Raport hijackthis aide

Résolu
cece2404 Messages postés 160 Statut Membre -  
cece2404 Messages postés 160 Statut Membre -
bonjour tout le monde,

j'ai télécharger ce logiciel (hijackthis) car des pub (casino, téléphonie...) apparaissent sans saisse.

voici le rapport :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:44:57, on 13/04/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winsos\WINSOS.EXE
C:\Program Files\Antipub\antipub.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Documents and Settings\m\Mes documents\jean-gerard\EClea2_0\EasyClea.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\m\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fmeteo%2f%3f
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Startup: avast! Antivirus.lnk = C:\Program Files\Alwil Software\Avast4\ashAvast.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\Securitoo\av_fw\fswsclds.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

--
End of file - 4858 bytes

Que dois-je faire après ?? merci de votre aide
Configuration: Windows XP
Firefox 1.5.0.11

8 réponses

  1. cece2404 Messages postés 160 Statut Membre 7
     
    je l'ai fait c'est bon ca ma mis ca :

    ***** NORMAL SCAN FOR ACTIVE MALWARE *****
    Trojan Remover Ver 6.5.9, Build 2462. For information, email simplysupsupport@aol.com
    [Unregistered version]
    Scan started at: 14/04/2007 15:38:57
    Using Database v6778
    Operating System: Windows XP Professional (Build 2600)
    Using data directory: C:\Documents and Settings\m\Application Data\Simply Super Software\Trojan Remover\
    Logfile directory: C:\Documents and Settings\m\Mes documents\Simply Super Software\Trojan Remover Logfiles\
    Running with Administrator privileges

    **************************************************
    Checking Registry exefile command for modifications
    Checking Registry comfile command for modifications
    Checking Registry piffile command for modifications
    Checking Registry batfile command for modifications
    Checking Registry regfile command for modifications
    Checking Registry cmdfile command for modifications
    Checking Registry scrfile command for modifications

    ******************************
    15:38:57: Scanning ----------WIN.INI-----------
    WIN.INI found in C:\WINDOWS

    ******************************
    15:38:57: Scanning --------SYSTEM.INI---------
    SYSTEM.INI found in C:\WINDOWS

    ******************************
    15:38:57: ----- SCANNING FOR ROOTKIT SERVICES -----
    No hidden Services were detected.

    ******************************
    15:38:58: Scanning -----WINDOWS REGISTRY-----
    --------------------
    Checking HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
    This key's "Shell" value calls the following program(s):
    Explorer.exe - this entry has been left in place
    ----------
    This key's "Userinit" value calls the following program(s):
    C:\WINDOWS\system32\userinit.exe - this entry has been left in place
    ----------
    This key's "System" value appears to be blank
    ----------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    --------------------
    Checking HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    Value Name = load
    The Data Value for this entry appears to be blank
    --------------------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    This Registry Key attempts to run the following program(s):
    Value Name = NvCplDaemon
    Value Data = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup - this command has been left in place
    --------------------
    Value Name = type32
    Value Data = C:\Program Files\Microsoft IntelliType Pro\type32.exe - this command has been left in place
    --------------------
    Value Name = LogitechVideoTray
    Value Data = C:\Program Files\Logitech\Video\LogiTray.exe - this command has been left in place
    --------------------
    Value Name = LogitechGalleryRepair
    Value Data = C:\Program Files\Logitech\Video\ISStart.exe - this command has been left in place
    --------------------
    Value Name = TrojanScanner
    Value Data = C:\Program Files\Trojan Remover\Trjscan.exe - this program is Trojan Remover's own scan file
    --------------------
    Value Name = jkpsbz
    Value Data = c:\windows\system32\jkpsbz.exe jkpsbz - this command has been left in place [file not found to scan]
    --------------------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
    This Registry Key appears to be empty
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
    This Registry Key attempts to run the following program(s):
    Value Name =
    The Value Data for this entry appears to be blank
    --------------------
    --------------------
    Checking HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    This Registry Key attempts to run the following program(s):
    Value Name = unilex01
    The Value Data for this entry appears to be blank
    --------------------
    Value Name = WINSOS VERIFY
    Value Data = C:\Program Files\Winsos\WINSOS.EXE" MINI - this command has been left in place
    --------------------
    --------------------
    Checking HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
    This Registry Key appears to be empty

    ******************************
    15:39:00: Scanning -----SHELLEXECUTEHOOKS-----
    ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
    File: shell32.dll - this file is expected and has been left in place
    ----------

