pub et bug demarrage pc

Question

Bonjour, j'ai un souci avec mon pc, il ne s'allume pas toujours,quelques fois ,il s'allume jusqu'a l'icone windows puis se met a redemarrer, et j'ai aussi des pages de pub qui s'ouvre assez souvent,si quelqu'un peut m'aider merci


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:16, on 29/01/2010
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\program files\divx\divx pro codec\gain_trickler_3202.exe
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe
C:\WINDOWS\System32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\documents and settings	hunder\local settings\application data\bpckxdre.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\QuestService\questservice119.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\QuestService\questservice.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mykeysearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.2.0.2150\wso.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Trickler] "c:\program files\divx\divx pro codec\gain_trickler_3202.exe"
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Netlog 24] C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [bpckxdre] "c:\documents and settings	hunder\local settings\application data\bpckxdre.exe" bpckxdre
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Raccourci vers neuf telecom.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\webelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\webelated.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8D3E965-9B2B-4461-9110-2183C3FB9E05}: NameServer = 10.0.0.138
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice119.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcappcapd.exe
O24 - Desktop Component 0: (no name) - http://saw4.com/public/wallpapers/saw4-wallpaper-1.jpg
O24 - Desktop Component 1: (no name) - http://saw4.com/public/wallpapers/saw4-wallpaper-2.jpg

atk_49 · Answer

Bonjour,

As tu essayé un démarrage en mode sans échec? 
Si tu peux atteindre windows dans ce mode, tu pourras faire le "ménage", car visiblement ton pc est plein de spam! :/

seb · Answer

quand il fais ça ,il ne demarre pas en mode sans echec, mais la je suis dessus il a bien voulu demarrer

seb · Answer

par contre je ne c'est pas ce que je peux faire

seb · Answer

personne peut m'aider? svp

moment de grace · Answer

bonjour

Infection Navipromo….Pour info :

Il s'installe via certains programmes, dont ceux-ci qu'il faut éviter à tout prix: 
* Funky Emoticons 
* go-astro 
* Games Attack 
* GoRecord 
* HotTVPlayer / HotTVPlayer & Paris Hilton 
* Live-Player 
* MailSkinner 
* Messenger Skinner 
* Instant Access 
* InternetGameBox 
* Officiale Emule (Version d'Emule modifiée) 
* Original Solitaire 
* SuperSexPlayer 
* Speed Downloading 
* Sudoplanet 
* Webmediaplayer

il faudrait télécharge navilog1 sur le bureau : 
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe 

 Certaines infections bloquent les téléchargements d' outils de désinfection utilisez ce lien alternatif:
 http://ww38.toofiles.com/fr/oip/documents/exe/yop3.html 

/!\ Utilisateur de VISTA: il faudrait désactiver l’UAC juste le temps de désinfection de votre pc, Vous le réactiverez plus tard : 

Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac 

1°Double-clique sur navilog1.exe présent sur ton bureau 
2°Sélectionnez la langue désirée dans le menu puis valide le choix par la touche « entrer » 
3°Petit message d’avertissement, appuyez sur une touche pour passe à la suite 
4°un nouveau avertissement, appuie sur une touche pour suivre 
5°Vérification de l’installation de Navilog1 : si tout est bon, appuyez sur une touche pour continuer 
6°Choisir option 1 : recherche/désinfection automatique 
7°La recherche va se lancer automatiquement et peut durée quelques minutes, patientez 
8°Une fois l’analyse terminé, fermez et enregistrez votre travail en cours, puis appuiez sur une touche pour que votre pc puisse démarrer 
9°Au redémarrage du pc, Navilog va supprimer ce qu’il a trouvé, patientez quelques instants. 

Un rapport est gèneré par l'outil. Il se trouve à cette emplacement : 
XP : demarrer/poste de travail/c:/cleannavi.txt 
Vista : logo « demarrer »/ordinateur/c:/ cleannavi.txt 


...................

ensuite

• Télécharge Random's System Information Tool (RSIT) de Random/Random. 

(outil de diagnostic)

http://images.malwareremoval.com/random/RSIT.exe 

• Enregistre le sur ton Bureau. 

• Double clique sur RSIT.exe pour lancer l'outil. 

• Clique sur "Continue" à l'écran Disclaimer. 

• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) 

et tu devras accepter la licence. 

• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp

Les rapports se trouvent à cet endroit: 
C:\rsit\info.txt 
C:\rsit\log.txt

seb · Answer

merci de ton aide,par contre j'ai un problème mon pc ne veut pas redemarrer pour l'instant, je venais de lancer navilog,je reessayerai demain merci

seb · Answer

voici le rapport navilog

Fix Navipromo version 4.0.6 commencé le 29/01/2010 23:36:48,12

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files
avilog1

Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU          4300  @ 1.80GHz )
BIOS : BIOS Date: 03/16/07 16:12:36 Ver: 08.00.13
USER : thunder ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:126 Go (Free:4 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (Local Disk) - NTFS - Total:5 Go (Free:0 Go)
I:\ (CD or DVD)
J:\ (USB)


Recherche executée en mode normal 

Nettoyage exécuté au redémarrage de l'ordinateur


C:\WINDOWS\prefetch\bpckxdre*.pf supprimé !
c:\docume~1	hunder\locals~1\applic~1\bpckxdre.exe supprimé !
c:\docume~1	hunder\locals~1\applic~1\bpckxdre.dat supprimé !
c:\docume~1	hunder\locals~1\applic~1\bpckxdre_nav.dat supprimé !
c:\docume~1	hunder\locals~1\applic~1\bpckxdre_navps.dat supprimé !


Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings	hunder\locals~1\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok




*** Scan terminé 30/01/2010 11:16:17,97 ***

seb · Answer

le rapport info de random

info.txt logfile of random's system information tool 1.06 2010-01-30 11:33:25

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c 
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Ahead Nero 6 Demo-->C:\Program Files\Ahead
ero\uninstall\UNNERO.exe /UNINSTALL
Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bibliothèques GTK+ 2.10.13 rev a (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe
Compel Adaptec WinASPI-->"C:\Program Files\WinASPI\unins000.exe"
Cool Edit Pro 2.0-->C:\Program Files\coolpro2\cep2unin.exe
Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]-->C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe
Correctif Windows XP - KB835732-->C:\WINDOWS\$NtUninstallKB835732$\spuninst\spuninst.exe
Correctif Windows XP - KB842773-->C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB892944-->"C:\WINDOWS\$NtUninstallKB892944$\spuninst\spuninst.exe"
Correctif Windows XP - KB911567-->"C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\spuninst\spuninst.exe"
Correctif Windows XP - KB918439-->"C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$\spuninst\spuninst.exe"
Correctif Windows XP - KB918899-->"C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$\spuninst\spuninst.exe"
Correctif Windows XP - KB925486-->"C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$\spuninst\spuninst.exe"
Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
Crouzet Logic Software M2 v1.3.6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C97316B-6D2C-4038-9593-D5C1A27F4F02}\setup.exe" anything
Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
DivX 5.0.2 Pro Bundle-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\uninstal.log
DivX Codec 3.1alpha release-->C:\WINDOWS\System32undll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivX.inf
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivXG400-->"C:\WINDOWS\IPUI_DivXG400.exe" /U /D
DVDFab Express 2.9.8.3-->"C:\Program Files\DVDFab Express\unins000.exe"
EVEREST Ultimate Edition v4.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
File Properties Changer-->C:\Program Files\File Properties Changer\uninstall.exe
Fraps-->"C:\Fraps\uninstall.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXP$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
hp psc 1100 series-->MsiExec.exe /X{01161F64-6897-4885-93A0-A9F7BE9A4253}
K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Ma-Config.com plugin-->MsiExec.exe /I{BF85A9D4-030F-4D2A-83CF-D4DDA0D3E68C}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 8 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905495)-->"C:\WINDOWS\$NtUninstallKB905495$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB835409)-->"C:\WINDOWS\$NtUninstallKB835409$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Motomate Programmer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{962EA320-25A5-11D8-8D4C-0000F83172B6}\setup.exe" 
Mozilla Firefox (3.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9  -uninst 
NeoDivx 2006-->"C:\Program Files
eodivx2006\uninstall.exe"
NVIDIA Drivers-->C:\WINDOWS\System32
vudisp.exe UninstallGUI
Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
Photo et imagerie HP 2.0 - hp psc 1100 series-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe"  -uninstall
QuestService 1.0 build 121-->C:\Program Files\QuestService\uninstall.exe
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c  -removeonly
Rippack v3 beta 16.1-->"C:\Program Files\Rippackv3\Uninstall.exe" "C:\Program Files\Rippackv3\install.log"
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\System32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update pour Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\System32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Sony Ericsson PC Suite 4.010.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x040c -removeonly
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPER © Version 2007.bld.23 (July 4, 2007)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinPcap 3.1-->C:\Program Files\WinPcap\uninstall.exe
x264 Revision 468 x264.nl (remove only)-->"C:\Program Files\x264\x264-uninstall.exe"
XviD 1.1 final uninstall-->"C:\Program Files\XviD\unins000.exe"

======System event log======

Computer Name: THU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

Record Number: 37393
Source Name: Service Control Manager
Time Written: 20091017093951.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: THU
Event Code: 7036
Message: Le service Service de découvertes SSDP est entré dans l'état : en cours d'exécution.

