Virus: win32 malware.gen

flagazgaz Messages postés 26 Statut Membre -  
flagazgaz Messages postés 26 Statut Membre -
Bonjour,
mon anti virus "avast" se declenche tres souvent car il detecte un virus : win32 malware.gen.
J'ai beau faire des netoyages, il reviens sans arret.
Aidez moi SVP
Configuration: Windows XP Internet Explorer 7.0

4 réponses

  1. totobetourne Messages postés 5677 Statut Membre 65
     
    bonjour

    on va regarder.
    Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

    -> http://images.malwareremoval.com/random/RSIT.exe

    ! Déconnecte toi et ferme toutes tes applications en cours !

    Double-clique sur " RSIT.exe " pour le lancer .

    -> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

    * Devant l'option "List files/folders created ..." , tu choisis : 2 months

    * clique ensuite sur " Continue " pour lancer l'analyse ...

    -> laisse faire le scan et ne touche pas au PC ...

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

    Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

    Important : poste un rapport, puis l'autre dans la réponse suivante
    Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

    ( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
    0
    1. flagazgaz Messages postés 26 Statut Membre
       
      log.txt :
      Logfile of random's system information tool 1.06 (written by random/random)
      Run by Flavien at 2009-11-22 16:26:52
      Microsoft Windows XP Professionnel Service Pack 3
      System drive C: has 2 GB (12%) free of 20 GB
      Total RAM: 2046 MB (73% free)

      HijackThis download failed

      ======Scheduled tasks folder======

      C:\WINDOWS\tasks\MP Scheduled Scan.job
      C:\WINDOWS\tasks\PCConfidential.job
      C:\WINDOWS\tasks\RegPowerClean.job
      C:\WINDOWS\tasks\RPCReminder.job
      C:\WINDOWS\tasks\User_Feed_Synchronization-{4365D94F-27A5-4A3F-AE52-29ACB669B66A}.job

      ======Registry dump======

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
      Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
      Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
      Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
      Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
      Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
      "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
      "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
      "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
      "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
      "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
      "Malwarebytes Anti-Malware (reboot)"=I:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
      "ClipSrv"=C:\DOCUME~1\Flavien\LOCALS~1\APPLIC~1\clipsrv.exe [2009-09-27 61440]

      [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
      "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

      [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
      "ClipSrv"=C:\DOCUME~1\Flavien\LOCALS~1\Temp\clipsrv.exe [2009-09-27 61440]
      "DllHst"=C:\DOCUME~1\Flavien\LOCALS~1\APPLIC~1\MICROS~1\dllhst3g.exe [2009-09-27 61440]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\45859748408732031743729014655697]
      C:\Program Files\Antivirus 2009\av2009.exe []

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client]
      C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart []

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
      C:\Program Files\DNA\btdna.exe [2008-12-19 342848]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
      C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-02-19 1089536]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
      C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
      C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
      C:\Program Files\EoRezo\EoEngine.exe []

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
      C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
      C:\Program Files\ItsLabel\ItsTV.exe []

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
      C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
      C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
      C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe /NoDialog []

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
      C:\WINDOWS\system32\NvCpl.dll [2008-03-24 13524992]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
      C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
      C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcDoctorHealth]
      C:\WINDOWS\System32\sattack\mirc.exe []

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soaoywa]
      c:\documents and settings\flavien\local settings\application data\soaoywa.exe soaoywa []

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
      C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
      I:\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
      C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2005-05-11 73728]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
      C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Flavien^Menu Démarrer^Programmes^Démarrage^Logitech . Enregistrement du produit.lnk]
      C:\PROGRA~1\Logitech\QuickCam\eReg.exe [2008-02-13 493832]

      C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
      Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
      C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
      WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
      "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
      "dontdisplaylastusername"=0
      "legalnoticecaption"=
      "legalnoticetext"=
      "shutdownwithoutlogon"=1
      "undockwithoutlogon"=1

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
      "HonorAutoRunSetting"=