    ******************************
    15:39:00: Scanning -----HIDDEN REGISTRY ENTRIES-----
    Taskdir check completed
    ----------
    No Registry Run Keys Hidden Entries found
    ----------

    ******************************
    15:39:00: Scanning -----ACTIVE SCREENSAVER-----
    ScreenSaver=C:\WINDOWS\System32\SCREEN~1.SCR - this command has been left in place
    --------------------

    ******************************
    15:39:00: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
    Checking the StubPath calls in the Active Setup\Installed Components registry keys:
    Key=>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    StubPath=C:\WINDOWS\inf\unregmp2.exe - this reference has been left in place
    ----------
    Key={2C7339CF-2B09-4501-B3F3-F3508C9228ED}
    StubPath=C:\WINDOWS\system32\regsvr32.exe - this reference has been left in place
    ----------
    Key={44BBA840-CC51-11CF-AAFA-00AA00B6015C}
    StubPath=C:\Program Files\Outlook Express\setup50.exe - this reference has been left in place
    ----------
    Key={7790769C-0471-11d2-AF11-00C04FA35D02}
    StubPath=C:\Program Files\Outlook Express\setup50.exe - this reference has been left in place
    ----------
    Key={89820200-ECBD-11cf-8B85-00AA005B4340}
    StubPath=regsvr32.exe - this reference has been left in place
    ----------
    Key={89820200-ECBD-11cf-8B85-00AA005B4383}
    StubPath=C:\WINDOWS\System32\ie4uinit.exe - this reference has been left in place
    ----------
    Key={9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}
    StubPath=C:\WINDOWS\System32\updcrl.exe - this reference has been left in place
    ----------