Record Number: 37392
Source Name: Service Control Manager
Time Written: 20091017093951.000000+120
Event Type: Informations
User: 

Computer Name: THU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

Record Number: 37391
Source Name: Service Control Manager
Time Written: 20091017093951.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: THU
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

Record Number: 37390
Source Name: Service Control Manager
Time Written: 20091017093951.000000+120
Event Type: Informations
User: 

Computer Name: THU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 37389
Source Name: Service Control Manager
Time Written: 20091017093951.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: THU
Event Code: 1007
Message: Le CLUF a déjà été refusé.

Record Number: 2147
Source Name: WgaSetup
Time Written: 20090519170646.000000+120
Event Type: Informations
User: 

Computer Name: THU
Event Code: 1003
Message: Échec de l'installation.  code = 0x800704c7, erreur = L'opération a été annulée par l'utilisateur.


Record Number: 2146
Source Name: WgaSetup
Time Written: 20090519170646.000000+120
Event Type: Informations
User: 

Computer Name: THU
Event Code: 1005
Message: L'utilisateur a refusé le CLUF.

Record Number: 2145
Source Name: WgaSetup
Time Written: 20090519170646.000000+120
Event Type: Informations
User: 

Computer Name: THU
Event Code: 1004
Message: L'utilisateur a accepté le CLUF.

Record Number: 2144
Source Name: WgaSetup
Time Written: 20090519170407.000000+120
Event Type: Informations
User: 

Computer Name: THU
Event Code: 1002
Message: Starting interactive setup.

Record Number: 2143
Source Name: WgaSetup
Time Written: 20090519170407.000000+120
Event Type: Informations
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0f02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

seb · Answer

et le rapport log

Logfile of random's system information tool 1.06 (written by random/random)
Run by thunder at 2010-01-30 11:33:22
Microsoft Windows XP Professionnel Service Pack 1
System drive C: has 19 GB (15%) free of 130 GB
Total RAM: 1023 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:33:24, on 30/01/2010
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\QuestService\questservice121.exe
C:\Program Files\QuestService\questservice.exe
C:\WINDOWS\NOTEPAD.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\program files\divx\divx pro codec\gain_trickler_3202.exe
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\WINDOWS\System32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings	hunder\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis	hunder.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mykeysearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.2.0.2150\wso.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Trickler] "c:\program files\divx\divx pro codec\gain_trickler_3202.exe"
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Netlog 24] C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Raccourci vers neuf telecom.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\webelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\webelated.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8D3E965-9B2B-4461-9110-2183C3FB9E05}: NameServer = 10.0.0.138
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice121.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcappcapd.exe
O24 - Desktop Component 0: (no name) - http://saw4.com/public/wallpapers/saw4-wallpaper-1.jpg
O24 - Desktop Component 1: (no name) - http://saw4.com/public/wallpapers/saw4-wallpaper-2.jpg

seb · Answer

voila tous les rapports, il a bien voulu demarrer ce matin merci

moment de grace · Answer

ok

1)

Télécharge Yoog_Fix sur ton Bureau : Yoog_Fix.exe
http://batchdhelus.open-web.fr/programme/Yoog_Fix.exe



Lance Yoog_Fix.exe qui est placé sur ton Bureau.
Si tu acceptes le disclamer tu cliques sur OK puis choisie l'option 1 Recherche / Suppression
Attends que le scan soit terminé, une fenêtre va t'en informer --> Cliquez sur OK.
Un rapport s'affiche, poste le dans ta prochaine réponse.
tutoriel: http://batchdhelus.open-web.fr/programme/tutoriels/tutoriel_option1.html
Note : Il se peut que Yoog_Fix soit détecté par ton antivirus comme dangereux. Cette alerte est un faux positif, Désactive tes protections résidentes !!!

...................

2)
 Téléchargez MalwareByte's Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe
 
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation. 
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre. 
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés. 
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur  Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine. 
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse. 
. Rends toi dans l'onglet rapport/log 
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous 
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller 


Si tu as besoin d'aide regarde ces tutoriels : 
 Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
 http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

seb · Answer

quand j'ai lancé yoog, il m'a demandé de le faire en mode sans echec mais je l'ai fais dans le mode normal ,c'est bon?

Yoog_Fix 3.0.1 de Batch_Man | thunder (Administrateur) 
Debut a 12:01 le 30/01/2010 
Microsoft Windows XP Professionnel(5.1.2600)
 
Intel(R) Core(TM)2 CPU          4300  @ 1.80GHz
Intel(R) Core(TM)2 CPU          4300  @ 1.80GHz
Ram : 1023,3 Mo 
Normal boot
 
Lancé de "C:\Program Files\Mozilla Firefox\Yoog_Fix.bat" 
 
C:\ [Fixed] - NTFS - (Total:130002 Mo/Free:2722 Mo)
E:\ [Removable] (Total:0 Mo/Free:0 Mo)
F:\ [Removable] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Fixed] - NTFS - (Total:6044 Mo/Free:896 Mo)
I:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)
 
Option [1] 2 3 Recherche / Suppression  

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»» [Suppression: Fichiers / Dossiers / Clés / Prefs Firefox]

 
------------[Suspects]
 
Aucun fichier suspect trouvé 
 
 
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
 
»»»»»»»»»»» [Recherche: Analyse de Firefox]
 

------------[Analyse de Firefox]
  
 
Mozilla Firefox 3.0.17 (fr) 
Répertoire d'installation : C:\Program Files\Mozilla Firefox 
Path: C:\Documents and Settings	hunder\Application Data\Mozilla\Firefox\Profiles	2nt4hy5.default 
 
[thunder\..\prefs.js] browser.startup.homepage: "http://www.theprizeday.com/today.php|https://www.google.fr/?gws_rd=ssl" 
[thunder\..\prefs.js] browser.search.defaulturl: "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl" 
[thunder\..\prefs.js] browser.search.selectedEngine: "GameRaving Toolbar" 
[thunder\..\prefs.js] browser.search.defaultenginename: "Google" 
 
------------[Extensions Firefox] 
 
[thunder] {3112ca9c-de6d-4884-a869-9855de68056c} = Google Toolbar for Firefox 
[thunder] {b9db16a4-6edc-47ec-a1f4-b86292ed211d} = DownloadHelper 
 
{3112ca9c-de6d-4884-a869-9855de68056c} = C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} 
{E63605FC-D583-4C81-867F-9457BDB3EA1B} = C:\Program Files\Web Search Operator\4.2.0.2150\FF 
{8141440E-08F0-4339-9959-5C31C6A69F23} = C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF 
{E889F097-B0BE-471B-89AD-B86B6F04B506} = C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF 
 
------------[Mozilla Plugins] 
 
 
------------[Plugins de recherche]
 
[Program Files] amazon-france.xml = https://www.amazon.fr/ 
[Program Files] eBay-france.xml = http://search.ebay.fr/ 
[Program Files] google.xml = https://www.google.com/ 
[Program Files] MediaDICO-fr.xml = http://www.dictionnaire-mediadico.com/dictionnaires.asp 
[Program Files] questservice115.xml = moz:SearchForm 
[Program Files] questservice121.xml = moz:SearchForm 
[Program Files] wikipedia-fr.xml = https://fr.wikipedia.org/wiki/Sp%C3%A9cial:Recherche 
[Program Files] yahoo-france.xml = https://fr.search.yahoo.com/ 
 
------------[Listing de dossiers]
 
