Website.url

C:\DOCUME~1\maxime\LOCALS~1\APPLIC~1\bygdqe.dat
C:\DOCUME~1\maxime\LOCALS~1\APPLIC~1\bygdqe_nav.dat
C:\DOCUME~1\maxime\LOCALS~1\APPLIC~1\bygdqe_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\maxime\Bureau\truc\musique\albums hip-hop queb\mixtape-lunderground_de_ta_ville_vol_1\hhqc_com-07-Goodfellaz fr Koriass et Prinz Ali Pure suburban crack.mp3



1 - "C:\ToolBar SD\TB_1.txt" - 2009-04-18|23:02 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 2009-04-19| 0:41 - Option : [2]

-----------\\ Fin du rapport a 0:41:50,71
0
Utilisateur anonyme
19 avril 2009 à 06:47
Re,

▶ Installe NAVILOG1

Remarque concernant la détection de Navilog1 par certains programmes de sécurités :

▶ Certains fichiers de Navilog1.exe peuvent être considérés comme dangereux et donc supprimés ou neutralisés par certains programmes de sécurités. Ce sont des faux positifs et dans certains cas, vous serez amener à désactiver votre protection le temps du téléchargement/utilisation de Navilog1.
/ !\ Déconnecte toi du net et désactive ton antivirus et antispyware résident pour que Navilog1 puisse s'exécuter normalement. / !\


Le lancement de l'installation de Navilog1 se fait en exécutant Navilog1.exe

(Si vous avez téléchargé navilog1.zip, Veuillez auparavant décompresser ce fichier)

Une fois l'installation terminé, pour lancer le fix :

- en utilisant le raccourci crée sur le bureau : Navilog1

- Via le poste de travail, en exécutant le fichier Navilog1.bat se trouvant dans %program files%Navilog1

Après le choix de la langue et les messages d'avertissement, le menu s'affiche.

Faite le choix 1

Effectue la vérification du système à la recherche de l'adware. Un scan avec catchme de GMER est également éffectué pour Windows XP. Cette analyse peut durer une dizaine de minutes. Patientez alors jusqu'au message «Analyse terminée le ....». Appuyez sur une touche comme demandé et le bloc note va souvrir , Enregistrez-le sur votre disque. Puis Ouvrez-le et Copiez-Collez l'intégralité de ce rapport sur le forum qui vous l'auras demandé.

(si le bloc-note ne s'ouvre pas : Rendez-vous dans votre poste de travail, à la racine du disque C vous trouverez le rapport sous le nom de fixnavi.txt)

Attention : Ne lancez-pas la partie désinfection (choix 2, 3 ou 4) sans l'avis/accord express de l'Helper qui vous as pris en charge sur le forum d'aide ou vous aurez exposer votre problème.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
19 avril 2009 à 07:07
voila :


Search Navipromo version 3.7.6 commencé le 2009-04-19 à 0:52:48,24

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : maxime ( Administrator )
BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
Firewall : Pare-feu BitDefender 12.0 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:56 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:19 Go (Free:19 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT - Total:962 Mo (Free:0 Go)


Recherche executé en mode normal


*** Recherche dossiers dans "C:\WINDOWS.0" ***


*** Recherche dossiers dans "C:\Program Files" ***

...\WebMediaPlayer trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS.0\menudm~1\progra~1" ***

...\WebMediaPlayer trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS.0\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1.0\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\maxime\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.FUC\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\nat\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\nathalie\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ordi\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\maxime\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.FUC\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\nat\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\nathalie\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ordi\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\maxime\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.FUC\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\nat\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\nathalie\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ordi\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS.0\system32" *

* Recherche dans "C:\Documents and Settings\maxime\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1.FUC\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\nat\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\nathalie\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ordi\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\mc

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS.0\system32" :


* Dans "C:\Documents and Settings\maxime\locals~1\applic~1" :

bygdqe.dat trouvé !
bygdqe_nav.dat trouvé !
bygdqe_navps.dat trouvé !

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1.FUC\locals~1\applic~1" :


* Dans "C:\DOCUME~1\nat\locals~1\applic~1" :


* Dans "C:\DOCUME~1\nathalie\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ordi\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 2009-04-19 à 1:05:04,75 ***
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Utilisateur anonyme
19 avril 2009 à 07:11
Re,

Navilog1 option2

Déconnecte toi du net et désactive ton antivirus et antispyware résident pour que Navilog1 puisse s'exécuter normalement.

Double-clique sur le raccourci Navilog1 présent sur ton Bureau.

▶ Au menu principal, Fais le choix 2
Laisse toi guider et patiente.
Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts.
Appuie sur une touche comme demandé.
(Si ton PC ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle si nécessaire.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport sur ton Bureau de manière à le retrouver.
Referme le Bloc-notes. Ton Bureau va réapparaître

PS : Si ton Bureau ne réapparaît pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Cliques en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Cela te fera apparaître ton Bureau

Poste le rapport de Navilog1 (contenu du fichier navi2.txt) en réponse et dis moi si tu constates des améliorations.

/!\Pense à ré-activer ton antivirus et antispyware résident avant de te reconnecter sur "la toile"./!\

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
19 avril 2009 à 07:27
Clean Navipromo version 3.7.6 commencé le 2009-04-19 à 1:15:00,89

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : maxime ( Administrator )
BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
Firewall : Pare-feu BitDefender 12.0 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:56 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:19 Go (Free:19 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS.0\System32" *


* Suppression dans "C:\Documents and Settings\maxime\locals~1\applic~1" *


* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ADMINI~1.FUC\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\nat\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\nathalie\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ordi\locals~1\applic~1" *


*** Suppression dossiers dans "C:\WINDOWS.0" ***


*** Suppression dossiers dans "C:\Program Files" ***

...\WebMediaPlayer ...suppression...
...\WebMediaPlayer supprimé !


*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS.0\menudm~1\progra~1" ***

...\WebMediaPlayer ...suppression...
...\WebMediaPlayer supprimé !


*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS.0\menudm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1.0\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\maxime\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.FUC\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\nat\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\nathalie\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ordi\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\maxime\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.FUC\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\nat\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\nathalie\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ordi\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\maxime\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.FUC\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\nat\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\nathalie\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ordi\menudm~1\progra~1" ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS.0\Temp effectué !
Nettoyage contenu C:\Documents and Settings\maxime\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS.0\system32" *


* Dans "C:\Documents and Settings\maxime\locals~1\applic~1" *


bygdqe.dat trouvé !
Copie bygdqe.dat réalisée avec succès !
bygdqe.dat supprimé !

bygdqe_nav.dat trouvé !
Copie bygdqe_nav.dat réalisée avec succès !
bygdqe_nav.dat supprimé !

bygdqe_navps.dat trouvé !
Copie bygdqe_navps.dat réalisée avec succès !
bygdqe_navps.dat supprimé !


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


* Dans "C:\DOCUME~1\ADMINI~1.FUC\locals~1\applic~1" *


* Dans "C:\DOCUME~1\nat\locals~1\applic~1" *


* Dans "C:\DOCUME~1\nathalie\locals~1\applic~1" *


* Dans "C:\DOCUME~1\ordi\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***



*** Nettoyage terminé le 2009-04-19 à 1:20:29,39 ***


(quel antivirus,firewall,anti-spyware me recommande tu?? bref j'aimerais avoir l'ultime protection pour plus avoir de caca.. gratuit eventuellement si possible, deja le pc est plus rapide au demarrage... merci bcp !!)
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
19 avril 2009 à 15:48
merci pour tout c'est regler
0
Utilisateur anonyme
19 avril 2009 à 18:15
Re,

Ce n'est pas terminer...

▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur ' continue ' à l'écran Disclaimer.

Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports séparément.
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
20 avril 2009 à 18:29
voici les 2 rapports :


info.txt logfile of random's system information tool 1.06 2009-04-20 20:53:02

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\MAGIX\Speed2_burnR_mxcdr\unwise.exe
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS.0\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS.0\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS.0\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 6.0.2 CE-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-CEA000000001}
Adobe Shockwave Player 11-->C:\WINDOWS.0\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS.0\system32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS.0\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS.0\$NtUninstallKB961118$\spuninst\spuninst.exe"
DFX for Windows Media Player-->C:\Program Files\DFX\uninstall_WMP.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DropMyRights-->MsiExec.exe /I{E5B72007-07C9-4E67-B29E-696073F45704}
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{548EAC70-EE00-11DD-908C-005056806466}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS.0\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS.0\$NtUninstallKB929399$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS.0\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS.0\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS.0\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS.0\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS.0\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS.0\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS.0\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS.0\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS.0\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS.0\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS.0\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS.0\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS.0\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS.0\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS.0\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS.0\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS.0\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS.0\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS.0\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS.0\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS.0\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS.0\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS.0\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS.0\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS.0\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS.0\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS.0\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS.0\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS.0\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS.0\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS.0\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS.0\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS.0\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS.0\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS.0\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS.0\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS.0\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS.0\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS.0\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS.0\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS.0\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS.0\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS.0\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS.0\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS.0\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\mmmusic.inf,DefaultUninstall
Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\mmsounds.inf,DefaultUninstall
Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\mmtitle.inf,DefaultUninstall
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Navilog1 3.7.6-->"C:\Program Files\Navilog1\unins000.exe"
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\drmtool.inf,DefaultUninstall
PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Safari-->MsiExec.exe /X{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
SafeCast Shared Components-->C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe"
The Simpsons Hit & Run(TM)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79AAB3A-B8B4-4AC7-94AB-1C4C076C6A89}\setup.exe" -l0x40c
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Unity Web Player-->C:\Program Files\Unity\WebPlayer\Uninstall.exe
VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VisualTool-->C:\Program Files\VisualTool\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Media Bonus Pack for Windows XP-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\wmbonus.inf,DefaultUninstall
Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\wa2wmp.inf,DefaultUninstall
Windows Media Player Tray Control-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\mpxptray.inf,DefaultUninstall
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS.0\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
ZoneAlarm Pro-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: BitDefender Antivirus (disabled)
FW: Pare-feu BitDefender (disabled)
FW: ZoneAlarm Pro Firewall

======System event log======

Computer Name: NATH-9AF167A187
Event Code: 59
Message: Generate Activation Context a échoué pour C:\Program Files\Kiwee Toolbar\2.8.167\MFC80U.DLL.
Message d'erreur de référence : Opération réussie.
.