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
      "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
      "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
      "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
      "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
      "C:\Program Files\Sierra\FEARCombat\fpupdate.exe"="C:\Program Files\Sierra\FEARCombat\fpupdate.exe:*:Enabled:fpupdate"
      "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
      "I:\eMule\emule.exe"="I:\eMule\emule.exe:*:Enabled:eMule"
      "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
      "I:\programmes\MotoGP 2007\motogp.exe"="I:\programmes\MotoGP 2007\motogp.exe:*:Enabled:motogp"
      "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
      "I:\programmes\BitTorrent\bittorrent.exe"="I:\programmes\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
      "I:\programmes\moto gp 2008\Launcher.exe"="I:\programmes\moto gp 2008\Launcher.exe:*:Enabled:MotoGP 08"
      "I:\Program Files\Freeplayer\vlc\vlc.exe"="I:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
      "I:\Program Files\Left4Dead\hl2.exe"="I:\Program Files\Left4Dead\hl2.exe:*:Enabled:hl2"
      "I:\Program Files\HomePlayer\HomePlayer.exe"="I:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
      "I:\Program Files\HomePlayer\VLC\vlc.exe"="I:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer"
      "I:\Program Files\pes2009.exe"="I:\Program Files\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
      "I:\Program Files\PES 2009\pes2009.exe"="I:\Program Files\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
      "I:\programmes\Micromachine v4\MMV4.exe"="I:\programmes\Micromachine v4\MMV4.exe:*:Enabled:MMV4"
      "C:\WINDOWS\system32\sattack\mirc.exe"="C:\WINDOWS\system32\sattack\mirc.exe:*:Enabled:mIRC"
      "C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify"
      "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
      "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
      "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
      "C:\DOCUME~1\Flavien\LOCALS~1\Temp\~temp\mlp72\mdm.exe"="C:\DOCUME~1\Flavien\LOCALS~1\Temp\~temp\mlp72\mdm.exe:*:Enabled:UpdateWizzard"
      "C:\DOCUME~1\Flavien\LOCALS~1\Temp\~temp\mlp73\mdm.exe"="C:\DOCUME~1\Flavien\LOCALS~1\Temp\~temp\mlp73\mdm.exe:*:Enabled:UpdateWizzard"
      "C:\DOCUME~1\Flavien\LOCALS~1\Temp\~temp\mlp74\mdm.exe"="C:\DOCUME~1\Flavien\LOCALS~1\Temp\~temp\mlp74\mdm.exe:*:Enabled:UpdateWizzard"
      "C:\DOCUME~1\Flavien\LOCALS~1\Temp\~temp\mlp75\mdm.exe"="C:\DOCUME~1\Flavien\LOCALS~1\Temp\~temp\mlp75\mdm.exe:*:Enabled:UpdateWizzard"
      "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
      "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
      "I:\Program Files\ResidentEvil5\RE5DX9.EXE"="I:\Program Files\ResidentEvil5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5"

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
      "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
      "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
      "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
      "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
      "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5b4e2d0-96e3-11dd-98a4-001fd0584e76}]
      shell\AutoRun\command - K:\InstallTomTomHOME.exe