[11/01/2010 21:33 | 23000 bytes] C:\Program Files\Mozilla Firefox\Components\browserdirprovider.dll 
[11/01/2010 21:33 | 134616 bytes] C:\Program Files\Mozilla Firefox\Components\brwsrcmp.dll 
[04/10/2009 15:46 | 411368 bytes] C:\Program Files\Mozilla Firefox\plugins
pdeploytk.dll 
[21/11/2008 22:45 | 1332224 bytes] C:\Program Files\Mozilla Firefox\plugins
pdivx32.dll 
[21/11/2008 22:45 | 98304 bytes] C:\Program Files\Mozilla Firefox\plugins
pDivxPlayerPlugin.dll 
[11/01/2010 21:33 | 65496 bytes] C:\Program Files\Mozilla Firefox\plugins
pnul32.dll 
[10/05/2007 22:52 | 95864 bytes] C:\Program Files\Mozilla Firefox\plugins
ppdf32.dll 
[29/10/2007 18:39 | 131072 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin.dll 
[29/10/2007 18:39 | 131072 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin2.dll 
[29/10/2007 18:39 | 131072 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin3.dll 
[29/10/2007 18:39 | 131072 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin4.dll 
[29/10/2007 18:39 | 131072 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin5.dll 
[29/10/2007 18:39 | 131072 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin6.dll 
[29/10/2007 18:39 | 131072 bytes] C:\Program Files\Mozilla Firefox\plugins
pqtplugin7.dll 
[26/09/2006 13:03 | 98304 bytes] C:\Program Files\Mozilla Firefox\plugins
pzylomgamesplayer.dll 
  
 
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
 
»»»»»»»»»»» [Recherche: Analyse d'Internet explorer / Registre ]
 
Internet Explorer : 6.0.2800.1106 
 
L1 = HKLM\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
L1 = HKLM\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKCU\..\Main.Start Page = http://home.mykeysearch.com
L1 = HKCU\..\Main.Search Page = https://www.google.com/?gws_rd=ssl
L1 = HKCU\..\Main.Search Bar = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKU\S-1-5-21-1715567821-789336058-839522115-1003\..\Main.Start Page = http://home.mykeysearch.com
L1 = HKU\S-1-5-21-1715567821-789336058-839522115-1003\..\Main.Search Page = https://www.google.com/?gws_rd=ssl
L1 = HKU\S-1-5-21-1715567821-789336058-839522115-1003\..\Main.Search Bar = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKLM\..\Main.Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKLM\..\Main.Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
L1 = HKLM\..\Search.Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L1 = HKLM\..\Search.SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKLM\..\Search.SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L1 = HKCU\..\Toolbar.LinksFolderName = Liens
L1 = HKCU\..\Search.SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKCU\..\Search.SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKU\S-1-5-21-1715567821-789336058-839522115-1003\..\Search.SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
L1 = HKU\S-1-5-21-1715567821-789336058-839522115-1003\..\Toolbar.LinksFolderName = Liens
L1 = HKU\S-1-5-21-1715567821-789336058-839522115-1003\..\Search.SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet =  
NavigationFailure = res://shdoclc.dll/navcancl.htm 
DesktopItemNavigationFailure = res://shdoclc.dll/navcancl.htm 
NavigationCanceled = res://shdoclc.dll/navcancl.htm 
OfflineInformation = res://shdoclc.dll/offcancl.htm 
Home = 0x10e 
blank = res://mshtml.dll/blank.htm 
PostNotCached = res://mshtml.dll/repost.htm 
mozilla = res://mshtml.dll/about.moz 
 
--------[Browser Helper Object]
 
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670},@SANS NOM=3.0  
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3},@SANS NOM=3.0  
BHO: {1D74E9DD-8987-448b-B2CB-67FFF2B8A932},@SANS NOM=3.0  
BHO: {1D74E9DD-8987-448b-B2CB-67FFF2B8A932},@SANS NOM=Automated Content Enhancer 
BHO: {42C7C39F-3128-4a17-BDB7-91C46032B5B9},@SANS NOM=3.0  
BHO: {42C7C39F-3128-4a17-BDB7-91C46032B5B9},@SANS NOM=Customized Platform Advancer 
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045},@SANS NOM=3.0  
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6},@SANS NOM=3.0  
BHO: {B72681C0-A222-4b21-A0E2-53A5A5CA3D41},@SANS NOM=3.0  
BHO: {B72681C0-A222-4b21-A0E2-53A5A5CA3D41},@SANS NOM=Content Management Wizard 
BHO: {CAC89FF9-34A9-4431-8CFE-292A47F843BC},@SANS NOM=3.0  
BHO: {CAC89FF9-34A9-4431-8CFE-292A47F843BC},@SANS NOM=Textual Content Provider 
BHO: {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431},@SANS NOM=3.0  
BHO: {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431},@SANS NOM=Web Search Operator 
 
--------[SearchScopes]
 
[HKEY_USERS\S-1-5-21-1715567821-789336058-839522115-1003\..\SearchScopes],@DefaultScope={342168F8-AE4A-41E8-A6B5-8FB9FECBEF37} 
[HKEY_USERS\S-1-5-21-1715567821-789336058-839522115-1003\..\SearchScopes\{342168F8-AE4A-41E8-A6B5-8FB9FECBEF37}],@DisplayName=GameRaving Toolbar 
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={342168F8-AE4A-41E8-A6B5-8FB9FECBEF37} 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{342168F8-AE4A-41E8-A6B5-8FB9FECBEF37}],@DisplayName=GameRaving Toolbar
 
--------[Extensions]
 
Messenger: C:\Program Files\Messenger\MSMSGS.EXE - {1FBA04EE-3024-11D2-8F1F-0000F87ABD16} 
 
--------[Clé Run]
 
 
------------[Autres infections]
 
 
  
 
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
 
»»»»»»»»»»» [Autres rapports]
 

[30/01/2010 12:03] C:\Yoog_Fix\Logs\Rapport_30_01_2010_n1.txt - (Choix 1 : Recherche / Suppression)

-------------------------->> 

Veuillez uploader le fichier C:\Yoog_Fix\Backups\Backup_30_01_2010_1.zip à l'adresse suivante : http://batchdhelus.open-web.fr/upload 
Aide en images : http://batchdhelus.open-web.fr/upload/procedure.html 
 
Si la procédure échoue, veuillez l'envoyer à l'adresse email suivante : yoog.fix.sav@gmail.com 
 

+--------------[Fin à 12h 03min]

moment de grace · Answer

à priori c'est bon

on verra au prochain RSIT

MBAM maintenant

seb · Answer

ok, la il est en train de faire malware, par contre faudra que je fasse ça regulierement malware nan?

seb · Answer

le pc avait fini sont analyse, il y avait 449 fichier infectés, mais quand j'ai voulu les supprimer le pc s'est coupé et pu moyen de le rallumé pour l'instant ,je vais devoir attendre qu'il veuille bien redémarrer, est ce que je vais devoir relancé malware ou est ce qu'il va garder en mémoire tous ces fichiers pour que je puisse les supprimer?

merci

moment de grace · Answer

postes le rapport MBAM quand tu pourras et je te répondrai

seb · Answer

il veut pu s'allumer cette fois

seb · Answer

j'ai l'erreur la  "page fault in nonpaged area" et ecran bleu après icone windows ,si quelqu'un sait ce que je peux faire merci

moment de grace · Answer

peut tu demarrer en mode sans echec avec reseau ?


https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php

seb · Answer

nan il ne veut pas non plu, je vais essayer avec le cd de reparation, d'après ce que j'ai vu sur le net ca pourrait marcher mais je peux pas l'installer pour le moment c'est pas moi qui la installé

merci

moment de grace · Answer

oui

une réparation devient inévitable en effet...

reviens dès que c'est fait

seb · Answer

ok merci bien

seb · Answer

j'ai le cd de reparation mais je ne sais pas quel driver réparé

moment de grace · Answer

https://www.commentcamarche.net/informatique/windows/25-verifier-et-reparer-des-fichiers-systeme-avec-windows-10/

seb · Answer

ok merci je viens d'essayer, mais je n'arrive pas a entrer winnt32


ca me marque 

\WINDOWS>

et si je tape 

\WINDOWS>winnt32/unattend   ,commande pas reconnue

moment de grace · Answer

fais plutôt ca


Pour réparer les fichiers systèmes de Windows : 
Cliquez sur le menu Démarrer 
Sélectionnez Executer 
tapez SFC /scannow puis cliquez sur OK (bien mettre un espace entre SFC et /scannow).

seb · Answer

le problème c'est que je n'ai pas accès au bureau

moment de grace · Answer

ok

http://www.informatruc.com/reparer-windows-xp-2

passes la partie bios et suies celle de reparation

seb · Answer

c'est cool, ca a marché, c'était parce que je fesait réparé direct sur le cd de réparation alors sur le site que tu m'a montré,fallait faire d'abord entrée puis ensuite réparé,du coup il se rallume et bug pu au démarrage,je vais graver tous les fichiers que j'ai dessus car j'ai cru que j'allai tout perdre, merci beaucoup de ton aide c'est sympa

moment de grace · Answer

alors on reprends là où on en était resté...