Record Number: 435
Source Name: SideBySide
Time Written: 20081015151159.000000-240
Event Type: erreur
User:

Computer Name: NATH-9AF167A187
Event Code: 59
Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.MFCLOC.
Message d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système.
.

Record Number: 434
Source Name: SideBySide
Time Written: 20081015151159.000000-240
Event Type: erreur
User:

Computer Name: NATH-9AF167A187
Event Code: 32
Message: L'assemblage dépendant Microsoft.VC80.MFCLOC ne peut pas être trouvé. La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.


Record Number: 433
Source Name: SideBySide
Time Written: 20081015151159.000000-240
Event Type: erreur
User:

Computer Name: NATH-9AF167A187
Event Code: 59
Message: Generate Activation Context a échoué pour C:\Program Files\Kiwee Toolbar\2.8.167\MFC80U.DLL.
Message d'erreur de référence : Opération réussie.
.

Record Number: 432
Source Name: SideBySide
Time Written: 20081015144029.000000-240
Event Type: erreur
User:

Computer Name: NATH-9AF167A187
Event Code: 59
Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.MFCLOC.
Message d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système.
.

Record Number: 431
Source Name: SideBySide
Time Written: 20081015144029.000000-240
Event Type: erreur
User:

=====Application event log=====

Computer Name: NATH-9AF167A187
Event Code: 1000
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 3654
Source Name: LoadPerf
Time Written: 20090128085342.000000-300
Event Type: Informations
User:

Computer Name: NATH-9AF167A187
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés.
Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système
et les dernières entrées du registre d'aide.

Record Number: 3653
Source Name: LoadPerf
Time Written: 20090128085342.000000-300
Event Type: Informations
User:

Computer Name: NATH-9AF167A187
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 3652
Source Name: SecurityCenter
Time Written: 20090128085156.000000-300
Event Type: Informations
User:

Computer Name: NATH-9AF167A187
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 3651
Source Name: SecurityCenter
Time Written: 20090129112309.000000-300
Event Type: Informations
User:

Computer Name: NATH-9AF167A187
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur NATH-9AF167A187\maxime alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 3650
Source Name: Userenv
Time Written: 20090129112037.000000-300
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"tvdumpflags"=8

-----------------EOF-----------------





Logfile of random's system information tool 1.06 (written by random/random)
Run by maxime at 2009-04-20 20:52:58
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 24 GB (41%) free of 58 GB
Total RAM: 991 MB (54% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS.0\tasks\AppleSoftwareUpdate.job
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachine.job
C:\WINDOWS.0\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-10 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3A54897-9E68-B11E-A37A-4D1422CE9CAA}]
VisualTool

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Post Install"=RunDll32 advpack.dll,LaunchINFSection E:\$OEM$\RunWPI.inf,Execute []
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-18 981384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]

C:\Documents and Settings\maxime\Menu Démarrer\Programmes\Démarrage
Outil de notification Live Search.lnk - C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS.0\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\wpdshserviceobj.dll [2008-06-07 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"ForceClassicControlPanel"=1
"NoResolveTrack"=1
"NoResolveSearch"=1
"NoSMMyPictures"=0
"NoSMHelp"=1
"NoStartMenuPinnedList"=1
"NoSMConfigurePrograms"=1
"NoStartMenuMyMusic"=1
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.ini - open - notepad.exe %1
.txt - open - notepad.exe %1