      ======List of files/folders created in the last 2 months======

      2009-11-22 16:26:52 ----D---- C:\rsit
      2009-11-22 13:29:36 ----A---- C:\Documents and Settings\Flavien\Application Data\ieudinit.exe
      2009-11-22 12:40:46 ----D---- C:\Documents and Settings\Flavien\Application Data\Malwarebytes
      2009-11-22 12:40:41 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2009-11-22 01:04:43 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
      2009-11-22 01:04:42 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
      2009-11-22 00:55:18 ----RHD---- C:\Documents and Settings\Flavien\Application Data\SecuROM
      2009-11-21 17:29:39 ----D---- C:\Program Files\Western Digital Corp
      2009-11-11 13:27:16 ----A---- C:\Documents and Settings\Flavien\Application Data\clipsrv.exe
      2009-11-11 12:39:43 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
      2009-11-10 19:53:17 ----D---- C:\Program Files\Adobe
      2009-11-06 18:55:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
      2009-11-06 10:59:54 ----A---- C:\WINDOWS\system32\xlivefnt.dll
      2009-11-06 10:59:54 ----A---- C:\WINDOWS\system32\xlive.dll
      2009-11-06 10:58:04 ----A---- C:\WINDOWS\system32\xlive.dll.cat
      2009-11-06 09:20:06 ----D---- C:\Program Files\Microsoft Office Outlook Connector
      2009-11-06 09:19:23 ----D---- C:\Program Files\Microsoft Sync Framework
      2009-11-06 09:17:21 ----D---- C:\Program Files\Windows Live SkyDrive
      2009-10-19 04:17:08 ----D---- C:\Program Files\TorrentSpeeder
      2009-10-18 11:49:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
      2009-10-18 11:45:33 ----N---- C:\WINDOWS\system32\MpSigStub.exe
      2009-10-18 11:44:35 ----D---- C:\Program Files\Windows Defender
      2009-10-18 11:11:00 ----D---- C:\Documents and Settings\All Users\Application Data\Winferno
      2009-10-18 11:08:29 ----D---- C:\Documents and Settings\Flavien\Application Data\Titanium Gears
      2009-10-18 11:07:07 ----D---- C:\Program Files\Common Files
      2009-10-18 11:06:45 ----A---- C:\WINDOWS\system32\WINUTIL5.DLL
      2009-10-18 11:06:45 ----A---- C:\WINDOWS\system32\WINLCTL5.DLL
      2009-10-18 11:06:23 ----D---- C:\Documents and Settings\Flavien\Application Data\Yahoo!
      2009-10-17 17:42:54 ----D---- C:\Program Files\PokerStars
      2009-10-16 19:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
      2009-10-16 19:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
      2009-10-16 19:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
      2009-10-16 19:02:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
      2009-10-16 19:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
      2009-10-16 19:02:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
      2009-10-16 19:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
      2009-10-16 19:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
      2009-10-16 19:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
      2009-10-14 19:55:02 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
      2009-10-14 19:55:02 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
      2009-10-14 19:55:00 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
      2009-10-14 19:54:57 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
      2009-10-14 19:54:57 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
      2009-10-14 19:54:56 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
      2009-10-14 19:54:55 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
      2009-10-14 19:54:53 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
      2009-10-14 19:54:53 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
      2009-10-14 19:54:50 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
      2009-10-14 19:54:49 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
      2009-10-14 19:54:49 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
      2009-10-14 19:54:48 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
      2009-10-14 19:54:48 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
      2009-10-14 19:54:47 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
      2009-10-14 19:54:47 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
      2009-10-14 19:54:46 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
      2009-10-14 19:54:45 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
      2009-10-14 19:54:45 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
      2009-10-14 19:54:44 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
      2009-10-14 19:54:43 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
      2009-10-14 19:54:43 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
      2009-10-14 19:54:42 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
      2009-10-14 19:54:41 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
      2009-10-14 19:54:41 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
      2009-10-14 19:54:41 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
      2009-10-14 19:54:39 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
      2009-10-14 19:53:39 ----D---- C:\WINDOWS\Logs
      2009-10-14 19:53:00 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
      2009-10-14 19:49:27 ----D---- C:\WINDOWS\system32\XPSViewer
      2009-10-14 19:49:26 ----D---- C:\WINDOWS\system32\en-us
      2009-10-14 19:49:03 ----D---- C:\Program Files\Reference Assemblies
      2009-10-14 19:48:43 ----N---- C:\WINDOWS\system32\spmsg2.dll
      2009-10-14 19:46:05 ----D---- C:\WINDOWS\system32\xlive
      2009-10-14 19:46:05 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
      2009-09-30 10:26:28 ----D---- C:\WINDOWS\Minidump