à savoir qu'il me faudrait le rapport MBAM

et relancer RSIT, poster le rapport log, pour voir ce qu'il en est

seb · Answer

salut,voici le rapport malwarebyte, il est long ce fichier

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3662
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

08/02/2010 19:56:48
mbam-log-2010-02-08 (19-56-47).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 198699
Temps écoulé: 34 minute(s), 1 second(s)

Processus mémoire infecté(s): 4
Module(s) mémoire infecté(s): 11
Clé(s) du Registre infectée(s): 55
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 47
Fichier(s) infecté(s): 321

Processus mémoire infecté(s):
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Documents and Settings\All Users\Application Data\QuestService\questservice121.exe (Adware.DoubleD) -> Unloaded process successfully.
C:\Program Files\QuestService\questservice.exe (Adware.DoubleD) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\Internet Today\1.2.0.1420\SkinCrafterDll.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\lri.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACECommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\lri.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPACommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\lri.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\QuestService\questservice.dll (Adware.DoubleD) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f5b8c69c-9b45-4a6a-9380-df225c546ae7} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{629cd6c2-e4c5-4554-aeb8-12e4e2cd40ff} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{2a743834-05f4-4ed4-8a1c-41332b10ac0c} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1081d532-7de4-40bd-b912-388fa6b27c78} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{565dd573-549e-4da9-8cd7-6ae3df25339a} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\questservice (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QuestService Service (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet today task (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temp\cmw
ewSetup (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150 (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components (Adware.Agent) -> Delete on reboot.
C:\Program Files\Textual Content Provider (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360 (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050 (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components (Adware.Agent) -> Delete on reboot.
C:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\QuestService (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360 (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050 (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings	hunder\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Textual Content Provider\1.2.0.2040 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Web Search Operator\4.2.0.2150 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEpx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\cmwpx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPApx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040	cppx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\WSOpx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\PixelLogExe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\QuestService\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe (Adware.Gain) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1715567821-789336058-839522115-1003\Dc1.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Bureau\gameraving_installer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\mvbup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\ExtractZipFile.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}	df.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}	df.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_RSS.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data	bcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\lri.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\LRI.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_Config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_Data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_DomainExcludeList.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_DomainInterval.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_KeywordInterval.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACECommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\lri.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPACommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\lri.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\LRI.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\QuestService\questservice121.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\QuestService\questservice.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\QuestService\questservice.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20091228-205536.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20091228-205755.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20091228-205814.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20091228-210259.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20091228-210301.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20091231-140702.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20091231-152949.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100101-183448.885.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100101-183458.385.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100102-003705.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100102-013302.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100103-000754.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-172817.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-174737.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-175036.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-180632.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-214831.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-215415.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-215547.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100107-182111.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100107-203647.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100107-214024.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100108-093312.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100108-093406.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100108-173520.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100108-173717.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100108-195228.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100108-195400.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100109-145545.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100109-153909.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100109-160316.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100110-124557.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100111-213357.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100111-215634.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100113-215249.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100113-224350.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100113-230042.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100113-230132.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100114-210324.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100115-170534.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100115-171038.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100115-171040.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100116-201010.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100116-201021.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100116-225723.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100116-225951.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100117-001633.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100118-204452.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100118-204526.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100118-214035.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100120-174817.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100120-180621.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100120-180729.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100123-000925.338.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100123-000929.759.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-162124.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-162323.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-162426.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-162433.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-164320.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-170606.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-171850.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-172342.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-180830.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100124-182603.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100127-170755.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100127-183833.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100129-191037.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100129-195159.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100129-200446.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100129-200502.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100129-200526.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100129-200546.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100129-233322.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100130-113029.330.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100130-113034.252.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100130-113812.955.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100130-115941.393.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100130-120114.346.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100130-120355.830.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100208-173241.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100208-180141.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100208-180400.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100208-181516.250.log (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100208-191500.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360status.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20091228-205538.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20091228-205755.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20091228-205814.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20091228-210259.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20091228-210301.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20091231-140702.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20091231-152949.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100101-183449.635.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100101-183458.401.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100102-003705.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100102-013302.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100103-000754.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-172817.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-174739.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-175036.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-180632.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-214832.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-215415.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-215547.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100107-182112.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100107-203647.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100107-214024.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100108-093312.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100108-093406.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100108-173520.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100108-173717.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100108-195228.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100108-195400.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100109-145546.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100109-153909.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100109-160316.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100110-124557.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100111-213357.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100111-215634.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100113-215249.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100113-224350.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100113-230043.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100113-230132.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100114-210325.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings	hunder\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100115-170535.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Set

seb · Answer

et le rapport RSIT 

Logfile of random's system information tool 1.06 (written by random/random)
Run by thunder at 2010-02-08 20:07:10
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 20 GB (15%) free of 130 GB
Total RAM: 1023 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:07:14, on 08/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\program files\divx\divx pro codec\gain_trickler_3202.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Documents and Settings	hunder\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis	hunder.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Trickler] "c:\program files\divx\divx pro codec\gain_trickler_3202.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Netlog 24] C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Raccourci vers neuf telecom.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8D3E965-9B2B-4461-9110-2183C3FB9E05}: NameServer = 10.0.0.138
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcappcapd.exe
O24 - Desktop Component 0: (no name) - http://saw4.com/public/wallpapers/saw4-wallpaper-1.jpg
O24 - Desktop Component 1: (no name) - http://saw4.com/public/wallpapers/saw4-wallpaper-2.jpg

moment de grace · Answer

il en reste un


Télécharge ZHPDiag ( de&#61656; Nicolas coolman ). 
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html 

 Double clique sur le fichier d'installation, puis installe le avec les&#61656; paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
 
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista ) 

Clique sur la loupe&#61656; en haut à gauche, puis laisse l'outil scanner. 

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau. 

Rend toi sur Cjoint :&#61656; http://www.cijoint.fr/ 

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] " 

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau 

Clique ensuite sur "Créer le lien cjoint " et copie/colle le dans ton prochain message

seb · Answer

je sais pas si ca a bien marché

http://www.cijoint.fr/cjlink.php?file=cj201002/cijU1UScm7.txt

moment de grace · Answer

Relance ZHPDiag ( Clic droit " Executer en tant qu'administrateur " sous vista ) , fais un scan puis cette fois-ci cliques sur l'icone en forme d'écusson vert " ZHPFix ". 

ZHPFix se lancera, clique maintenant sur le " H " bleu ( coller les lignes helper ) puis copie/colle ces lignes 

c:\program files\divx\divx pro codec\gain_trickler_3202.exe
O4 - HKLM\..\Run: [Trickler] . (.Pas de propriétaire - Pas de description.) -- c:\program files\divx\divx pro codec\gain_trickler_3202.exe
Clique sur " Ok " , puis " Tous " et enfin " Nettoyer ". 

Copie/Colle le rapport à l'écran dans ton prochain message

seb · Answer

je suis âs sur que ce soit ca

Rapport de ZHPDiag v1.25.115 par Nicolas Coolman
Run by thunder at 10/02/2010 13:30:46
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\ Web Browser
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox (3.0.17)

---\ System Information
Platform : Microsoft Windows XP (5.1.2600) Service Pack 2
Processor: x86 Family 6 Model 15 Stepping 2, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (62% free)
System drive C: has 27 GB (21%) free of 127 GB