======List of files/folders created in the last 3 months======

2009-04-20 20:52:58 ----D---- C:\rsit
2009-04-19 19:10:58 ----D---- C:\jaCombo
2009-04-19 19:10:57 ----A---- C:\WINDOWS.0\system32\CF19329.exe
2009-04-19 19:05:04 ----A---- C:\WINDOWS.0\zip.exe
2009-04-19 19:05:04 ----A---- C:\WINDOWS.0\vFind.exe
2009-04-19 19:05:04 ----A---- C:\WINDOWS.0\SWXCACLS.exe
2009-04-19 19:05:04 ----A---- C:\WINDOWS.0\SWSC.exe
2009-04-19 19:05:04 ----A---- C:\WINDOWS.0\SWREG.exe
2009-04-19 19:05:04 ----A---- C:\WINDOWS.0\sed.exe
2009-04-19 19:05:04 ----A---- C:\WINDOWS.0\NIRCMD.exe
2009-04-19 19:05:04 ----A---- C:\WINDOWS.0\grep.exe
2009-04-19 19:05:00 ----A---- C:\WINDOWS.0\system32\CF18160.exe
2009-04-19 18:54:51 ----D---- C:\WINDOWS.0\ERDNT
2009-04-19 18:54:48 ----D---- C:\Qoobox
2009-04-19 02:36:32 ----D---- C:\Program Files\SpywareBlaster
2009-04-19 02:29:48 ----A---- C:\WINDOWS.0\system32\vsutil_loc040c.dll
2009-04-19 02:29:43 ----A---- C:\WINDOWS.0\system32\vsregexp.dll
2009-04-19 02:29:40 ----A---- C:\WINDOWS.0\system32\zlcommdb.dll
2009-04-19 02:29:40 ----A---- C:\WINDOWS.0\system32\zlcomm.dll
2009-04-19 02:29:35 ----A---- C:\WINDOWS.0\system32\vswmi.dll
2009-04-19 02:29:33 ----A---- C:\WINDOWS.0\system32\zpeng25.dll
2009-04-19 02:29:33 ----A---- C:\WINDOWS.0\system32\vsxml.dll
2009-04-19 02:29:32 ----D---- C:\WINDOWS.0\system32\ZoneLabs
2009-04-19 02:29:32 ----D---- C:\Program Files\Zone Labs
2009-04-19 02:29:32 ----A---- C:\WINDOWS.0\system32\vspubapi.dll
2009-04-19 02:29:32 ----A---- C:\WINDOWS.0\system32\vsmonapi.dll
2009-04-19 02:28:36 ----A---- C:\WINDOWS.0\system32\vsutil.dll
2009-04-19 02:28:36 ----A---- C:\WINDOWS.0\system32\vsinit.dll
2009-04-19 02:28:36 ----A---- C:\WINDOWS.0\system32\vsdata.dll
2009-04-19 02:15:10 ----D---- C:\Program Files\Avira
2009-04-19 02:15:10 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Avira
2009-04-19 01:46:37 ----SHD---- C:\Config.Msi
2009-04-19 01:15:00 ----A---- C:\cleannavi.txt
2009-04-19 00:52:48 ----A---- C:\fixnavi.txt
2009-04-19 00:51:32 ----D---- C:\Program Files\Navilog1
2009-04-18 23:52:10 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Kaspersky Lab Setup Files
2009-04-18 23:01:34 ----A---- C:\TB.txt
2009-04-18 23:01:09 ----D---- C:\ToolBar SD
2009-04-18 22:12:51 ----D---- C:\Documents and Settings\maxime\Application Data\Comodo
2009-04-18 22:01:46 ----D---- C:\Program Files\Trend Micro
2009-04-18 21:22:14 ----D---- C:\Program Files\Microsoft Bootvis
2009-04-18 21:16:07 ----D---- C:\WINDOWS.0\pss
2009-04-18 21:07:14 ----D---- C:\Program Files\VisualTool
2009-04-18 20:40:01 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Comodo
2009-04-18 20:39:52 ----D---- C:\Program Files\COMODO
2009-04-17 02:47:14 ----HDC---- C:\WINDOWS.0\$NtUninstallKB959426$
2009-04-17 02:47:04 ----HDC---- C:\WINDOWS.0\$NtUninstallKB961373$
2009-04-17 02:44:03 ----HDC---- C:\WINDOWS.0\$NtUninstallKB956572$
2009-04-17 02:43:37 ----HDC---- C:\WINDOWS.0\$NtUninstallKB952004$
2009-04-17 02:43:28 ----HDC---- C:\WINDOWS.0\$NtUninstallKB960803$
2009-04-17 02:41:30 ----A---- C:\WINDOWS.0\imsins.BAK
2009-04-17 02:41:20 ----HDC---- C:\WINDOWS.0\$NtUninstallKB923561$
2009-04-16 23:17:54 ----D---- C:\Program Files\ma-config.com
2009-04-16 23:17:54 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\ma-config.com
2009-04-16 23:10:23 ----A---- C:\WINDOWS.0\system32\TUProgSt.exe
2009-04-16 23:10:20 ----A---- C:\WINDOWS.0\system32\uxtuneup.dll
2009-04-16 23:10:18 ----A---- C:\WINDOWS.0\system32\TuneUpDefragService.exe
2009-04-16 23:09:16 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-04-16 23:09:02 ----SHD---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-16 22:01:23 ----D---- C:\Program Files\RegCleaner
2009-04-16 21:59:24 ----A---- C:\WINDOWS.0\CleanUp.INI
2009-04-16 21:58:49 ----D---- C:\Program Files\CleanUp
2009-04-16 21:38:17 ----D---- C:\Program Files\Piratrax
2009-04-16 04:25:53 ----D---- C:\Program Files\Detective Agency
2009-04-16 04:24:06 ----D---- C:\Program Files\The Serpent of Isis
2009-04-16 04:21:07 ----D---- C:\Program Files\Flux Family Secrets - The Ripple Effect
2009-04-14 10:03:54 ----D---- C:\WINDOWS.0\system32\URTTEMP
2009-04-10 23:21:52 ----D---- C:\Program Files\CCleaner
2009-04-10 10:53:49 ----D---- C:\Program Files\DFX
2009-04-10 09:56:16 ----D---- C:\Program Files\VS Revo Group
2009-03-31 20:26:08 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Adobe
2009-03-21 21:40:24 ----D---- C:\Program Files\SymplisIT
2009-03-21 21:40:24 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\SymplisIT
2009-03-21 21:39:51 ----D---- C:\WINDOWS.0\Downloaded Installations
2009-03-21 21:20:36 ----A---- C:\WINDOWS.0\msnfix.txt
2009-03-21 20:10:31 ----D---- C:\fsaua.data
2009-03-21 19:21:19 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Azureus
2009-03-21 18:28:10 ----D---- C:\Documents and Settings\maxime\Application Data\Azureus
2009-03-21 18:24:41 ----D---- C:\Program Files\Vuze
2009-03-20 22:54:58 ----D---- C:\Program Files\Skwalie
2009-03-16 09:31:00 ----D---- C:\Documents and Settings\maxime\Application Data\Google
2009-03-15 18:49:35 ----D---- C:\ProgramData
2009-03-15 18:49:35 ----D---- C:\Program Files\Angle Interactive
2009-03-14 05:05:31 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\MailFrontier
2009-03-14 05:05:10 ----A---- C:\WINDOWS.0\system32\SpOrder.dll
2009-03-14 05:03:57 ----D---- C:\WINDOWS.0\Internet Logs
2009-03-14 05:02:30 ----A---- C:\WINDOWS.0\system32\MSSTDFMT.DLL
2009-03-14 04:55:11 ----D---- C:\Program Files\PopTray
2009-03-14 04:53:19 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Malwarebytes
2009-03-14 04:31:44 ----D---- C:\Documents and Settings\maxime\Application Data\GlarySoft
2009-03-14 04:26:50 ----D---- C:\Program Files\Glary Utilities
2009-03-12 13:58:24 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-12 13:17:36 ----D---- C:\Documents and Settings\maxime\Application Data\Unity
2009-03-12 00:08:09 ----HDC---- C:\WINDOWS.0\$NtUninstallKB960225$
2009-03-12 00:08:02 ----HDC---- C:\WINDOWS.0\$NtUninstallKB958690$
2009-03-12 00:07:25 ----HDC---- C:\WINDOWS.0\$NtUninstallKB959772_WM11$
2009-03-09 09:15:37 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Messenger Plus!
2009-03-09 07:24:19 ----D---- C:\Program Files\Safari
2009-03-08 15:14:29 ----D---- C:\Program Files\Fighters
2009-03-08 15:14:29 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Fighters
2009-03-08 15:13:32 ----A---- C:\Documents and Settings\maxime\Application Data\install.txt
2009-03-08 13:15:57 ----D---- C:\Program Files\Fichiers communs\BitDefender
2009-03-08 12:42:01 ----A---- C:\WINDOWS.0\system32\STKIT432.DLL
2009-03-08 12:41:48 ----D---- C:\Program Files\Registry Mechanic
2009-03-07 19:20:31 ----A---- C:\WINDOWS.0\system32\xactengine2_10.dll
2009-03-07 19:20:24 ----A---- C:\WINDOWS.0\system32\d3dx10_36.dll
2009-03-07 19:20:24 ----A---- C:\WINDOWS.0\system32\D3DCompiler_36.dll
2009-03-07 19:20:22 ----A---- C:\WINDOWS.0\system32\d3dx9_36.dll
2009-03-07 19:20:21 ----A---- C:\WINDOWS.0\system32\xactengine2_9.dll
2009-03-07 19:20:19 ----A---- C:\WINDOWS.0\system32\d3dx10_35.dll
2009-03-07 19:20:19 ----A---- C:\WINDOWS.0\system32\D3DCompiler_35.dll