    ******************************
    15:39:03: Scanning ----- SERVICEDLL REGISTRY KEYS -----
    Checking DLL files called from the CurrentControlSet\Services Keys:
    --------------------
    Key=Alerter
    ServiceDLL=%SystemRoot%\system32\alrsvc.dll - this reference has been left in place
    --------------------
    Key=AppMgmt
    ServiceDLL=%SystemRoot%\System32\appmgmts.dll - this reference has been left in place
    --------------------
    Key=AudioSrv
    ServiceDLL=%SystemRoot%\System32\audiosrv.dll - this reference has been left in place
    --------------------
    Key=BITS
    ServiceDLL=%SystemRoot%\System32\qmgr.dll - this reference has been left in place
    --------------------
    Key=Browser
    ServiceDLL=%SystemRoot%\System32\browser.dll - this reference has been left in place
    --------------------
    Key=CryptSvc
    ServiceDLL=%SystemRoot%\System32\cryptsvc.dll - this reference has been left in place
    --------------------
    Key=Dhcp
    ServiceDLL=%SystemRoot%\System32\dhcpcsvc.dll - this reference has been left in place
    --------------------
    Key=dmserver
    ServiceDLL=%SystemRoot%\System32\dmserver.dll - this reference has been left in place
    --------------------
    Key=Dnscache
    ServiceDLL=%SystemRoot%\System32\dnsrslvr.dll - this reference has been left in place
    --------------------
    Key=ERSvc
    ServiceDLL=%SystemRoot%\System32\ersvc.dll - this reference has been left in place
    --------------------
    Key=EventSystem
    ServiceDLL=C:\WINDOWS\System32\es.dll - this reference has been left in place
    --------------------
    Key=FastUserSwitchingCompatibility
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=helpsvc
    ServiceDLL=%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll - this reference has been left in place
    --------------------
    Key=HidServ
    ServiceDLL=%SystemRoot%\System32\hidserv.dll - this reference has been left in place
    --------------------
    Key=lanmanserver
    ServiceDLL=%SystemRoot%\System32\srvsvc.dll - this reference has been left in place
    --------------------
    Key=lanmanworkstation
    ServiceDLL=%SystemRoot%\System32\wkssvc.dll - this reference has been left in place
    --------------------
    Key=LmHosts
    ServiceDLL=%SystemRoot%\System32\lmhsvc.dll - this reference has been left in place
    --------------------
    Key=Messenger
    ServiceDLL=%SystemRoot%\System32\msgsvc.dll - this reference has been left in place
    --------------------
    Key=Netman
    ServiceDLL=%SystemRoot%\System32\netman.dll - this reference has been left in place
    --------------------
    Key=Nla
    ServiceDLL=%SystemRoot%\System32\mswsock.dll - this reference has been left in place
    --------------------
    Key=NtmsSvc
    ServiceDLL=%SystemRoot%\system32\ntmssvc.dll - this reference has been left in place
    --------------------
    Key=RasAuto
    ServiceDLL=%SystemRoot%\System32\rasauto.dll - this reference has been left in place
    --------------------
    Key=RasMan
    ServiceDLL=%SystemRoot%\System32\rasmans.dll - this reference has been left in place
    --------------------
    Key=RemoteAccess
    ServiceDLL=%SystemRoot%\System32\mprdim.dll - this reference has been left in place
    --------------------
    Key=RemoteRegistry
    ServiceDLL=%SystemRoot%\system32\regsvc.dll - this reference has been left in place
    --------------------
    Key=RpcSs
    ServiceDLL=%SystemRoot%\system32\rpcss.dll - this reference has been left in place
    --------------------
    Key=Schedule
    ServiceDLL=%SystemRoot%\system32\schedsvc.dll - this reference has been left in place
    --------------------
    Key=seclogon
    ServiceDLL=%SystemRoot%\System32\seclogon.dll - this reference has been left in place
    --------------------
    Key=SENS
    ServiceDLL=%SystemRoot%\system32\sens.dll - this reference has been left in place
    --------------------
    Key=SharedAccess
    ServiceDLL=%SystemRoot%\System32\ipnathlp.dll - this reference has been left in place
    --------------------
    Key=ShellHWDetection
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=srservice
    ServiceDLL=C:\WINDOWS\System32\srsvc.dll - this reference has been left in place
    --------------------
    Key=SSDPSRV
    ServiceDLL=%SystemRoot%\System32\ssdpsrv.dll - this reference has been left in place
    --------------------
    Key=stisvc
    ServiceDLL=%SystemRoot%\system32\wiaservc.dll - this reference has been left in place
    --------------------
    Key=TapiSrv
    ServiceDLL=%SystemRoot%\System32\tapisrv.dll - this reference has been left in place
    --------------------
    Key=TermService
    ServiceDLL=%SystemRoot%\System32\termsrv.dll - this reference has been left in place
    --------------------
    Key=Themes
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=TrkWks
    ServiceDLL=%SystemRoot%\system32\trkwks.dll - this reference has been left in place
    --------------------
    Key=uploadmgr
    ServiceDLL=%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll - this reference has been left in place
    --------------------
    Key=upnphost
    ServiceDLL=%SystemRoot%\System32\upnphost.dll - this reference has been left in place
    --------------------
    Key=W32Time
    ServiceDLL=C:\WINDOWS\System32\w32time.dll - this reference has been left in place
    --------------------
    Key=WebClient
    ServiceDLL=%SystemRoot%\System32\webclnt.dll - this reference has been left in place
    --------------------
    Key=winmgmt
    ServiceDLL=%SystemRoot%\system32\wbem\WMIsvc.dll - this reference has been left in place
    --------------------
    Key=WmdmPmSN
    ServiceDLL=C:\WINDOWS\System32\MsPMSNSv.dll - this reference has been left in place
    --------------------
    Key=Wmi
    ServiceDLL=%SystemRoot%\System32\advapi32.dll - this reference has been left in place
    --------------------
    Key=wuauserv
    ServiceDLL=C:\WINDOWS\System32\wuauserv.dll - this reference has been left in place
    --------------------
    Key=WZCSVC
    ServiceDLL=%SystemRoot%\System32\wzcsvc.dll - this reference has been left in place