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 27 Go of 127 Go)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 6 Go)
I:\ CD-ROM drive (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\ Processus lancés
[MD5.2A0BC2FE67D69B92F3EA15BF2F6BEC45] - (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\System32\NvCpl.dll
[MD5.49CCFBE5D5225B9D3CC78C09DEE147D0] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
[MD5.F1739A95C1EDEE2D2CCFD1F69C152CE9] - (.Team H2O - Team H2O CLEDX.) -- C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
[MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
[MD5.8B9145D229D4E89D15ACB820D4A3A90F] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[MD5.D7CC5D2F04A4A42CF5B8B1A56F05129D] - (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\System32\NvMcTray.dll
[MD5.5584247B568C2E53934873F4B655FE6A] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
[MD5.A740B005ADD7DEBEAF922C4AE86F7C2D] - (.Valve Corporation - Steam 732897.) -- c:\program files\steam\steam.exe
[MD5.89B98019BC43D43EA7A54C739B1163F8] - (.Veoh Networks - Veoh Client.) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
[MD5.CEBB4703FE0A875947E5F0A3A95FE577] - (.Adobe Systems Incorporated - Adobe Updater.) -- C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
[MD5.9529AEA612D0924600B11F771CE84D4D] - (.Sony Ericsson Mobile Communications AB - Sony Ericsson PC Suite.) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\RocketDock\RocketDock.exe
[MD5.1BD6C2F707A275CB7C16FD99FE0F31CA] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe
[MD5.732E0B1ABAACE15D80EC19056B0A2AF9] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe
[MD5.FF8112711B5F9823D4595579B2130955] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 94.24.) -- C:\WINDOWS\System32
vsvc32.exe
[MD5.9F3744A5C6F49291A7A685040A013399] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe
[MD5.B4EF928E4FAD79364A80ACBA6D999934] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe


---\ Pages de recherche  de Mozilla Firefox (M1)
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\divx@partners.mozilla.com


---\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home


---\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm


---\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll


---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll


---\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\System32\NvCpl.dll 
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe 
O4 - HKLM\..\Run: [H2O] . (.Team H2O - Team H2O CLEDX.) -- C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe 
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe 
O4 - HKLM\..\Run: [NeroCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\System32\NvMcTray.dll 
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe 
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam 732897.) -- c:\program files\steam\steam.exe 
O4 - HKCU\..\Run: [Veoh] . (.Veoh Networks - Veoh Client.) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe 
O4 - HKCU\..\Run: [AdobeUpdater] . (.Adobe Systems Incorporated - Adobe Updater.) -- C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe 
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] . (.Sony Ericsson Mobile Communications AB - Sony Ericsson PC Suite.) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe 
O4 - HKCU\..\Run: [RocketDock] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\RocketDock\RocketDock.exe 
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.EXE 
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.EXE 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.EXE 
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.EXE 
O4 - Global Startup: hp psc 1000 series.lnk . (.Hewlett-Packard Co. - HP OfficeJet COM Device Objects.)  -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
O4 - Global Startup: hpoddt01.exe.lnk . (.Hewlett-Packard - hpotdd01.)  -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - Global Startup: Microsoft Office.lnk . (.Microsoft Corporation - Microsoft Office XP component.)  -- C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Raccourci vers neuf telecom.lnk . (.Pas de propriétaire - Pas de description.) -- 


---\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE


---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PokerStars\main.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe


---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll


---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - file:\C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - file:\C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab


---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8D3E965-9B2B-4461-9110-2183C3FB9E05}: NameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{E8D3E965-9B2B-4461-9110-2183C3FB9E05}: NameServer = 10.0.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{E8D3E965-9B2B-4461-9110-2183C3FB9E05}: NameServer = 10.0.0.138


---\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll


---\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll


---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service:  (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 94.24.) - C:\WINDOWS\System32
vsvc32.exe


---\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:http://saw4.com/public/wallpapers/saw4-wallpaper-1.jpg
O24 - Desktop Component 1: (no name) - file:http://saw4.com/public/wallpapers/saw4-wallpaper-2.jpg


---\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1243174951.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\WGASetup.job


---\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) --  (.not file.)
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp.inf
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r22.) -- C:\WINDOWS\System32\Macromed\Flash\Flash10b.ocx


---\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.)
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.)
O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..)
O42 - Logiciel: Adobe Reader 8.1.2 - Français - (.Adobe Systems Incorporated.)
O42 - Logiciel: Ahead Nero 6 Demo - (.Pas de propriétaire.)
O42 - Logiciel: Apple Software Update - (.Apple Inc..)
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.)
O42 - Logiciel: Avanquest update - (.Avanquest Software.)
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.)
O42 - Logiciel: Bibliothèques GTK+ 2.10.13 rev a (supprimer uniquement) - (.Pas de propriétaire.)
O42 - Logiciel: Compel Adaptec WinASPI - (.Pas de propriétaire.)
O42 - Logiciel: Counter-Strike: Source - (.Valve.)
O42 - Logiciel: Crouzet Logic Software M2 v1.3.6 - (.CROUZET.)
O42 - Logiciel: DVDFab Express 2.9.8.3 - (.Fengtao Software Inc..)
O42 - Logiciel: Disque de souvenirs HP - (.Hewlett-Packard Company.)
O42 - Logiciel: DivX 5.0.2 Pro Bundle - (.Pas de propriétaire.)
O42 - Logiciel: DivX Codec - (.DivX, Inc..)
O42 - Logiciel: DivX Codec 3.1alpha release - (.Pas de propriétaire.)
O42 - Logiciel: DivX Converter - (.DivX, Inc..)
O42 - Logiciel: DivX Player - (.Pas de propriétaire.)
O42 - Logiciel: DivX Web Player - (.DivX,Inc..)
O42 - Logiciel: DivXG400 - (.Pas de propriétaire.)
O42 - Logiciel: EVEREST Ultimate Edition v4.00 - (.Lavalys, Inc..)
O42 - Logiciel: File Properties Changer - (.Pas de propriétaire.)
O42 - Logiciel: Le Centre de Contrôle de Licences de Syncrosoft - (.SIA Syncrosoft.)
O42 - Logiciel: Ma-Config.com plugin - (.CybelSoft.)
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.)
O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.)
O42 - Logiciel: Motomate Programmer - (.Pas de propriétaire.)
O42 - Logiciel: Mozilla Firefox (3.0.17) - (.Mozilla.)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.)
O42 - Logiciel: Photo et imagerie HP 2.0 - All-in-One - (.Hewlett-Packard Company.)
O42 - Logiciel: Photo et imagerie HP 2.0 - All-in-One Pilote - (.Hewlett-Packard Company.)
O42 - Logiciel: Photo et imagerie HP 2.0 - hp psc 1100 series - (.Pas de propriétaire.)
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.)
O42 - Logiciel: PokerStars - (.PokerStars.)
O42 - Logiciel: PowerDVD - (.Pas de propriétaire.)
O42 - Logiciel: QuickTime - (.Apple Inc..)
O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.)
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..)
O42 - Logiciel: Rippack v3 beta 16.1 - (.Pas de propriétaire.)
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.)
O42 - Logiciel: SUPER © Version 2007.bld.23 (July 4, 2007) - (.eRightSoft.)
O42 - Logiciel: Security Update for Microsoft .NET Framework 2.0 (KB922770) - (.Microsoft Corporation.)
O42 - Logiciel: Security Update pour Microsoft .NET Framework 2.0 (KB917283) - (.Microsoft Corporation.)
O42 - Logiciel: Sony Ericsson PC Suite 4.010.00 - (.Sony Ericsson.)
O42 - Logiciel: Steam(TM) - (.Valve.)
O42 - Logiciel: SyncroSoft Emu (Remove only) - (.Pas de propriétaire.)
O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.)
O42 - Logiciel: VeohTV BETA - (.Veoh Networks, Inc..)
O42 - Logiciel: WinPcap 3.1 - (.CACE Technologies.)
O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.)
O42 - Logiciel: Windows Live Sign-in Assistant - (.Microsoft Corporation.)
O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.)
O42 - Logiciel: XviD 1.1 final uninstall - (.XviD team (Koepi).)
O42 - Logiciel: hp psc 1100 series - (.Hewlett-Packard Company.)
O42 - Logiciel: x264 Revision 468 x264.nl (remove only) - (.Pas de propriétaire.)