2009-03-07 19:20:17 ----A---- C:\WINDOWS.0\system32\d3dx9_35.dll
2009-03-07 19:20:15 ----A---- C:\WINDOWS.0\system32\xactengine2_8.dll
2009-03-07 19:20:15 ----A---- C:\WINDOWS.0\system32\X3DAudio1_2.dll
2009-03-07 19:20:13 ----A---- C:\WINDOWS.0\system32\d3dx10_34.dll
2009-03-07 19:20:13 ----A---- C:\WINDOWS.0\system32\D3DCompiler_34.dll
2009-03-07 19:20:12 ----A---- C:\WINDOWS.0\system32\d3dx9_34.dll
2009-03-07 19:20:10 ----A---- C:\WINDOWS.0\system32\xinput1_3.dll
2009-03-07 19:20:08 ----A---- C:\WINDOWS.0\system32\xactengine2_7.dll
2009-03-07 19:20:06 ----A---- C:\WINDOWS.0\system32\d3dx10_33.dll
2009-03-07 19:20:06 ----A---- C:\WINDOWS.0\system32\D3DCompiler_33.dll
2009-03-07 19:19:42 ----A---- C:\WINDOWS.0\system32\xactengine2_6.dll
2009-03-07 19:19:41 ----A---- C:\WINDOWS.0\system32\xactengine2_5.dll
2009-03-07 19:19:40 ----A---- C:\WINDOWS.0\system32\d3dx9_32.dll
2009-03-07 19:19:38 ----A---- C:\WINDOWS.0\system32\xactengine2_4.dll
2009-03-07 19:19:38 ----A---- C:\WINDOWS.0\system32\x3daudio1_1.dll
2009-03-07 19:19:37 ----A---- C:\WINDOWS.0\system32\d3dx9_31.dll
2009-03-07 19:19:35 ----A---- C:\WINDOWS.0\system32\xinput1_2.dll
2009-03-07 19:19:35 ----A---- C:\WINDOWS.0\system32\xactengine2_3.dll
2009-03-07 19:19:33 ----A---- C:\WINDOWS.0\system32\xactengine2_2.dll
2009-03-07 19:19:32 ----A---- C:\WINDOWS.0\system32\xinput1_1.dll
2009-03-07 19:19:31 ----A---- C:\WINDOWS.0\system32\xactengine2_1.dll
2009-03-07 19:19:05 ----A---- C:\WINDOWS.0\system32\d3dx9_30.dll
2009-03-07 19:19:03 ----A---- C:\WINDOWS.0\system32\xactengine2_0.dll
2009-03-07 19:19:03 ----A---- C:\WINDOWS.0\system32\x3daudio1_0.dll
2009-03-07 19:19:02 ----A---- C:\WINDOWS.0\system32\d3dx9_29.dll
2009-03-07 19:19:01 ----A---- C:\WINDOWS.0\system32\xinput9_1_0.dll
2009-03-07 19:19:01 ----A---- C:\WINDOWS.0\system32\d3dx9_28.dll
2009-03-07 19:19:00 ----A---- C:\WINDOWS.0\system32\d3dx9_27.dll
2009-03-07 19:18:58 ----A---- C:\WINDOWS.0\system32\d3dx9_26.dll
2009-03-07 16:58:36 ----N---- C:\WINDOWS.0\system32\pxcpyi64.exe
2009-03-07 16:58:32 ----N---- C:\WINDOWS.0\system32\pxcpya64.exe
2009-03-07 16:58:29 ----N---- C:\WINDOWS.0\system32\pxinsi64.exe
2009-03-07 16:58:26 ----N---- C:\WINDOWS.0\system32\pxinsa64.exe
2009-03-07 16:58:23 ----N---- C:\WINDOWS.0\system32\pxhpinst.exe
2009-03-07 16:58:21 ----N---- C:\WINDOWS.0\system32\pxafs.dll
2009-03-07 16:58:17 ----N---- C:\WINDOWS.0\system32\pxsfs.dll
2009-03-07 16:58:13 ----N---- C:\WINDOWS.0\system32\pxdrv.dll
2009-03-07 16:58:10 ----N---- C:\WINDOWS.0\system32\vxblock.dll
2009-03-07 16:57:49 ----N---- C:\WINDOWS.0\system32\pxwave.dll
2009-03-07 16:57:46 ----N---- C:\WINDOWS.0\system32\pxmas.dll
2009-03-07 16:57:42 ----N---- C:\WINDOWS.0\system32\px.dll
2009-02-26 00:27:31 ----HDC---- C:\WINDOWS.0\$NtUninstallKB961118$
2009-02-26 00:27:14 ----HDC---- C:\WINDOWS.0\$NtUninstallKB967715$
2009-02-26 00:25:08 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\CyberLink
2009-02-26 00:24:49 ----D---- C:\Documents and Settings\maxime\Application Data\CyberLink
2009-02-23 02:27:29 ----D---- C:\Program Files\Microsoft Sync Framework
2009-02-21 04:09:12 ----D---- C:\Program Files\Windows Live SkyDrive
2009-02-17 20:00:13 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\wmp
2009-02-15 18:00:17 ----D---- C:\Program Files\The Hidden Prophecies of Nostradamus
2009-02-15 17:58:15 ----D---- C:\Program Files\MonsterQuest
2009-02-15 14:27:52 ----D---- C:\Program Files\Elizabeth Find MD - Diagnosis Mystery
2009-02-13 17:51:40 ----D---- C:\Program Files\TuneUp Utilities 2007
2009-02-13 17:51:40 ----D---- C:\Documents and Settings\maxime\Application Data\TuneUp Software
2009-02-13 17:51:21 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TuneUp Software
2009-02-12 19:19:32 ----HDC---- C:\WINDOWS.0\$NtUninstallKB960715$
2009-02-11 19:35:32 ----D---- C:\Program Files\Adventures of Robinson Crusoe
2009-02-06 18:52:40 ----A---- C:\WINDOWS.0\system32\sirenacm.dll
2009-02-04 04:11:00 ----D---- C:\WINDOWS.0\Cambrosia Webcam Viewer
2009-02-01 17:47:26 ----D---- C:\Program Files\Webcam Video Capture
2009-02-01 17:44:50 ----D---- C:\Program Files\Common Files
2009-02-01 17:34:08 ----A---- C:\WINDOWS.0\system32\vfwwdm32.dll
2009-02-01 17:33:25 ----A---- C:\WINDOWS.0\amcap.exe
2009-02-01 17:33:16 ----A---- C:\WINDOWS.0\system32\vsnp325.dll
2009-01-31 01:07:16 ----D---- C:\Documents and Settings\maxime\Application Data\Todae
2009-01-30 18:17:04 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\SRS Labs
2009-01-30 16:40:05 ----D---- C:\Documents and Settings\maxime\Application Data\NetMedia Providers
2009-01-30 16:40:04 ----D---- C:\Documents and Settings\maxime\Application Data\Publish Providers
2009-01-29 14:52:56 ----D---- C:\Program Files\Bonjour
2009-01-29 12:26:20 ----D---- C:\Program Files\Premium Booster
2009-01-29 12:05:27 ----DC---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-01-29 12:00:25 ----D---- C:\Documents and Settings\maxime\Application Data\uniblue
2009-01-29 11:59:53 ----D---- C:\Program Files\Uniblue
2009-01-29 11:53:45 ----C---- C:\WINDOWS.0\system32\spmsg2.dll
2009-01-29 11:53:35 ----HDC---- C:\WINDOWS.0\$NtUninstallXPSEPSCLP$
2009-01-29 11:49:27 ----D---- C:\Program Files\Sony Setup
2009-01-29 11:47:10 ----D---- C:\WINDOWS.0\system32\XPSViewer
2009-01-29 11:47:05 ----D---- C:\Program Files\MSBuild
2009-01-29 11:47:00 ----D---- C:\WINDOWS.0\system32\en-US
2009-01-29 11:46:49 ----D---- C:\Program Files\Reference Assemblies
2009-01-29 11:44:45 ----C---- C:\WINDOWS.0\system32\xpssvcs.dll
2009-01-29 11:44:45 ----C---- C:\WINDOWS.0\system32\xpsshhdr.dll
2009-01-29 11:44:45 ----C---- C:\WINDOWS.0\system32\prntvpt.dll
2009-01-29 11:34:41 ----RHD---- C:\AHCache
2009-01-29 11:08:42 ----D---- C:\Program Files\VideoLAN
2009-01-29 10:42:00 ----D---- C:\Documents and Settings\maxime\Application Data\Cycling '74
2009-01-29 10:40:52 ----D---- C:\Program Files\Steinberg
2009-01-29 10:31:31 ----D---- C:\Program Files\Horloge
2009-01-29 10:16:47 ----D---- C:\Program Files\MP3 Remix
2009-01-29 10:16:47 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\MP3 Remix
2009-01-29 10:15:20 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\DFX
2009-01-29 10:15:14 ----D---- C:\Program Files\Fichiers communs\DFX
2009-01-29 10:14:42 ----AC---- C:\WINDOWS.0\system32\ospitray.exe
2009-01-29 10:14:06 ----AC---- C:\WINDOWS.0\system32\dzip32.dll
2009-01-29 10:14:06 ----AC---- C:\WINDOWS.0\system32\dunzip32.dll
2009-01-29 10:13:49 ----D---- C:\Program Files\Windows Media Bonus Pack for Windows XP
2009-01-29 09:44:11 ----D---- C:\Documents and Settings\maxime\Application Data\KC Softwares
2009-01-29 08:57:57 ----D---- C:\Documents and Settings\maxime\Application Data\Hide IP NG
2009-01-29 08:43:19 ----D---- C:\Program Files\SuperLost
2009-01-29 08:39:18 ----D---- C:\Documents and Settings\maxime\Application Data\Tenebril
2009-01-29 08:38:47 ----D---- C:\WINDOWS.0\system32\tenarchlib
2009-01-28 16:28:50 ----D---- C:\Program Files\QuickTime
2009-01-28 12:49:33 ----HD---- C:\WINDOWS.0\system32\GroupPolicy
2009-01-28 10:59:20 ----D---- C:\WINDOWS.0\system32\Logfiles
2009-01-28 10:59:20 ----D---- C:\WINDOWS.0\system32\inetsrv
2009-01-28 10:59:20 ----D---- C:\Inetpub