      ======List of files/folders modified in the last 2 months======

      2009-11-22 16:26:23 ----D---- C:\WINDOWS\Temp
      2009-11-22 16:25:25 ----D---- C:\WINDOWS\Prefetch
      2009-11-22 13:32:25 ----D---- C:\WINDOWS\system32\CatRoot2
      2009-11-22 13:32:23 ----SD---- C:\WINDOWS\Tasks
      2009-11-22 13:29:34 ----D---- C:\WINDOWS
      2009-11-22 13:29:11 ----D---- C:\Program Files\epson
      2009-11-22 13:27:59 ----A---- C:\WINDOWS\SchedLgU.Txt
      2009-11-22 13:27:15 ----RD---- C:\Program Files
      2009-11-22 13:27:15 ----D---- C:\WINDOWS\system32\drivers
      2009-11-22 13:27:15 ----D---- C:\WINDOWS\system32
      2009-11-22 13:27:15 ----D---- C:\WINDOWS\system
      2009-11-22 10:26:06 ----SHD---- C:\WINDOWS\Installer
      2009-11-22 10:26:06 ----D---- C:\Program Files\Fichiers communs
      2009-11-22 10:26:05 ----D---- C:\Config.Msi
      2009-11-22 10:25:38 ----D---- C:\WINDOWS\twain_32
      2009-11-22 10:25:35 ----HD---- C:\WINDOWS\inf
      2009-11-22 10:20:59 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2009-11-22 01:04:43 ----D---- C:\WINDOWS\system32\DirectX
      2009-11-21 23:29:14 ----RSD---- C:\WINDOWS\assembly
      2009-11-19 21:41:33 ----D---- C:\WINDOWS\Debug
      2009-11-19 19:05:04 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
      2009-11-19 18:19:46 ----D---- C:\Documents and Settings\Flavien\Application Data\skypePM
      2009-11-14 19:35:33 ----A---- C:\WINDOWS\NeroDigital.ini
      2009-11-14 19:22:25 ----SD---- C:\Documents and Settings\Flavien\Application Data\Microsoft
      2009-11-11 12:43:11 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
      2009-11-11 12:39:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
      2009-11-11 12:38:21 ----D---- C:\WINDOWS\$hf_mig$
      2009-11-11 08:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
      2009-11-10 19:53:28 ----D---- C:\Program Files\Fichiers communs\Adobe
      2009-11-06 20:15:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
      2009-11-06 18:53:52 ----RSD---- C:\WINDOWS\Fonts
      2009-11-06 18:53:48 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
      2009-11-06 18:53:28 ----D---- C:\Program Files\Microsoft Works
      2009-11-06 18:52:23 ----A---- C:\WINDOWS\win.ini
      2009-11-06 14:40:02 ----D---- C:\WINDOWS\Microsoft.NET
      2009-11-06 14:18:59 ----D---- C:\WINDOWS\Help
      2009-11-06 09:20:07 ----D---- C:\Program Files\Fichiers communs\System
      2009-11-06 09:19:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
      2009-11-06 09:19:35 ----D---- C:\Program Files\Windows Live
      2009-11-06 09:19:23 ----D---- C:\WINDOWS\WinSxS
      2009-11-06 09:19:15 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
      2009-11-06 09:17:34 ----D---- C:\Program Files\Microsoft
      2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
      2009-11-05 18:13:45 ----D---- C:\Program Files\Messenger Plus! Live
      2009-11-03 07:45:02 ----D---- C:\WINDOWS\ie8updates
      2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
      2009-10-18 14:39:52 ----SHD---- C:\RECYCLER
      2009-10-18 13:40:29 ----RASH---- C:\boot.ini
      2009-10-18 13:40:29 ----A---- C:\WINDOWS\system.ini
      2009-10-18 12:21:10 ----D---- C:\Program Files\Image-Line
      2009-10-18 12:13:12 ----D---- C:\Program Files\Nokia
      2009-10-18 12:11:11 ----D---- C:\Program Files\Windows Live Toolbar
      2009-10-18 12:10:57 ----D---- C:\Program Files\Yahoo!
      2009-10-18 12:03:58 ----D---- C:\Program Files\Spybot - Search & Destroy
      2009-10-18 11:49:55 ----D---- C:\WINDOWS\system32\CatRoot
      2009-10-18 10:16:16 ----D---- C:\Program Files\Microsoft Silverlight
      2009-10-16 19:05:15 ----D---- C:\Program Files\Internet Explorer
      2009-10-15 16:22:19 ----SD---- C:\WINDOWS\Downloaded Program Files
      2009-10-15 16:22:19 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
      2009-10-14 19:52:48 ----D---- C:\WINDOWS\system32\fr-fr
      2009-10-14 19:51:38 ----D---- C:\Program Files\MSBuild
      2009-10-14 19:48:49 ----D---- C:\WINDOWS\system32\spool
      2009-09-24 17:41:20 ----D---- C:\Documents and Settings\Flavien\Application Data\Adobe

      ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-09-15 27408]
      R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
      R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
      R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-09-15 52368]
      R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
      R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
      R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
      R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
      R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-09-15 23152]
      R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
      R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
      R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
      R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
      R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
      R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
      R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
      R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-03-24 6547872]
      R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
      R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
      R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
      R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
      R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
      R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
      R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
      R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
      R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
      S3 askwfsl3;askwfsl3; C:\WINDOWS\system32\drivers\askwfsl3.sys []
      S3 catchme;catchme; \??\C:\DOCUME~1\Flavien\LOCALS~1\Temp\catchme.sys []
      S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
      S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
      S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
      S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568]
      S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
      S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
      S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
      S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
      S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
      S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
      S3 SaiH040B;SaiH040B; C:\WINDOWS\system32\DRIVERS\SaiH040B.sys [2007-05-01 132232]
      S3 SaiU040B;SaiU040B; C:\WINDOWS\system32\DRIVERS\SaiU040B.sys [2007-05-01 28416]
      S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
      S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
      S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
      S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
      S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
      S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
      S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
      S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
      S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
      S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
      S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

      ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
      R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
      R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
      R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
      R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-03-24 155716]
      R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
      R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
      R2 TomTomHOMEService;TomTomHOMEService; I:\TomTom HOME 2\TomTomHOMEService.exe [2009-04-08 92008]
      R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
      R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
      R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
      R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
      S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
      S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
      S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
      S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
      S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
      S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
      S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
      S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
      S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
      S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

      -----------------EOF-----------------
      0
  2. flagazgaz Messages postés 26 Statut Membre
     
    ok
    je vais faire ca
    merci
    @+
    0
  3. flagazgaz Messages postés 26 Statut Membre
     
    telecharger "RSIT"
    0
  4. totobetourne Messages postés 5677 Statut Membre 65
     
    1)tu télécharge navilog1
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le blocnote.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

    Arriver au menu principal, choisir l'option 2 et valider (nettoyage "automatique" ).

    Le fix demandera ensuite de "redémarrer le PC", fermer toutes les fenêtres ouvertes
    et appuyer sur une touche comme demandé.(si le PC ne redémarre pas automatiquement, le faire manuellement)
    Au redémarrage du PC, choisir la session habituelle si nécessaire.

    Patienter jusqu'au message : "Nettoyage Terminé le ..."

    Le bureau revient, puis le bloc-note s'ouvre .
    Sauvegarder ce rapport de manière à le retrouver, puis fermer le bloc-note ...
    (Le rapport sera en outre sauvegardé à la racine du disque "C\:cleannavi.txt")

    Postes ce rapport dans ta nouvelle réponse pour analyse et attends la suite ...

    (PS : Si le bureau ne réapparaît pas, faire CTRL+ALT+SUPPR pour ouvrir le gestionnaire de tâches.
    Choisir l'onglet processus. Cliquer en haut à gauche sur fichiers et choisir exécuter,
    Taper explorer et valider.)

    2)passe cet antimalware, fait comme indique
    Telecharges malwaresbytes antimalwares(MBAM) : egalement tres util sur pb de pub mais pas tous malheureusement

    Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
    fais comme indique,mise a jour , scan complet et le rapport.
    COLLE LE RAPPORT APRES SUPPRESSION MERCI.

    garde le et lance un scan tout les mois comme indique.

    si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.

    3)telecharge cela et fait le fonctionner en option A.colle le rapport.

    http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

    Déconnectes toi et fermes toutes applications en cours !

    Relances "Ad-remover" : au menu principal choisi l'option "B" .
    ? Ensuite coche: (le numero devant et entree)

    Boonty/Boonty Games
    eorezo
    .......
    Puis "S"

    le programme va travailler ...

    Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    /!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
    0
    1. flagazgaz Messages postés 26 Statut Membre
       
      rapport cleannavi.txt :


      Fix Navipromo version 4.0.5 commencé le 22/11/2009 17:56:15,56

      !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
      !!! Postez ce rapport sur le forum pour le faire analyser !!!

      Outil exécuté depuis C:\Program Files\navilog1

      Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

      Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ )
      BIOS : Award Modular BIOS v6.00PG
      USER : Flavien ( Administrator )
      BOOT : Normal boot

      Antivirus : avast! antivirus 4.8.1356 [VPS 091122-0] 4.8.1356 (Activated)


      A:\ (USB)
      C:\ (Local Disk) - NTFS - Total:19 Go (Free:2 Go)
      D:\ (CD or DVD)
      E:\ (CD or DVD)
      F:\ (USB)
      G:\ (USB)
      H:\ (USB)
      I:\ (Local Disk) - NTFS - Total:446 Go (Free:138 Go)
      J:\ (USB)
      L:\ (USB)


      Recherche executée en mode normal

      Nettoyage exécuté au redémarrage de l'ordinateur




      Nettoyage contenu C:\WINDOWS\Temp effectué !
      Nettoyage contenu C:\Documents and Settings\Flavien\locals~1\Temp effectué !