---\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead1
O43 - CFD:Common File Directory ----D- C:\Program Files\AIST
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\Avanquest update
O43 - CFD:Common File Directory ----D- C:\Program Files\Avi2Dvd
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CROUZET
O43 - CFD:Common File Directory ----D- C:\Program Files\Cyanide
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVDFab Express
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\File Properties Changer
O43 - CFD:Common File Directory ----D- C:\Program Files\fraps
O43 - CFD:Common File Directory ----D- C:\Program Files\GameRaving Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard
O43 - CFD:Common File Directory ----D- C:\Program Files\HP
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys
O43 - CFD:Common File Directory ----D- C:\Program Files\lecteur windows media
O43 - CFD:Common File Directory ----D- C:\Program Files\LED
O43 - CFD:Common File Directory ----D- C:\Program Files\LimeWire
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\MediaCoder
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Morgan
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Musicmatch
O43 - CFD:Common File Directory ----D- C:\Program Files\Navilog1
O43 - CFD:Common File Directory ----D- C:\Program Files
eodivx2006
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\OrionPlatinum
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PokerStars
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Rippackv3
O43 - CFD:Common File Directory ----D- C:\Program Files\RocketDock
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony Ericsson
O43 - CFD:Common File Directory ----D- C:\Program Files\Steam
O43 - CFD:Common File Directory ----D- C:\Program Files\Steinberg
O43 - CFD:Common File Directory ----D- C:\Program Files\Syncrosoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Veoh Networks
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\win rar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinASPI
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\x264
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\XviD
O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo!
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Zylom Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DirectX
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\GTK
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Vbox


---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 10/02/2010 - 13:23:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:[MD5.86C8A5E132767EFA611D51474FDCB969] - 10/02/2010 - 13:22:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 10/02/2010 - 13:22:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log
O44 - LFC:[MD5.00000000000000000000000000000000] - 10/02/2010 - 13:22:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log
O44 - LFC:[MD5.00000000000000000000000000000000] - 10/02/2010 - 13:22:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log
O44 - LFC:[MD5.D31BB24B3E2848DD55FCFA7298D590E6] - 10/02/2010 - 13:22:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32
vapps.xml
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 10/02/2010 - 13:22:22 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat
O44 - LFC:[MD5.00000000000000000000000000000000] - 10/02/2010 - 13:21:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:[MD5.5D3AF294C505A381A134C3D686F65B8A] - 10/02/2010 - 13:20:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPExportRegistry-10-02-2010-13-20-25.txt
O44 - LFC:[MD5.E5292490A4A3C4A589DF4F42F61A0749] - 10/02/2010 - 13:11:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978037.log
O44 - LFC:[MD5.BBB7941DA69E4DD3709864354F451FFA] - 10/02/2010 - 13:11:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975713.log
O44 - LFC:[MD5.FA2796D0FBBC5773D939B2DFF15B1B44] - 10/02/2010 - 13:11:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975560.log
O44 - LFC:[MD5.D99BE9CE83C9C385F4BB5F4D32FA122B] - 10/02/2010 - 13:11:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB977914.log
O44 - LFC:[MD5.297633972308D57456A78F2D4EC2BDC0] - 10/02/2010 - 13:11:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978706.log
O44 - LFC:[MD5.77D72EA55E5272717C2C6577CF512ECA] - 10/02/2010 - 13:11:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB952954.log
O44 - LFC:[MD5.A1399D5336030513E42D3914A03DF272] - 10/02/2010 - 13:11:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB952004.log
O44 - LFC:[MD5.A7572C964FAF3D6ECE8F631AD07777CB] - 10/02/2010 - 13:10:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB959426.log
O44 - LFC:[MD5.E88DE0F06253C19A1FC3B83B7DA76E71] - 10/02/2010 - 13:10:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB960859.log
O44 - LFC:[MD5.2C4F45FE257449AC4C8483783B2996E2] - 10/02/2010 - 13:10:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978207.log
O44 - LFC:[MD5.A04B22B2DE18859930B72676C56BC40C] - 10/02/2010 - 13:09:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB974318.log
O44 - LFC:[MD5.3382F83055ED3E5B29483365881AB9BF] - 10/02/2010 - 13:09:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB969059.log
O44 - LFC:[MD5.2CE6BC7171ACC0E9911F5B4FD17992E4] - 10/02/2010 - 13:09:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB950974.log
O44 - LFC:[MD5.920422EBAD4C8B41ECFD72A825DD7F71] - 10/02/2010 - 13:09:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB971657.log
O44 - LFC:[MD5.7F6F66D9A6A677279F18E93FC5CEEAB9] - 10/02/2010 - 13:09:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB960225.log
O44 - LFC:[MD5.ECFF6990257481A6E98124DAE8E3092A] - 10/02/2010 - 13:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB974112.log
O44 - LFC:[MD5.DA828A9B515737255364749FFE1B07E0] - 10/02/2010 - 13:09:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB961501.log
O44 - LFC:[MD5.9B5E7C3BB9739342F060EEEB044FBA7F] - 10/02/2010 - 13:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975025.log
O44 - LFC:[MD5.68F32DF64F30325E8F63EF85168D9C6A] - 10/02/2010 - 13:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB974571.log
O44 - LFC:[MD5.92E81A9461C3A8F5791B7870F10796E9] - 10/02/2010 - 13:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB973507.log
O44 - LFC:[MD5.CBEAC156DCBA685B3979F0F3A1F33783] - 10/02/2010 - 13:09:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB967715.log
O44 - LFC:[MD5.E089E3ED1D6FA12A8F3E2733B642E6AD] - 10/02/2010 - 13:09:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB974392.log
O44 - LFC:[MD5.9E3CCD42D69D10302EC555E55F104B0B] - 10/02/2010 - 13:09:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB951748.log
O44 - LFC:[MD5.79DF9C50E19E745FE264F972A36EB3FE] - 10/02/2010 - 13:08:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB970238.log
O44 - LFC:[MD5.E2A78DCC1D896D6A7302C40DBE1C5B90] - 10/02/2010 - 13:08:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB973815.log
O44 - LFC:[MD5.56024E39BAEC47AE12A32B3406DD0605] - 10/02/2010 - 13:07:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB971032.log
O44 - LFC:[MD5.00CA48C1F4D911389DE9A944E6296341] - 10/02/2010 - 13:07:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB956802.log
O44 - LFC:[MD5.69DD9F16D7BE217097AEEF9E8B302092] - 10/02/2010 - 13:07:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB944338-v2.log
O44 - LFC:[MD5.833FC49D1087287AF2FEACCD7CECADC6] - 10/02/2010 - 13:07:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975467.log
O44 - LFC:[MD5.B934429A4A2049D2CE4B6B302EE92B1A] - 10/02/2010 - 13:07:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB968389.log
O44 - LFC:[MD5.58DD5AA9107E898246A582885DB22314] - 10/02/2010 - 13:06:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB969947.log
O44 - LFC:[MD5.36DA74E24A78E43D2D6D4176EEFC6716] - 10/02/2010 - 13:00:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:[MD5.5725589E1EA250EB78E447B7C970EBBF] - 08/02/2010 - 23:22:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\comsetup.log
O44 - LFC:[MD5.0C90B6F62147150843B4B902C9AC385D] - 08/02/2010 - 23:22:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\iis6.log
O44 - LFC:[MD5.DA28885654BAA42BA0BD31E5CFCAC523] - 08/02/2010 - 23:22:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS
tdtcsetup.log
O44 - LFC:[MD5.D160D6FFB2EB494F11E33964330910FF] - 08/02/2010 - 23:22:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS	soc.log
O44 - LFC:[MD5.3EBDE7E872B3701A4F303B9C93F5E089] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\FaxSetup.log
O44 - LFC:[MD5.A3787C8E37138F4A0F9EA9C19EFE8F2C] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB893803v2.log
O44 - LFC:[MD5.08A1BD5A3942A6BB5C2CE166ACAA6FCC] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MedCtrOC.log
O44 - LFC:[MD5.121C7E394DA40A79FF44E9F16DC9764C] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.log
O44 - LFC:[MD5.A7E25D99290F6D92D3A5B10637EA76A4] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msgsocm.log
O44 - LFC:[MD5.801C59001BBD4765740C47CB5ADC4955] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msmqinst.log
O44 - LFC:[MD5.EBFBEF6C22EC542C778E6A2F35205EE9] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS
etfxocm.log
O44 - LFC:[MD5.EA3C977B604D3EAC30F9F3D334A58A08] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocgen.log
O44 - LFC:[MD5.7123854B462D68F2726E9826161D31A4] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocmsn.log
O44 - LFC:[MD5.67A4E7BA3B13680523226ABCF14C2932] - 08/02/2010 - 23:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS	abletoc.log
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 08/02/2010 - 23:08:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini
O44 - LFC:[MD5.35C735CEDE16561ACCCDB1C0633182A4] - 08/02/2010 - 21:51:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wmsetup.log
O44 - LFC:[MD5.A3F854A01AC4AEF75EDBE97698BD7967] - 08/02/2010 - 20:04:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:[MD5.C63975AAF8817EA5D97313AA7E87598F] - 08/02/2010 - 17:47:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ODBC.INI
O44 - LFC:[MD5.1A2722F663576F5EF74BEE84C9C6224A] - 08/02/2010 - 17:47:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini
O44 - LFC:[MD5.3204244324E2AB16FC712DE0F7AA99B6] - 08/02/2010 - 17:30:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupact.log
O44 - LFC:[MD5.94C5DDE213F507531A739F6ADEA27AE5] - 07/02/2010 - 23:55:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\COM+.log
O44 - LFC:[MD5.09F43ABC3628B35F6064D93A4AB87A29] - 07/02/2010 - 23:54:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:[MD5.CF7A67A34DCD12DF4A162C5A0AA0C749] - 07/02/2010 - 23:54:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:[MD5.F62096D5DFBF26CDEDF61FC54A740410] - 07/02/2010 - 23:54:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:[MD5.5A46FA00858AF0C69DC56C5170C3E9A9] - 07/02/2010 - 23:54:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:[MD5.A2D866A82572B5DEE0FDF62A78AE5765] - 07/02/2010 - 23:54:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:[MD5.9DC82E85C7A2CFEC9852D62F685AC5F6] - 07/02/2010 - 23:53:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\OEWABLog.txt
O44 - LFC:[MD5.E5426E26CE984A9F9C2B71709EFB32D1] - 07/02/2010 - 23:53:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setuplog.txt
O44 - LFC:[MD5.93511F918D5FE58FE3AF9B285460B7B1] - 07/02/2010 - 23:51:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.BAK
O44 - LFC:[MD5.1409EC6F5A5AD95EC21351200876F298] - 07/02/2010 - 23:50:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\$winnt$.inf
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 07/02/2010 - 23:47:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WMSysPr9.prx
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 07/02/2010 - 23:47:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\amcompat.tlb
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 07/02/2010 - 23:47:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32
scompat.tlb
O44 - LFC:[MD5.84917601196E192BAC264E1AE60E2467] - 07/02/2010 - 23:46:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ODBCINST.INI
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 07/02/2010 - 23:46:13 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\WindowsLogon.manifest
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 07/02/2010 - 23:46:13 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\logonui.exe.manifest
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 07/02/2010 - 23:46:07 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\cdplayer.exe.manifest
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 07/02/2010 - 23:46:07 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 07/02/2010 - 23:46:07 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsShell.Manifest
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 07/02/2010 - 23:46:06 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32
cpa.cpl.manifest
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 07/02/2010 - 23:46:06 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32
wc.cpl.manifest
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 07/02/2010 - 23:46:06 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\sapi.cpl.manifest
O44 - LFC:[MD5.BF8754120E1E4F4B5C006760EFBA1981] - 07/02/2010 - 23:46:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setuperr.log
O44 - LFC:[MD5.D25FED40B6DE9DDC59280BD50222C7FF] - 07/02/2010 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sessmgr.setup.log
O44 - LFC:[MD5.EE9AEFD737DED7539EE003C6E4D1306A] - 07/02/2010 - 23:44:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\emptyregdb.dat
O44 - LFC:[MD5.86B587682CF71B864253672FC6C0062F] - 07/02/2010 - 23:44:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\DtcInstall.log
O44 - LFC:[MD5.BFB852AD42B66E6CADD0652AB9723EB9] - 07/02/2010 - 23:43:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\cmsetacl.log
O44 - LFC:[MD5.0D7AF02692760181295F6C4555FAE61D] - 07/02/2010 - 23:38:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWSegopt.log
O44 - LFC:[MD5.BD226EA3302FDE2B03EE914787DEA6D8] - 07/02/2010 - 23:38:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini
O44 - LFC:[MD5.F704F62AC5C5E7F4AF2B60B12297B50F] - 30/01/2010 - 11:16:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cleannavi.txt
O44 - LFC:[MD5.3AAF406D8CAD4D7E2C234A63E699FCFA] - 15/01/2010 - 17:17:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\svcpack.log
O44 - LFC:[MD5.30D57AE983EB16E513365C4884238478] - 15/01/2010 - 17:16:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.old
O44 - LFC:[MD5.5E8B6C952B0345C7D9126599C665D132] - 14/01/2010 - 21:35:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS
tbtlog.txt