======List of files/folders modified in the last 3 months======

2009-04-20 20:52:43 ----D---- C:\WINDOWS.0\Prefetch
2009-04-20 20:34:41 ----D---- C:\WINDOWS.0\Temp
2009-04-20 20:18:57 ----D---- C:\Program Files\Messenger Plus! Live
2009-04-20 20:06:00 ----D---- C:\WINDOWS.0\system32\CatRoot2
2009-04-20 10:48:27 ----D---- C:\WINDOWS.1
2009-04-19 19:11:00 ----D---- C:\WINDOWS.0\system32
2009-04-19 19:05:20 ----A---- C:\WINDOWS.0\SchedLgU.Txt
2009-04-19 19:05:04 ----D---- C:\WINDOWS.0
2009-04-19 10:53:39 ----D---- C:\Program Files\Mortimer Beckett and the Time Paradox
2009-04-19 03:17:45 ----AD---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP
2009-04-19 03:07:38 ----RD---- C:\Program Files
2009-04-19 03:04:48 ----SHD---- C:\WINDOWS.0\Installer
2009-04-19 03:04:36 ----D---- C:\Program Files\Java
2009-04-19 02:33:46 ----D---- C:\WINDOWS.0\system32\drivers
2009-04-19 02:28:35 ----D---- C:\WINDOWS.0\WinSxS
2009-04-19 00:46:49 ----HD---- C:\WINDOWS.0\inf
2009-04-18 23:55:24 ----D---- C:\WINDOWS.0\system32\CatRoot
2009-04-18 21:31:13 ----SD---- C:\Documents and Settings\maxime\Application Data\Microsoft
2009-04-18 21:11:52 ----D---- C:\WINDOWS.2
2009-04-18 21:11:52 ----D---- C:\WINDOWS
2009-04-18 21:10:28 ----D---- C:\Documents and Settings\maxime\Application Data\LimeWire
2009-04-18 20:41:05 ----AC---- C:\WINDOWS.0\system32\cssdll32.dll
2009-04-18 20:35:33 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-18 20:35:33 ----AC---- C:\WINDOWS.0\win.ini
2009-04-18 20:35:26 ----D---- C:\Program Files\Fichiers communs
2009-04-18 20:35:24 ----D---- C:\WINDOWS.0\twain_32
2009-04-17 09:55:29 ----AC---- C:\WINDOWS.0\system32\PerfStringBackup.INI
2009-04-17 09:49:59 ----D---- C:\WINDOWS.0\system32\config
2009-04-17 09:49:46 ----D---- C:\WINDOWS.0\system32\wbem
2009-04-17 09:49:45 ----D---- C:\WINDOWS.0\AppPatch
2009-04-17 02:47:17 ----D---- C:\WINDOWS.0\system32\dllcache
2009-04-17 02:46:42 ----D---- C:\WINDOWS.0\system32\fr-fr
2009-04-17 02:46:24 ----D---- C:\WINDOWS.0\ie7updates
2009-04-17 02:44:44 ----D---- C:\WINDOWS.0\Debug
2009-04-17 02:43:55 ----HD---- C:\WINDOWS.0\$hf_mig$
2009-04-17 02:43:14 ----D---- C:\WINDOWS.0\Registration
2009-04-16 23:35:00 ----SHD---- C:\System Volume Information
2009-04-16 23:35:00 ----D---- C:\WINDOWS.0\system32\Restore
2009-04-16 23:10:18 ----SD---- C:\WINDOWS.0\Tasks
2009-04-16 20:06:44 ----D---- C:\WINDOWS.0\Help
2009-04-16 04:51:58 ----D---- C:\Program Files\Internet Explorer
2009-04-14 10:04:49 ----RSD---- C:\WINDOWS.0\assembly
2009-04-11 00:09:52 ----D---- C:\Documents and Settings
2009-04-10 23:23:18 ----D---- C:\WINDOWS.0\Minidump
2009-04-10 15:31:34 ----D---- C:\Program Files\iWin.com
2009-04-10 11:27:17 ----SD---- C:\WINDOWS.0\Downloaded Program Files
2009-04-10 11:23:59 ----SHD---- C:\RECYCLER
2009-04-09 21:07:48 ----D---- C:\Program Files\LimeWire
2009-04-06 10:57:24 ----AC---- C:\WINDOWS.0\system32\MRT.exe
2009-04-01 07:00:42 ----D---- C:\WINDOWS.0\security
2009-03-25 23:13:47 ----D---- C:\Program Files\RealArcade
2009-03-23 01:54:04 ----D---- C:\Program Files\WinRAR
2009-03-23 01:51:02 ----D---- C:\Program Files\The Race
2009-03-23 01:47:36 ----D---- C:\Program Files\Mystery Legends - Sleepy Hollow
2009-03-23 01:38:44 ----D---- C:\Program Files\iWin Games
2009-03-21 18:21:44 ----D---- C:\Program Files\eMule
2009-03-21 10:07:58 ----A---- C:\WINDOWS.0\system32\kernel32.dll
2009-03-21 00:46:50 ----D---- C:\Program Files\Google
2009-03-20 23:48:09 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2009-03-20 23:48:08 ----D---- C:\Program Files\AVS4YOU
2009-03-20 23:46:35 ----D---- C:\Documents and Settings\maxime\Application Data\AVS4YOU
2009-03-17 22:58:04 ----D---- C:\WINDOWS.0\system32\DirectX
2009-03-17 22:54:31 ----D---- C:\Program Files\Windows Live
2009-03-15 20:05:30 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-03-15 20:05:30 ----D---- C:\Program Files\Adobe
2009-03-14 09:35:30 ----D---- C:\WINDOWS.0\Network Diagnostic
2009-03-14 06:45:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-14 06:42:50 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Spybot - Search & Destroy
2009-03-14 04:25:05 ----D---- C:\Program Files\Fichiers communs\Apple
2009-03-14 04:24:13 ----DC---- C:\WINDOWS.0\system32\DRVSTORE
2009-03-12 13:14:03 ----D---- C:\Program Files\Unity
2009-03-10 22:18:20 ----N---- C:\WINDOWS.0\system32\WgaTray.exe
2009-03-10 22:18:20 ----A---- C:\WINDOWS.0\system32\LegitCheckControl.dll
2009-03-10 22:18:00 ----A---- C:\WINDOWS.0\system32\WgaLogon.dll
2009-03-09 22:06:57 ----D---- C:\WINDOWS.0\Microsoft.NET
2009-03-09 06:54:44 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\WLInstaller
2009-03-09 03:50:55 ----D---- C:\Documents and Settings\maxime\Application Data\Apple Computer
2009-03-08 12:14:03 ----D---- C:\Program Files\CyberLink
2009-03-08 04:41:11 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-08 02:22:21 ----D---- C:\Program Files\Fichiers communs\AOL
2009-03-07 16:58:51 ----D---- C:\Program Files\DivX
2009-03-06 10:20:52 ----A---- C:\WINDOWS.0\system32\pdh.dll
2009-03-02 20:13:06 ----A---- C:\WINDOWS.0\system32\wininet.dll
2009-02-28 03:28:36 ----D---- C:\Program Files\Mystery of Unicorn Castle
2009-02-28 01:43:29 ----D---- C:\Program Files\Cinema Tycoon 2 - Movie Mania
2009-02-27 22:23:48 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\2 team frag settings
2009-02-26 00:18:54 ----RSD---- C:\WINDOWS.0\Fonts
2009-02-20 13:10:57 ----A---- C:\WINDOWS.0\system32\ieencode.dll
2009-02-20 13:10:56 ----A---- C:\WINDOWS.0\system32\webcheck.dll
2009-02-20 13:10:56 ----A---- C:\WINDOWS.0\system32\urlmon.dll
2009-02-20 13:10:55 ----A---- C:\WINDOWS.0\system32\url.dll
2009-02-20 13:10:55 ----A---- C:\WINDOWS.0\system32\pngfilt.dll
2009-02-20 13:10:55 ----A---- C:\WINDOWS.0\system32\occache.dll
2009-02-20 13:10:55 ----A---- C:\WINDOWS.0\system32\mstime.dll
2009-02-20 13:10:55 ----A---- C:\WINDOWS.0\system32\msrating.dll
2009-02-20 13:10:54 ----A---- C:\WINDOWS.0\system32\mshtmled.dll
2009-02-20 13:10:54 ----A---- C:\WINDOWS.0\system32\mshtml.dll
2009-02-20 13:10:52 ----A---- C:\WINDOWS.0\system32\msfeedsbs.dll
2009-02-20 13:10:52 ----A---- C:\WINDOWS.0\system32\msfeeds.dll
2009-02-20 13:10:52 ----A---- C:\WINDOWS.0\system32\jsproxy.dll
2009-02-20 13:10:50 ----A---- C:\WINDOWS.0\system32\iertutil.dll
2009-02-20 13:10:50 ----A---- C:\WINDOWS.0\system32\iernonce.dll
2009-02-20 13:10:50 ----A---- C:\WINDOWS.0\system32\ieframe.dll
2009-02-20 13:10:48 ----A---- C:\WINDOWS.0\system32\iedkcs32.dll
2009-02-20 13:10:48 ----A---- C:\WINDOWS.0\system32\ieapfltr.dll
2009-02-20 13:10:47 ----A---- C:\WINDOWS.0\system32\ieaksie.dll
2009-02-20 13:10:47 ----A---- C:\WINDOWS.0\system32\ieakeng.dll
2009-02-20 13:10:47 ----A---- C:\WINDOWS.0\system32\icardie.dll
2009-02-20 13:10:47 ----A---- C:\WINDOWS.0\system32\extmgr.dll
2009-02-20 13:10:47 ----A---- C:\WINDOWS.0\system32\dxtrans.dll
2009-02-20 13:10:47 ----A---- C:\WINDOWS.0\system32\dxtmsft.dll
2009-02-20 13:10:46 ----A---- C:\WINDOWS.0\system32\advpack.dll
2009-02-20 06:20:49 ----A---- C:\WINDOWS.0\system32\ieudinit.exe
2009-02-20 06:20:49 ----A---- C:\WINDOWS.0\system32\ie4uinit.exe
2009-02-20 01:14:12 ----A---- C:\WINDOWS.0\system32\ieakui.dll
2009-02-19 15:52:17 ----D---- C:\My Download Files
2009-02-19 10:04:40 ----D---- C:\Program Files\Zylom Games
2009-02-15 17:54:02 ----D---- C:\GameHouse Games
2009-02-15 14:23:25 ----D---- C:\Program Files\GameHouse
2009-02-13 22:14:40 ----D---- C:\WINDOWS.0\AntiWPA
2009-02-13 22:14:40 ----D---- C:\Program Files\The Sultan's Labyrinth
2009-02-13 17:56:28 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-02-10 19:06:30 ----A---- C:\WINDOWS.0\system32\ntkrnlpa.exe
2009-02-09 07:24:03 ----A---- C:\WINDOWS.0\system32\ntoskrnl.exe
2009-02-09 07:23:48 ----A---- C:\WINDOWS.0\system32\services.exe
2009-02-09 06:53:56 ----A---- C:\WINDOWS.0\system32\lsasrv.dll
2009-02-09 06:53:55 ----A---- C:\WINDOWS.0\system32\rpcss.dll
2009-02-09 06:53:55 ----A---- C:\WINDOWS.0\system32\ntdll.dll
2009-02-09 06:53:55 ----A---- C:\WINDOWS.0\system32\advapi32.dll
2009-02-06 06:39:08 ----A---- C:\WINDOWS.0\system32\sc.exe
2009-02-05 00:36:49 ----D---- C:\Documents and Settings\maxime\Application Data\Mozilla
2009-02-04 23:44:56 ----D---- C:\Program Files\Windows Media Player
2009-02-03 15:58:06 ----A---- C:\WINDOWS.0\system32\secur32.dll
2009-02-01 17:44:17 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-01-29 11:52:27 ----D---- C:\WINDOWS.0\system32\mui
2009-01-29 11:46:16 ----D---- C:\WINDOWS.0\system32\spool
2009-01-29 10:55:00 ----D---- C:\WINDOWS.0\system
2009-01-29 09:19:27 ----D---- C:\Documents and Settings\maxime\Application Data\GetRightToGo
2009-01-29 08:25:27 ----AC---- C:\WINDOWS.0\system.ini
2009-01-28 23:02:25 ----D---- C:\Program Files\Windows Live Safety Center
2009-01-28 16:28:48 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple Computer
2009-01-28 14:14:11 ----D---- C:\Program Files\Services en ligne
2009-01-24 10:42:05 ----D---- C:\Program Files\Be Rich

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS.0\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS.0\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 vsdatant;vsdatant; C:\WINDOWS.0\System32\vsdatant.sys [2009-02-18 353672]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS.0\system32\drivers\CdaC15BA.SYS []
R3 es1969;Pilote audio ESS Solo (WDM); C:\WINDOWS.0\system32\drivers\es1969.sys [2001-08-17 72192]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS.0\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2008-06-21 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS.0\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 S3SavageNB;S3SavageNB; C:\WINDOWS.0\system32\DRIVERS\s3gnbm.sys [2008-04-13 166912]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS.0\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS.0\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS.0\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\maxime\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS.0\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS.0\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS.0\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS.0\system32\drivers\mbamswissarmy.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS.0\system32\104.tmp []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS.0\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS.0\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS.0\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS.0\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS.0\system32\drivers\srs_sscfilter_i386.sys [2007-07-26 39808]
S3 streamip;BDA IPSink; C:\WINDOWS.0\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS.0\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS.0\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS.0\system32\DRIVERS\WudfPf.sys [2008-06-07 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.0\system32\DRIVERS\wudfrd.sys [2008-06-07 82944]
S4 IntelIde;IntelIde; C:\WINDOWS.0\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE [2008-10-03 54784]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS.0\system32\PSIService.exe [2006-11-02 174656]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS.0\System32\TUProgSt.exe [2009-04-16 603904]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS.0\System32\svchost.exe [2008-04-14 14336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe [2009-02-18 2402184]
S2 gupdate1c9a63b17bac130;Service Google Update (gupdate1c9a63b17bac130); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-16 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS.0\System32\TuneUpDefragService.exe [2009-04-16 360192]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.0\system32\svchost.exe [2008-04-14 14336]
S4 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
0
Utilisateur anonyme
20 avril 2009 à 18:35
Re,

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

:processes
explorer.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3A54897-9E68-B11E-A37A-4D1422CE9CAA}]

:files
c:\windows\system32\vsnp325.dll

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]



---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
20 avril 2009 à 18:56
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3A54897-9E68-B11E-A37A-4D1422CE9CAA}\\ not found.
========== FILES ==========
File/Folder c:\windows\system32\vsnp325.dll not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\maxime\LOCALS~1\Temp\~DFF91D.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\maxime\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS.0\temp\ZLT07973.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04202009_212100

Files moved on Reboot...
C:\DOCUME~1\maxime\LOCALS~1\Temp\~DFF91D.tmp moved successfully.
File C:\WINDOWS.0\temp\ZLT07973.TMP not found!
0
Utilisateur anonyme
20 avril 2009 à 19:01
Re,

Redémarre ton pc et fait ce qui suit:

Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte

Mets le à jour

▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

▶ Sélectionne Exécuter un examen COMPLET si ce n'est pas déjà fait

▶ clique sur Rechercher

▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
20 avril 2009 à 20:32
rapport malwarebytes :


Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2015
Windows 5.1.2600 Service Pack 3