      *** Sauvegarde du Registre vers dossier Safebackup ***

      sauvegarde du Registre réalisée avec succès !

      *** Nettoyage Registre ***

      Nettoyage Registre Ok

      Certificat Egroup supprimé !
      Certificat OOO-Favorit supprimé !



      *** Scan terminé 22/11/2009 17:59:48,09 ***
      0
    2. flagazgaz Messages postés 26 Statut Membre
       
      j'ai perdu le rapport malewarebytes.
      Voici le rapport AD-R:

      .
      ======= RAPPORT D'AD-REMOVER 1.1.4.6_D | UNIQUEMENT XP/VISTA/7 =======
      .
      Mit à jour par C_XX le 22.11.2009 à 17:41
      Contact: AdRemover.contact@gmail.com
      Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
      .
      Lancé à: 18:07:36, 22/11/2009 | Mode Normal | Option: SCAN
      Exécuté de: C:\Program Files\Ad-Remover\
      Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
      Nom du PC: PC | Utilisateur actuel: Flavien
      .
      ============== ÉLÉMENT(S) TROUVÉ(S) ==============
      .
      C:\DOCUME~1\Flavien\APPLIC~1\EoRezo
      C:\DOCUME~1\Flavien\APPLIC~1\ItsLabel
      C:\Program Files\EoRezo
      C:\Program Files\Everest Poker
      C:\log_lobby.txt
      C:\log_lobby_dumper.txt
      .
      HKCU\software\EoRezo
      HKCU\software\ItsLabel
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
      HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
      HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
      HKLM\software\microsoft\shared tools\msconfig\startupreg\EoEngine
      HKLM\software\microsoft\shared tools\msconfig\startupreg\ItsTV
      HKU\s-1-5-21-1993962763-57989841-725345543-1003\software\EoRezo
      HKU\s-1-5-21-1993962763-57989841-725345543-1003\software\ItsLabel
      .
      ============== Scan additionnel ==============
      .
      .
      * Internet Explorer Version 8.0.6001.18702 *
      .
      [HKEY_CURRENT_USER\..\Internet Explorer\Main]
      .
      Start Page: hxxp://www.google.fr/
      Search Page:
      Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
      Search Bar:
      SearchAssistant:
      Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
      Start Page Redirect Cache_TIMESTAMP: NARY ae71876dbb5eca01
      Start Page Redirect Cache AcceptLangs: fr
      .
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
      .
      Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
      Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
      Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
      Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
      .
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
      .
      Tabs: res://ieframe.dll/tabswelcome.htm
      .
      ============== Suspect (Cracks, Serials, ...) ==============
      .
      C:\Documents and Settings\Flavien\Application Data\uTorrent\Beijing 2008 - 1.0 Crack.rar.torrent
      C:\Documents and Settings\Flavien\Favoris\GameCopyWorld - Mirrors - No-CD, No-DVD Patches, Game Fixes, Trainers & Cheats.url
      .
      ===================================
      .
      2442 Octet(s) - C:\Ad-Report-SCAN[1].log
      .
      3 Fichier(s) - C:\DOCUME~1\Flavien\LOCALS~1\Temp
      5 Fichier(s) - C:\WINDOWS\Temp
      .
      1 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
      0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
      .
      Fin à: 18:46:01 | 22/11/2009 - SCAN[1]
      .
      ============== E.O.F ==============
      .
      0
    3. flagazgaz Messages postés 26 Statut Membre
       
      rapport AD-R CLEAN:

      .
      ======= RAPPORT D'AD-REMOVER 1.1.4.6_D | UNIQUEMENT XP/VISTA/7 =======
      .
      Mit à jour par C_XX le 22.11.2009 à 17:41
      Contact: AdRemover.contact@gmail.com
      Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
      .
      Lancé à: 21:15:08, 22/11/2009 | Mode Normal | Option: CLEAN
      Exécuté de: C:\Program Files\Ad-Remover\
      Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
      Nom du PC: PC | Utilisateur actuel: Flavien
      .
      ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
      .
      C:\DOCUME~1\Flavien\APPLIC~1\EoRezo
      C:\DOCUME~1\Flavien\APPLIC~1\ItsLabel
      C:\Program Files\EoRezo
      C:\Program Files\Everest Poker
      C:\log_lobby.txt
      C:\log_lobby_dumper.txt
      .
      HKCU\software\EoRezo
      HKCU\software\ItsLabel
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
      HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
      HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
      HKLM\software\microsoft\shared tools\msconfig\startupreg\EoEngine
      HKLM\software\microsoft\shared tools\msconfig\startupreg\ItsTV

      (!) -- Fichiers temporaires supprimés.