---\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll


---\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [Disabled] .(.Veoh Networks - Veoh Client.) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe


---\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d


---\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32	ssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsvid.dll" . (.Beepa P/L - Fraps.) -- C:\WINDOWS\System32\frapsvid.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivXNetworks, Inc. - DivX Video for Windows Codec.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.DIV3"="DivXc32.dll" . (.Hacked with Joy ! - DivX ;-) MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32.dll
O52 - TDSD: \Drivers32\"vidc.DIV4"="DivXc32f.dll" . (.Hacked with Joy ! - DivX ;-) MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32f.dll
O52 - TDSD: \Drivers32\"msacm.divxa32"="DivXa32.acm" . (.Hacked With Joy ! - DivX;-) Audio Codec.) -- C:\WINDOWS\System32\DivXa32.acm
O52 - TDSD: \Drivers32\"vidc.X264"="x264vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\x264vfw.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32	ssoft32.acm
O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \drivers.desc\"frapsvid.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\WINDOWS\System32\frapsvid.dll
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 5.0 Pro Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"DivXc32.dll"="DivX ;-) MPEG-4 Video Codec (Low-Motion)" . (.Hacked with Joy ! - DivX ;-) MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32.dll
O52 - TDSD: \drivers.desc\"DivXc32f.dll"="DivX ;-) MPEG-4 Video Codec (Fast-Motion)" . (.Hacked with Joy ! - DivX ;-) MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32f.dll
O52 - TDSD: \drivers.desc\"DivXa32.acm"="DivX ;-) Audio Codec" . (.Hacked With Joy ! - DivX;-) Audio Codec.) -- C:\WINDOWS\System32\DivXa32.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)