2009-04-20 22:54:23
mbam-log-2009-04-20 (22-54-23).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 298341
Temps écoulé: 1 hour(s), 17 minute(s), 20 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 239

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\IGB (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\ProgramData\RD Platinum v5.0 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\ProgramData\RD Platinum v5.0\backup (Rogue.RegistryDefender) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\System Volume Information\_restore{9DF4BB36-4EF5-4770-9F87-2181ABCC7DFB}\RP224\A0049912.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9DF4BB36-4EF5-4770-9F87-2181ABCC7DFB}\RP224\A0049915.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E835D118-0B7E-4C5C-B237-E863DD3E7D74}\RP27\A0012439.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS.0\Cambrosia Webcam Viewer\uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS.1\system32\MSINET.oca (Rogue.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS.1\system32\tfkyooqvwdqngw.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\WINDOWS.2\system32\vinabino.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS.2\system32\lokubaja.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Uninstall.exe (Rogue.RegistryDefender5) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Updater.exe (Rogue.RegistryDefender5) -> Quarantined and deleted successfully.
C:\Program Files\VisualTool\VisualTool-1.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\domains.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\log.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Customer Support.url (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\INSTALL.LOG (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\install.sss (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\RDPlatinumv5.exe.manifest (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\User Guide.url (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-0.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-100.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-51.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-52.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-53.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-54.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-55.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-56.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-57.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-58.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-59.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-60.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-61.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-62.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-63.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-64.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-65.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-66.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-67.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-68.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-69.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-70.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-71.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-72.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-73.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-74.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-75.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-76.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-77.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-78.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-79.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-80.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-81.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-82.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-83.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-84.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-85.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-86.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-87.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-88.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-89.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-90.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-91.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-92.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-93.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-94.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-95.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-96.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-97.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-98.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-99.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-0.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-51.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-52.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-53.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-54.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-55.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-56.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-57.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-58.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-59.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-60.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-61.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-62.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-63.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-64.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-65.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\WINDOWS.0\system32\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully.
0
Utilisateur anonyme
20 avril 2009 à 20:35
Re,

Supprime bien la quarantaine de malwarebyte ..

Redémarre ton PC normalement.

▶ Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
CCLEANER

▶ Lance-le. Va dans "Options" puis "Avancé",

▶ Tu décoches la case "Effacer uniquement les fichiers etc...".

▶ Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage.

▶ Tu vas dans "Registre", tu fais "Chercher des erreurs".

Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

▶ Un tuto ( aide )


Refait un rapport avec RSIT.
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
20 avril 2009 à 20:43
rapport RSIT apres cccleaner :

Logfile of random's system information tool 1.06 (written by random/random)
Run by maxime at 2009-04-20 23:11:21
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 24 GB (41%) free of 58 GB
Total RAM: 991 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:11:36, on 2009-04-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE
C:\WINDOWS.0\system32\cisvc.exe
C:\WINDOWS.0\system32\PSIService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\TUProgSt.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\wscntfy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS.0\system32\cidaemon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Documents and Settings\maxime\Bureau\RSIT.exe
C:\Program Files\trend micro\maxime.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Post Install] RunDll32 advpack.dll,LaunchINFSection "E:\$OEM$\RunWPI.inf",Execute
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE
O23 - Service: Service Google Update (gupdate1c9a63b17bac130) (gupdate1c9a63b17bac130) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS.0\system32\PSIService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS.0\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS.0\System32\TUProgSt.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe
0
Utilisateur anonyme
20 avril 2009 à 20:46
Re,

Télécharge ComboFix (de sUBs) sur ton Bureau.

/!\Désactive temporairement toute protection résidente /!\ (Antivirus, antispywares..)
Double clique sur ComboFix.exe.
Accepte la licence en cliquant sur Oui.
Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.


Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide :Comment utiliser ComboFix.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
20 avril 2009 à 21:10
rapport comboFix :
ComboFix 09-04-21.01 - maxime 2009-04-20 23:24.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.991.659 [GMT -4:00]
Lancé depuis: c:\documents and settings\maxime\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: BitDefender Antivirus *On-access scanning disabled* (Updated)
FW: Pare-feu BitDefender *disabled*
FW: ZoneAlarm Pro Firewall *disabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\nathalie\Local Settings\Temporary Internet Files\CPV.stt
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES


((((((((((((((((((((((((((((( Fichiers créés du 2009-03-21 au 2009-04-21 ))))))))))))))))))))))))))))))))))))
.

2009-04-21 03:31 . 2009-04-21 03:31 -------- d-----w c:\windows.0\system32\xircom
2009-04-21 03:31 . 2009-04-21 03:31 -------- d-----w c:\windows.0\srchasst
2009-04-21 03:31 . 2009-04-21 03:31 -------- d-----w c:\program files\microsoft frontpage
2009-04-21 03:08 . 2009-04-21 03:08 -------- d-sh--w c:\documents and settings\maxime\IECompatCache
2009-04-21 01:33 . 2009-04-21 01:33 -------- d-----w c:\documents and settings\maxime\Application Data\Malwarebytes
2009-04-21 01:33 . 2009-04-06 19:32 15504 ----a-w c:\windows.0\system32\drivers\mbam.sys
2009-04-21 01:33 . 2009-04-06 19:32 38496 ----a-w c:\windows.0\system32\drivers\mbamswissarmy.sys
2009-04-21 01:33 . 2009-04-21 01:33 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-21 01:16 . 2009-04-21 01:16 -------- d-sh--w c:\documents and settings\maxime\IETldCache
2009-04-21 01:12 . 2009-04-21 01:12 -------- d-----w C:\_OTMoveIt
2009-04-21 01:10 . 2009-04-21 01:10 -------- d-----w c:\windows.0\ie8updates
2009-04-21 01:05 . 2009-04-21 01:09 -------- dc-h--w c:\windows.0\ie8
2009-04-21 01:03 . 2009-02-28 04:55 105984 ------w c:\windows.0\system32\dllcache\iecompat.dll
2009-04-21 00:52 . 2009-04-21 00:53 -------- d-----w C:\rsit
2009-04-19 23:10 . 2009-04-19 23:12 -------- d-----w C:\jaCombo
2009-04-19 06:36 . 2009-04-19 06:44 -------- d-----w c:\program files\SpywareBlaster
2009-04-19 06:15 . 2009-04-19 06:15 -------- d-----w c:\program files\Avira
2009-04-19 06:15 . 2009-04-19 06:15 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\Avira
2009-04-19 04:51 . 2009-04-19 05:20 -------- d-----w c:\program files\Navilog1
2009-04-19 04:18 . 2009-04-19 04:18 212 --sha-w c:\windows.0\klif.spi
2009-04-19 03:52 . 2009-04-19 03:52 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\Kaspersky Lab Setup Files
2009-04-19 03:01 . 2009-04-19 04:41 -------- d-----w C:\ToolBar SD
2009-04-19 02:13 . 2009-04-19 02:13 -------- d-----w c:\documents and settings\maxime\Local Settings\Application Data\Comodo
2009-04-19 02:12 . 2009-04-19 02:12 -------- d-----w c:\documents and settings\maxime\Application Data\Comodo
2009-04-19 02:01 . 2009-04-21 03:11 -------- d-----w c:\program files\Trend Micro
2009-04-19 01:22 . 2009-04-19 01:31 -------- d-----w c:\program files\Microsoft Bootvis
2009-04-19 01:07 . 2009-04-21 02:54 -------- d-----w c:\program files\VisualTool
2009-04-19 00:40 . 2009-04-19 02:12 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\Comodo
2009-04-19 00:39 . 2009-04-19 04:01 -------- d-----w c:\program files\COMODO
2009-04-17 03:17 . 2009-04-17 03:44 -------- d-----w c:\program files\ma-config.com
2009-04-17 03:17 . 2009-04-17 03:44 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\ma-config.com
2009-04-17 03:10 . 2009-04-17 03:10 603904 ----a-w c:\windows.0\system32\TUProgSt.exe
2009-04-17 03:10 . 2008-12-11 17:31 27904 ----a-w c:\windows.0\system32\uxtuneup.dll
2009-04-17 03:10 . 2009-04-17 03:10 360192 ----a-w c:\windows.0\system32\TuneUpDefragService.exe
2009-04-17 03:09 . 2009-04-17 03:10 -------- d-----w c:\program files\TuneUp Utilities 2009
2009-04-17 03:09 . 2009-04-17 03:09 -------- d-sh--w c:\documents and settings\All Users.WINDOWS.0\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-17 02:01 . 2009-04-17 02:11 -------- d-----w c:\program files\RegCleaner
2009-04-17 01:59 . 2009-04-17 01:59 0 ----a-w c:\windows.0\CleanUp.INI
2009-04-17 01:58 . 2009-04-17 02:00 -------- d-----w c:\program files\CleanUp
2009-04-17 01:38 . 2009-04-17 01:42 -------- d-----w c:\program files\Piratrax
2009-04-17 01:38 . 2009-04-17 01:42 -------- d-----w c:\documents and settings\maxime\Local Settings\Application Data\piratrax
2009-04-16 21:08 . 2009-02-06 10:10 227840 ------w c:\windows.0\system32\dllcache\wmiprvse.exe
2009-04-16 21:08 . 2009-03-06 14:20 286720 ------w c:\windows.0\system32\dllcache\pdh.dll
2009-04-16 21:08 . 2009-02-09 11:23 111104 ------w c:\windows.0\system32\dllcache\services.exe
2009-04-16 21:08 . 2009-02-09 10:53 401408 ------w c:\windows.0\system32\dllcache\rpcss.dll
2009-04-16 21:08 . 2009-02-09 10:53 473600 ------w c:\windows.0\system32\dllcache\fastprox.dll
2009-04-16 21:08 . 2009-02-06 10:39 35328 ------w c:\windows.0\system32\dllcache\sc.exe
2009-04-16 21:08 . 2009-02-09 10:53 685568 ------w c:\windows.0\system32\dllcache\advapi32.dll
2009-04-16 21:07 . 2009-02-09 10:53 735744 ------w c:\windows.0\system32\dllcache\lsasrv.dll
2009-04-16 21:07 . 2009-02-09 10:53 453120 ------w c:\windows.0\system32\dllcache\wmiprvsd.dll
2009-04-16 21:07 . 2009-02-09 10:53 739840 ------w c:\windows.0\system32\dllcache\ntdll.dll
2009-04-16 21:06 . 2008-12-16 12:31 354304 ------w c:\windows.0\system32\dllcache\winhttp.dll
2009-04-16 21:06 . 2009-03-27 06:54 1203922 ------w c:\windows.0\system32\dllcache\sysmain.sdb
2009-04-16 21:06 . 2008-04-21 21:15 219136 ------w c:\windows.0\system32\dllcache\wordpad.exe
2009-04-16 08:25 . 2009-04-16 08:26 -------- d-----w c:\program files\Detective Agency
2009-04-16 08:24 . 2009-04-16 08:25 -------- d-----w c:\program files\The Serpent of Isis
2009-04-16 08:21 . 2009-04-16 08:24 -------- d-----w c:\program files\Flux Family Secrets - The Ripple Effect
2009-04-14 14:03 . 2009-04-14 14:03 -------- d-----w c:\windows.0\system32\URTTEMP
2009-04-11 03:21 . 2009-04-11 03:21 -------- d-----w c:\program files\CCleaner
2009-04-10 14:53 . 2009-04-10 14:54 -------- d-----w c:\program files\DFX
2009-04-10 13:56 . 2009-04-17 00:36 -------- d-----w c:\program files\VS Revo Group
2009-04-05 00:56 . 2009-04-05 00:56 -------- d-----w c:\documents and settings\NetworkService.AUTORITE NT.001\Local Settings\Application Data\Google
2009-03-26 03:55 . 2009-03-26 03:55 -------- d-----w c:\documents and settings\nathalie\Application Data\Jetsetter