      .
      ============== Scan additionnel ==============
      .
      .
      * Internet Explorer Version 8.0.6001.18702 *
      .
      [HKEY_CURRENT_USER\..\Internet Explorer\Main]
      .
      Start Page: hxxp://fr.msn.com/
      Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
      SearchAssistant:
      Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
      Start Page Redirect Cache_TIMESTAMP: NARY ae71876dbb5eca01
      Start Page Redirect Cache AcceptLangs: fr
      Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      .
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
      .
      Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Start Page: hxxp://fr.msn.com/
      Search bar: hxxp://search.msn.com/spbasic.htm
      .
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
      .
      Tabs: res://ieframe.dll/tabswelcome.htm
      .
      ============== Suspect (Cracks, Serials, ...) ==============
      .
      C:\Documents and Settings\Flavien\Application Data\uTorrent\Beijing 2008 - 1.0 Crack.rar.torrent
      C:\Documents and Settings\Flavien\Favoris\GameCopyWorld - Mirrors - No-CD, No-DVD Patches, Game Fixes, Trainers & Cheats.url
      .
      ===================================
      .
      2556 Octet(s) - C:\Ad-Report-CLEAN[1].log
      2768 Octet(s) - C:\Ad-Report-SCAN[1].log
      .
      0 Fichier(s) - C:\DOCUME~1\Flavien\LOCALS~1\Temp
      3 Fichier(s) - C:\WINDOWS\Temp
      .
      18 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
      37 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
      .
      Fin à: 21:49:53 | 22/11/2009 - CLEAN[1]
      .
      ============== E.O.F ==============
      .
      0
    4. flagazgaz Messages postés 26 Statut Membre
       
      rapport hijackthis:

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 22:04:32, on 22/11/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v8.00 (8.00.6001.18702)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Windows Defender\MsMpEng.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      C:\WINDOWS\system32\svchost.exe
      I:\TomTom HOME 2\TomTomHOMEService.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Windows Defender\MSASCui.exe
      C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
      C:\DOCUME~1\Flavien\LOCALS~1\APPLIC~1\MICROS~1\cmstp.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
      C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
      C:\Program Files\Trend Micro\HijackThis\eden.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - Default URLSearchHook is missing
      F3 - REG:win.ini: load=C:\DOCUME~1\Flavien\LOCALS~1\APPLIC~1\MICROS~1\cmstp.exe
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: (no name) - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - (no file)
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
      O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "I:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKLM\..\Policies\Explorer\Run: [ClipSrv] C:\DOCUME~1\Flavien\LOCALS~1\APPLIC~1\clipsrv.exe /waitservice
      O4 - HKCU\..\Policies\Explorer\Run: [ClipSrv] C:\DOCUME~1\Flavien\LOCALS~1\Temp\clipsrv.exe /waitservice
      O4 - HKCU\..\Policies\Explorer\Run: [DllHst] C:\DOCUME~1\Flavien\LOCALS~1\APPLIC~1\MICROS~1\dllhst3g.exe /waitservice
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [IEudinit] C:\DOCUME~1\Flavien\APPLIC~1\ieudinit.exe /waitservice (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [IEudinit] C:\DOCUME~1\Flavien\APPLIC~1\ieudinit.exe /waitservice (User 'Default user')
      O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
      O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
      O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
      O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090910103721
      O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://fdata.over-blog.com/99/00/00/01/js/javauploader/ImageUploader5.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
      O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
      O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-2.0.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
      O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://fdata.over-blog.com/99/00/00/01/js/javauploader/ImageUploader4.cab
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      O23 - Service: TomTomHOMEService - TomTom - I:\TomTom HOME 2\TomTomHOMEService.exe
      0