---\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


---\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1


---\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145


---\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.B021D0AE4605CE5DF67F06E741278CDF] - 18/01/2008 - 15:16:22 R--A- . (.MCCI Corporation - Sony Ericsson Device A016 Driver.) -- C:\WINDOWS\system32\drivers\a016bus.sys
O58 - SDL:[MD5.BDEA41BF63146EFE25800F3AEDC16CF9] - 18/01/2008 - 14:16:24 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\a016cm.sys
O58 - SDL:[MD5.BDEA41BF63146EFE25800F3AEDC16CF9] - 18/01/2008 - 14:16:24 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\a016cmnt.sys
O58 - SDL:[MD5.5B6BC2DE851012906D4AAE84C802E3F2] - 18/01/2008 - 14:16:24 ---A- . (.MCCI Corporation - Sony Ericsson Device A016 USB WMC Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\a016mdfl.sys
O58 - SDL:[MD5.C80CFFB5819CCFC97F2B09E2259DFDE6] - 18/01/2008 - 14:16:26 ---A- . (.MCCI Corporation - Sony Ericsson Device A016 USB WMC Modem WDM Driver.) -- C:\WINDOWS\system32\drivers\a016mdm.sys
O58 - SDL:[MD5.415243177FF67D3CFBA44D931B809BF3] - 18/01/2008 - 14:16:26 ---A- . (.MCCI Corporation - Sony Ericsson Device A016 USB WMC Device Management Driver.) -- C:\WINDOWS\system32\drivers\a016mgmt.sys
O58 - SDL:[MD5.3A853F9B8B69541CDE714A83A0A6434E] - 18/01/2008 - 14:16:28 ---A- . (.MCCI Corporation - Sony Ericsson Device A016 USB WMC OBEX Interface Device Driver.) -- C:\WINDOWS\system32\drivers\a016obex.sys
O58 - SDL:[MD5.DB8EDB6D9F8411D5808DE97B05715620] - 18/01/2008 - 15:16:28 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\a016wh.sys
O58 - SDL:[MD5.DB8EDB6D9F8411D5808DE97B05715620] - 18/01/2008 - 15:16:28 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\a016whnt.sys
O58 - SDL:[MD5.B34B1AB0A7690A0E2301FEC6D17B2FC1] - 24/05/2009 - 15:20:31 ---A- . (.Oak Technology Inc. - Audio File System.) -- C:\WINDOWS\system32\drivers\AFS2K.SYS
O58 - SDL:[MD5.675C16A3C1F8482F85EE4A97FC0DDE3D] - 05/08/2004 - 13:00:00 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys
O58 - SDL:[MD5.B979979AB8027F7F53FB16EC4229B7DB] - 10/09/1999 - 12:06:00 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\WINDOWS\system32\drivers\Aspi32.sys
O58 - SDL:[MD5.837EEF65AF62D4E8A37C41D3879F7274] - 20/10/2007 - 01:56:10 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys
O58 - SDL:[MD5.579DA2F9F5401F55DAE2CF8779D61DFC] - 20/10/2007 - 01:56:12 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdralw2k.sys
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.B53F9635457B56DCFFEF750E18AEC6CB] - 18/12/2005 - 13:18:56 ---A- . (.Team H2O - Team H2O CLEDX DevWhore.) -- C:\WINDOWS\system32\drivers\cledx.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.3FCC124B6E08EE0E9351F717DD136939] - 07/01/2005 - 16:07:18 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys
O58 - SDL:[MD5.2A013E7530BEAB6E569FAA83F517E836] - 07/01/2005 - 16:07:16 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys
O58 - SDL:[MD5.863CC3A82C63C9F60ACF2E85D5310620] - 09/03/2003 - 21:31:00 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys
O58 - SDL:[MD5.08CB72E95DD75B61F2966B311D0E4366] - 09/03/2003 - 21:31:02 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys
O58 - SDL:[MD5.ABCB05CCDBF03000354B9553820E39F8] - 21/10/2005 - 17:52:48 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys
O58 - SDL:[MD5.FCCF4AE4EF72CBABA6D6BEFEFD77E940] - 29/03/2003 - 16:45:18 ---A- . (.Ahead Software AG and its licensors - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys
O58 - SDL:[MD5.ACEAB2823B4D726D65FCD6769115B8F6] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers
ikedrv.sys
O58 - SDL:[MD5.D21FEE8DB254BA762656878168AC1DB6] - 02/08/2005 - 22:10:13 ---A- . (.CACE Technologies - npf.) -- C:\WINDOWS\system32\drivers
pf.sys
O58 - SDL:[MD5.34C114DA0A5E03219444E46F122FF5A3] - 19/04/2007 - 12:26:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 94.24.) -- C:\WINDOWS\system32\drivers
v4_mini.sys
O58 - SDL:[MD5.02AAAFB7BA137CE5DDABCDF8090954D9] - 18/08/2008 - 11:31:08 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.D86B4A68565E444D76457F14172C875A] - 20/10/2007 - 01:56:10 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\PxHelp20.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\driversio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\driversiodrv.sys
O58 - SDL:[MD5.3400495F5B219D5153C770A95499579C] - 31/05/2007 - 14:19:22 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys
O58 - SDL:[MD5.C4006AF18682FCA0D8A011A0A21070F8] - 18/07/2007 - 18:26:04 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys
O58 - SDL:[MD5.D7A84EF8F953A2D704580E4E73E00011] - 04/04/2007 - 11:43:20 ---A- . (.MCCI Corporation - Sony Ericsson Device 716 Driver.) -- C:\WINDOWS\system32\drivers\s716bus.sys
O58 - SDL:[MD5.C714A0DA3A21852011C32DB21185EE2F] - 04/04/2007 - 11:43:22 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s716cm.sys
O58 - SDL:[MD5.C714A0DA3A21852011C32DB21185EE2F] - 04/04/2007 - 11:43:22 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s716cmnt.sys
O58 - SDL:[MD5.BDBFBA2A46382BC2126829CFCFDEB945] - 04/04/2007 - 11:43:32 ---A- . (.MCCI Corporation - Sony Ericsson Device 716 USB Ethernet Emulation (WDM class regi.) -- C:\WINDOWS\system32\drivers\s716cr.sys
O58 - SDL:[MD5.C5B509CDEEB733EFAFADC2D93BC77712] - 04/04/2007 - 11:43:32 ---A- . (.MCCI Corporation - Sony Ericsson Device 716 USB WMC Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\s716mdfl.sys
O58 - SDL:[MD5.DC3DEC64860878540B374DC7D15D921F] - 04/04/2007 - 11:43:34 ---A- . (.MCCI Corporation - Sony Ericsson Device 716 USB WMC Modem WDM Driver.) -- C:\WINDOWS\system32\drivers\s716mdm.sys
O58 - SDL:[MD5.047FD555D897333AD9F61B1D4CC7C114] - 04/04/2007 - 11:43:34 ---A- . (.MCCI Corporation - Sony Ericsson Device 716 USB WMC Device Management Driver.) -- C:\WINDOWS\system32\drivers\s716mgmt.sys
O58 - SDL:[MD5.2858193E91EEF964E41B6A032E1E4418] - 04/04/2007 - 11:43:36 ---A- . (.MCCI Corporation - Sony Ericsson Device 716 USB Ethernet Emulation (NDIS 5 Minipor.) -- C:\WINDOWS\system32\drivers\s716nd5.sys
O58 - SDL:[MD5.CC6C212585891614CC2059BA48D27A86] - 04/04/2007 - 11:43:36 ---A- . (.MCCI Corporation - Sony Ericsson Device 716 USB WMC OBEX Interface Device Driver.) -- C:\WINDOWS\system32\drivers\s716obex.sys
O58 - SDL:[MD5.AAAEEBA9FA0ECB0DE6BBA59F955CDEFB] - 04/04/2007 - 11:43:38 ---A- . (.MCCI Corporation - Sony Ericsson Device 716 USB Ethernet Emulation.) -- C:\WINDOWS\system32\drivers\s716unic.sys
O58 - SDL:[MD5.7B374AA1F29E87831DF6D3F5CB2057F7] - 04/04/2007 - 11:43:38 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s716wh.sys
O58 - SDL:[MD5.7B374AA1F29E87831DF6D3F5CB2057F7] - 04/04/2007 - 11:43:38 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s716whnt.sys
O58 - SDL:[MD5.D26E26EA516450AF9D072635C60387F4] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.732D859B286DA692119F286B21A2A114] - 05/08/2004 - 13:00:00 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys
O58 - SDL:[MD5.BB277D40458B4BDDDDA51F02A1E77F99] - 03/11/2005 - 11:17:34 ---A- . (.SIA Syncrosoft - SynasUSB.sys.) -- C:\WINDOWS\system32\drivers\synasUSB.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers	sbvcap.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tdos804.sys
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32
tio804.sys


---\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.)
O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)
O63 - Logiciel: RSIT - (random/random)
O63 - Logiciel: YoogFix - (Batch_Man)


---\ Liste des services Legacy (LALS) (O64)
O64 - Services: - C:\WINDOWS\system32\Drivers\ASPI32.sys - Aspi32 (Aspi32)  .(.Adaptec - ASPI for WIN32 Kernel Driver.) - LEGACY_ASPI32
O64 - Services: - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch)  .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH
O64 - Services: - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2 (driverhardwarev2)  .(.Ma-Config.com - ma-config.com.) - LEGACY_DRIVERHARDWAREV2
O64 - Services: - (.not file.) - InCD File System (InCDfs)  .(.Pas de propriétaire - Pas de description.) - LEGACY_INCDFS
O64 - Services: - (.not file.) - InCDrec (InCDrec)  .(.Pas de propriétaire - Pas de description.) - LEGACY_INCDREC
O64 - Services: - (.not file.) - InCD Helper (InCDsrv)  .(.Pas de propriétaire - Pas de description.) - LEGACY_INCDSRV
O64 - Services: - (.not file.) - InCD Helper (read only) (InCDsrvR)  .(.Pas de propriétaire - Pas de description.) - LEGACY_INCDSRVR
O64 - Services: - C:\WINDOWS\system32\drivers
pf.sys - NetGroup Packet Filter Driver (NPF)  .(.CACE Technologies - npf.) - LEGACY_NPF
O64 - Services: - C:\WINDOWS\System32
vsvc32.exe - NVIDIA Display Driver Service (NVSvc)  .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 94.24.) - LEGACY_NVSVC
O64 - Services: - (.not file.) - QuestService Service (QuestService Service)  .(.Pas de propriétaire - Pas de description.) - LEGACY_QUESTSERVICE_SERVICE
O64 - Services: - (.not file.) - RDPNP (RDPNP)  .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP
O64 - Services: - (.not file.) - Appel de procédure distante (RPC) (RpcSs)  .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS
O64 - Services: - (.not file.) - Services Terminal Server (TermService)  .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE
O64 - Services: - (.not file.) - Gestionnaire de téléchargement (uploadmgr)  .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR



End of the scan (570 lines in 00mn 14s)

moment de grace · Answer

as tu fait le post 34 ?

pour le nouveau zhp fais plutot ceci

Rend toi sur Cjoint :&#61656; http://www.cijoint.fr/ 

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] " 

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau 

Clique ensuite sur "Créer le lien cjoint " et copie/colle le dans ton prochain message

Pub et bug demarrage pc

37 réponses

Votre réponse

Newsletters