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-21 01:25 . 2008-10-03 17:27 464704 -c--a-w c:\documents and settings\maxime\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-21 00:18 . 2009-01-13 21:44 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-19 14:53 . 2008-12-07 05:48 -------- d-----w c:\program files\Mortimer Beckett and the Time Paradox
2009-04-19 07:17 . 2008-10-11 00:48 -------- d---a-w c:\documents and settings\All Users.WINDOWS.0\Application Data\TEMP
2009-04-19 07:04 . 2008-09-05 11:51 -------- d-----w c:\program files\Java
2009-04-19 06:32 . 2009-03-14 09:05 4212 ---ha-w c:\windows.0\system32\zllictbl.dat
2009-04-19 06:29 . 2009-04-19 06:29 -------- d-----w c:\program files\Zone Labs
2009-04-19 05:20 . 2009-04-19 05:15 4995 ----a-w C:\cleannavi.txt
2009-04-19 05:05 . 2009-04-19 04:52 4661 ----a-w C:\fixnavi.txt
2009-04-19 04:41 . 2009-04-19 03:01 4268 ----a-w C:\TB.txt
2009-04-19 01:10 . 2009-03-21 22:28 -------- d-----w c:\documents and settings\maxime\Application Data\Azureus
2009-04-19 01:10 . 2008-10-05 01:19 -------- d-----w c:\documents and settings\maxime\Application Data\LimeWire
2009-04-19 01:10 . 2008-09-14 15:40 -------- d-----w c:\documents and settings\nat\Application Data\LimeWire
2009-04-19 01:10 . 2008-09-13 00:24 -------- d-----w c:\documents and settings\Administrateur\Application Data\LimeWire
2009-04-19 01:10 . 2008-09-09 21:32 -------- d-----w c:\documents and settings\nathalie\Application Data\LimeWire
2009-04-19 01:10 . 2008-09-05 21:33 -------- d-----w c:\documents and settings\ordi\Application Data\LimeWire
2009-04-19 00:41 . 2008-12-11 03:32 253688 -c--a-w c:\windows.0\system32\cssdll32.dll
2009-04-19 00:35 . 2008-09-05 18:09 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-17 13:55 . 2008-04-14 14:00 84956 ----a-w c:\windows.0\system32\perfc00C.dat
2009-04-17 13:55 . 2008-04-14 14:00 509872 ----a-w c:\windows.0\system32\perfh00C.dat
2009-04-17 03:09 . 2009-02-13 21:51 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\TuneUp Software
2009-04-16 07:25 . 2009-03-21 00:51 -------- d-----w c:\documents and settings\nathalie\Application Data\Spyware Terminator
2009-04-10 19:31 . 2008-09-10 02:19 -------- d-----w c:\program files\iWin.com
2009-04-10 11:02 . 2008-09-24 17:43 -------- d-----w c:\documents and settings\nat\Application Data\Spyware Terminator
2009-04-10 01:07 . 2008-09-05 21:33 -------- d-----w c:\program files\LimeWire
2009-03-29 08:27 . 2009-03-21 05:29 -------- d-----w c:\documents and settings\nathalie\Application Data\Lost in the City
2009-03-26 03:13 . 2008-09-13 10:50 -------- d-----w c:\program files\RealArcade
2009-03-23 05:51 . 2008-09-16 14:25 -------- d-----w c:\program files\The Race
2009-03-23 05:47 . 2008-12-20 22:36 -------- d-----w c:\program files\Mystery Legends - Sleepy Hollow
2009-03-23 05:38 . 2008-09-10 02:16 -------- d-----w c:\program files\iWin Games
2009-03-22 01:58 . 2009-03-22 01:40 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\SymplisIT
2009-03-22 01:50 . 2009-03-21 22:24 -------- d-----w c:\program files\Vuze
2009-03-22 01:40 . 2009-03-22 01:40 -------- d-----w c:\program files\SymplisIT
2009-03-21 23:21 . 2009-03-21 23:21 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\Azureus
2009-03-21 22:21 . 2008-12-11 01:17 -------- d-----w c:\program files\eMule
2009-03-21 14:07 . 2009-03-21 14:07 1054720 ------w c:\windows.0\system32\dllcache\kernel32.dll
2009-03-21 04:46 . 2008-09-05 21:13 -------- d-----w c:\program files\Google
2009-03-21 03:48 . 2008-10-10 04:50 -------- d-----w c:\program files\Fichiers communs\AVSMedia
2009-03-21 03:48 . 2008-12-25 11:45 -------- d-----w c:\program files\AVS4YOU
2009-03-21 03:46 . 2008-12-25 11:46 -------- d-----w c:\documents and settings\maxime\Application Data\AVS4YOU
2009-03-21 03:25 . 2009-03-09 11:24 -------- d-----w c:\program files\Safari
2009-03-21 02:56 . 2009-03-21 02:56 129 ----a-w c:\documents and settings\maxime\Local Settings\Application Data\fusioncache.dat
2009-03-21 02:54 . 2009-03-21 02:54 -------- d-----w c:\program files\Skwalie
2009-03-21 01:51 . 2009-02-11 23:43 -------- d-----w c:\documents and settings\nathalie\Application Data\RobinsonCrusoe
2009-03-18 02:54 . 2008-09-05 11:56 -------- d-----w c:\program files\Windows Live
2009-03-16 00:05 . 2008-12-25 09:13 -------- d-----w c:\program files\Fichiers communs\Adobe
2009-03-15 23:12 . 2009-03-15 23:12 -------- d-----w c:\documents and settings\nat\Application Data\Apple Computer
2009-03-15 22:49 . 2009-03-15 22:49 -------- d-----w c:\program files\Angle Interactive
2009-03-14 10:45 . 2008-10-30 08:04 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-14 10:42 . 2008-10-30 08:04 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\Spybot - Search & Destroy
2009-03-14 10:41 . 2009-03-14 08:26 -------- d-----w c:\program files\Glary Utilities
2009-03-14 10:37 . 2009-03-14 08:55 -------- d-----w c:\program files\PopTray
2009-03-14 09:05 . 2009-03-14 09:05 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\MailFrontier
2009-03-14 08:53 . 2009-03-14 08:53 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\Malwarebytes
2009-03-14 08:51 . 2009-03-14 08:49 6252 ----a-w C:\JavaRa.log
2009-03-14 08:37 . 2009-03-14 08:31 -------- d-----w c:\documents and settings\maxime\Application Data\GlarySoft
2009-03-14 08:25 . 2008-12-24 12:03 -------- d-----w c:\program files\Fichiers communs\Apple
2009-03-14 00:36 . 2009-03-09 13:15 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\Messenger Plus!
2009-03-12 17:58 . 2009-03-12 17:58 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-12 17:17 . 2009-03-12 17:17 -------- d-----w c:\documents and settings\maxime\Application Data\Unity
2009-03-12 17:14 . 2008-11-23 05:39 -------- d-----w c:\program files\Unity
2009-03-11 02:18 . 2008-09-05 19:00 970120 ------w c:\windows.0\system32\dllcache\WgaTray.exe
2009-03-11 02:18 . 2008-09-05 19:00 265088 ------w c:\windows.0\system32\dllcache\wgaLogon.dll
2009-03-09 10:54 . 2008-10-05 00:30 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\WLInstaller
2009-03-09 07:50 . 2008-11-07 06:25 -------- d-----w c:\documents and settings\maxime\Application Data\Apple Computer
2009-03-08 22:20 . 2008-12-11 06:26 232820 -c-ha-w c:\windows.0\system32\mlfcache.dat
2009-03-08 21:43 . 2009-03-08 20:47 81984 ----a-w c:\windows.0\system32\bdod.bin
2009-03-08 21:40 . 2009-03-08 19:14 -------- d-----w c:\program files\Fighters
2009-03-08 19:14 . 2009-03-08 19:14 -------- d-----w c:\documents and settings\All Users.WINDOWS.0\Application Data\Fighters
2009-03-08 18:09 . 2008-09-14 10:14 638816 ----a-w c:\windows.0\system32\dllcache\iexplore.exe
2009-03-08 18:09 . 2008-09-14 10:14 391536 ----a-w c:\windows.0\system32\dllcache\iedkcs32.dll
2009-03-08 17:17 . 2009-03-08 17:15 -------- d-----w c:\program files\Fichiers communs\BitDefender
2009-03-08 16:14 . 2008-09-05 18:09 -------- d-----w c:\program files\CyberLink
2009-03-08 08:41 . 2008-04-23 07:46 5937152 ----a-w c:\windows.0\system32\dllcache\mshtml.dll
2009-03-08 08:39 . 2008-09-14 10:14 11063808 ----a-w c:\windows.0\system32\dllcache\ieframe.dll
2009-03-08 08:34 . 2008-09-14 10:14 914944 ----a-w c:\windows.0\system32\dllcache\wininet.dll
2009-03-08 08:34 . 2008-04-23 04:16 914944 ----a-w c:\windows.0\system32\wininet.dll
2009-03-08 08:34 . 2008-09-14 10:14 1206784 ----a-w c:\windows.0\system32\dllcache\urlmon.dll
2009-03-08 08:34 . 2008-09-14 10:14 236544 ----a-w c:\windows.0\system32\dllcache\webcheck.dll
2009-03-08 08:34 . 2009-03-08 08:34 43008 ------w c:\windows.0\system32\dllcache\licmgr10.dll
2009-03-08 08:34 . 2008-06-07 16:12 43008 ----a-w c:\windows.0\system32\licmgr10.dll
2009-03-08 08:34 . 2008-09-14 10:14 105984 ----a-w c:\windows.0\system32\dllcache\url.dll
2009-03-08 08:34 . 2008-09-14 10:14 193536 ----a-w c:\windows.0\system32\dllcache\msrating.dll
2009-03-08 08:34 . 2008-09-14 10:14 109568 ----a-w c:\windows.0\system32\dllcache\occache.dll
2009-03-08 08:33 . 2009-03-08 08:33 759296 ------w c:\windows.0\system32\dllcache\VGX.dll
2009-03-08 08:33 . 2009-03-08 08:33 18944 ------w c:\windows.0\system32\dllcache\corpol.dll
2009-03-08 08:33 . 2008-06-07 16:12 18944 ----a-w c:\windows.0\system32\corpol.dll
2009-03-08 08:33 . 2008-09-14 10:14 25600 ----a-w c:\windows.0\system32\dllcache\jsproxy.dll
2009-03-08 08:33 . 2008-05-09 10:55 726528 ----a-w c:\windows.0\system32\dllcache\jscript.dll
2009-03-08 08:33 . 2008-09-14 10:14 229376 ----a-w c:\windows.0\system32\dllcache\ieaksie.dll
2009-03-08 08:33 . 2008-05-09 10:55 420352 ----a-w c:\windows.0\system32\dllcache\vbscript.dll
2009-03-08 08:33 . 2008-04-14 14:00 420352 ----a-w c:\windows.0\system32\vbscript.dll
2009-03-08 08:33 . 2008-09-14 10:14 125952 ----a-w c:\windows.0\system32\dllcache\ieakeng.dll
2009-03-08 08:32 . 2009-03-08 08:32 72704 ------w c:\windows.0\system32\dllcache\admparse.dll
2009-03-08 08:32 . 2008-06-07 16:12 72704 ----a-w c:\windows.0\system32\admparse.dll
2009-03-08 08:32 . 2008-09-14 10:14 173056 ----a-w c:\windows.0\system32\dllcache\ie4uinit.exe
2009-03-08 08:32 . 2008-09-14 10:14 163840 ----a-w c:\windows.0\system32\dllcache\ieakui.dll
2009-03-08 08:32 . 2009-03-08 08:32 71680 ------w c:\windows.0\system32\dllcache\iesetup.dll
2009-03-08 08:32 . 2008-09-14 10:14 55808 ----a-w c:\windows.0\system32\dllcache\iernonce.dll
2009-03-08 08:32 . 2008-06-07 16:12 71680 ----a-w c:\windows.0\system32\iesetup.dll
2008-10-29 00:57 . 2008-10-26 07:25 88 -csh--r c:\windows.0\system32\[u]0/uD834C491C.sys
2008-10-29 00:57 . 2008-10-26 07:25 2516 -csha-w c:\windows.0\system32\KGyGaAvL.sys
2008-09-27 14:00 . 2008-09-27 14:00 32768 -csha-w c:\windows.0\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092720080928\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows.0\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-19 981384]
"Windows Post Install"="advpack.dll" - c:\windows.0\system32\advpack.dll [2009-03-08 128512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows.0\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows.0\system32\advpack.dll [2009-03-08 128512]

c:\documents and settings\maxime\Menu D‚marrer\Programmes\D‚marrage\
Outil de notification Live Search.lnk - c:\documents and settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-1-4 143360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMMyPictures"= 0 (0x0)
"NoSMConfigurePrograms"= 1 (0x1)
"NoStartMenuMyMusic"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMMyPictures"= 0 (0x0)
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoStartMenuMyMusic"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R2 gupdate1c9a63b17bac130;Service Google Update (gupdate1c9a63b17bac130);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-16 133104]
R3 MEMSWEEP2;MEMSWEEP2; [x]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows.0\System32\TUProgSt.exe [2009-04-17 603904]
S3 es1969;Pilote audio ESS Solo (WDM);c:\windows.0\system32\drivers\es1969.sys [2001-08-17 72192]


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows.0\system32\rundll32.exe" "c:\windows.0\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-04-16 c:\windows.0\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 08:04]

2009-04-21 c:\windows.0\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-16 13:28]

2009-04-21 c:\windows.0\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 19:04]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-20 23:34
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows.0\system32\104.tmp"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2556)
c:\windows.0\system32\ieframe.dll
c:\windows.0\system32\webcheck.dll
c:\windows.0\system32\wpdshserviceobj.dll
c:\windows.0\system32\portabledevicetypes.dll
c:\windows.0\system32\portabledeviceapi.dll
c:\windows.0\system32\eappprxy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows.0\system32\drivers\CDAC11BA.EXE
c:\windows.0\system32\PSIService.exe
c:\windows.0\system32\wscntfy.exe
c:\documents and settings\maxime\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
.
**************************************************************************
.
Heure de fin: 2009-04-21 23:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-21 03:38

Avant-CF: 24 810 254 336 octets libres
Après-CF: 24 954 650 624 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.2
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.2="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.1="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.0="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

304 --- E O F --- 2009-04-19 07:01
0
Utilisateur anonyme
20 avril 2009 à 21:14
Re,



---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

:processes
explorer.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3A54897-9E68-B11E-A37A-4D1422CE9CAA}]

:files
c:\windows\system32\vsnp325.dll

:commands
[emptytemp]
[start explorer]




---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Ensuite tu me poste le rapport et tu redémarre et refait un log avec RSIT
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
20 avril 2009 à 21:25
rapport OTMoveIt3 :


========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3A54897-9E68-B11E-A37A-4D1422CE9CAA}\\ not found.
========== FILES ==========
File/Folder c:\windows\system32\vsnp325.dll not found.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\maxime\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04202009_234557

Files moved on Reboot...



bon je redemarre le pc et demarre RSIT
0
LeMack Messages postés 33 Date d'inscription dimanche 19 avril 2009 Statut Membre Dernière intervention 21 avril 2009
20 avril 2009 à 21:33
RSIT apres redemarrer:

Logfile of random's system information tool 1.06 (written by random/random)
Run by maxime at 2009-04-21 00:02:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 24 GB (41%) free of 58 GB
Total RAM: 991 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:02:40, on 2009-04-21
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE
C:\WINDOWS.0\system32\PSIService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\TUProgSt.exe
C:\WINDOWS.0\system32\wuauclt.exe
C:\WINDOWS.0\system32\wscntfy.exe
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Safari\Safari.exe
C:\Documents and Settings\maxime\Bureau\RSIT.exe
C:\Program Files\trend micro\maxime.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Post Install] RunDll32 advpack.dll,LaunchINFSection "E:\$OEM$\RunWPI.inf",Execute
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\maxime\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS.0\system32\drivers\CDAC11BA.EXE
O23 - Service: Service Google Update (gupdate1c9a63b17bac130) (gupdate1c9a63b17bac130) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS.0\system32\PSIService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS.0\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS.0\System32\TUProgSt.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe
0
Utilisateur anonyme
20 avril 2009 à 21:49
Re,

Télécharge OTCleanIt de OldTimer sur ton Bureau

Lance OTCleanIt avec un double-clic (sous Vista, lance-le en cliquant droit sur OTCleanIt.exe et en sélectionnant "exécuter en tant qu'administrateur")

Appuie sur le bouton "CleanUp!"

A la question "begin cleanup process?", réponds "YES"

A la fin de l'opération, si OTCleanIt demande de redémarrer ("Do you want to reboot now?"), ferme ce que tu es en train de faire (internet, documents divers...) et clique sur "YES":

Au redémarrage, OTCleanIt aura supprimé les outils de désinfection, et se sera même auto-détruit!
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Fais un scan en ligne avec Kaspersky : Kaspersky

N.B. : Le scan ne marche que sous Internet Explorer.

- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...). Allume les si necessaire.

- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.

- On va te demander de télécharger un contrôle active x, accepte .

- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.

- Poste le rapport qui sera généré stp. (clique sur <enregistrer le rapport> puis sauvegarde-le sur ton bureau en choisissant "fichier texte (*.txt)" pour l'extension).
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : clic ici


Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
Pour le rapport Kaspersky il faut que tu choisisses "Afficher le rapport" puis que tu l'enregistres sur ton bureau sous forme de fichier texte (type de fichier "tous les fichiers").
0