    ******************************
    15:39:13: Scanning ----- SERVICES REGISTRY KEYS -----
    Checking files called from the CurrentControlSet\Services Keys:
    Key=ACPI
    ImagePath=System32\DRIVERS\ACPI.sys - this reference has been left in place
    ----------
    Key=aec
    ImagePath=system32\drivers\aec.sys - this reference has been left in place
    ----------
    Key=AFD
    ImagePath=\SystemRoot\System32\drivers\afd.sys - this reference has been left in place
    ----------
    Key=ALG
    ImagePath=%SystemRoot%\System32\alg.exe - this reference has been left in place
    ----------
    Key=aspnet_state
    ImagePath=%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - this reference has been left in place
    ----------
    Key=aswUpdSv
    ImagePath="C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" - this reference has been left in place
    ----------
    Key=AsyncMac
    ImagePath=System32\DRIVERS\asyncmac.sys - this reference has been left in place
    ----------
    Key=atapi
    ImagePath=System32\DRIVERS\atapi.sys - this reference has been left in place
    ----------
    Key=Atmarpc
    ImagePath=System32\DRIVERS\atmarpc.sys - this reference has been left in place
    ----------
    Key=audstub
    ImagePath=System32\DRIVERS\audstub.sys - this reference has been left in place
    ----------
    Key=avast! Antivirus
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashServ.exe" - this reference has been left in place
    ----------
    Key=avast! Mail Scanner
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service - this reference has been left in place
    ----------
    Key=avast! Web Scanner
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service - this reference has been left in place
    ----------
    Key=basic2
    ImagePath=System32\DRIVERS\HSF_BSC2.sys - this reference has been left in place
    ----------
    Key=Boonty Games
    ImagePath="C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" - this reference has been left in place
    ----------
    Key=CCDECODE
    ImagePath=System32\DRIVERS\CCDECODE.sys - this reference has been left in place
    ----------
    Key=Cdrom
    ImagePath=System32\DRIVERS\cdrom.sys - this reference has been left in place
    ----------
    Key=cisvc
    ImagePath=C:\WINDOWS\System32\cisvc.exe - this reference has been left in place
    ----------
    Key=ClipSrv
    ImagePath=%SystemRoot%\system32\clipsrv.exe - this reference has been left in place
    ----------
    Key=cmuda
    ImagePath=system32\drivers\cmuda.sys - this file has been excluded from scanning
    ----------
    Key=cmuda2
    ImagePath=system32\drivers\cmuda2.sys - this reference has been left in place
    ----------
    Key=COMSysApp
    ImagePath=C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} - this reference has been left in place
    ----------
    Key=DcCam
    ImagePath=System32\DRIVERS\DcCam.sys - this reference has been left in place
    ----------
    Key=DcFpoint
    ImagePath=System32\DRIVERS\DcFpoint.sys - this reference has been left in place
    ----------
    Key=DCFS2K
    ImagePath=system32\drivers\dcfs2k.sys - this reference has been left in place
    ----------
    Key=DcLps
    ImagePath=System32\DRIVERS\DcLps.sys - this reference has been left in place
    ----------
    Key=DcPTP
    ImagePath=System32\DRIVERS\DcPTP.sys - this reference has been left in place
    ----------
    Key=Disk
    ImagePath=System32\DRIVERS\disk.sys - this reference has been left in place
    ----------
    Key=dmadmin
    ImagePath=%SystemRoot%\System32\dmadmin.exe /com - this reference has been left in place
    ----------
    Key=dmboot
    ImagePath=System32\drivers\dmboot.sys - this reference has been left in place
    ----------
    Key=dmio
    ImagePath=System32\drivers\dmio.sys - this reference has been left in place
    ----------
    Key=dmload
    ImagePath=System32\drivers\dmload.sys - this reference has been left in place
    ----------
    Key=DMusic
    ImagePath=system32\drivers\DMusic.sys - this reference has been left in place
    ----------
    Key=drmkaud
    ImagePath=system32\drivers\drmkaud.sys - this reference has been left in place
    ----------
    Key=DumaNT
    ImagePath=System32\DRIVERS\dumant.sys - this reference has been left in place
    ----------
    Key=Eventlog
    ImagePath=%SystemRoot%\system32\services.exe - this reference has been left in place
    ----------
    Key=Exportit
    ImagePath=System32\DRIVERS\exportit.sys - this reference has been left in place
    ----------
    Key=Fallback
    ImagePath=System32\DRIVERS\HSF_FALL.sys - this reference has been left in place
    ----------
    Key=Fdc
    ImagePath=System32\DRIVERS\fdc.sys - this reference has been left in place
    ----------
    Key=FETNDIS
    ImagePath=System32\DRIVERS\fetnd5.sys - this reference has been left in place
    ----------
    Key=FETNDISB
    ImagePath=System32\DRIVERS\fetnd5b.sys - this reference has been left in place
    ----------
    Key=Fsks
    ImagePath=System32\DRIVERS\HSF_FSKS.sys - this reference has been left in place
    ----------
    Key=Fswsclds
    ImagePath=C:\Program Files\Securitoo\av_fw\fswsclds.exe - this file has been excluded from scanning
    ----------
    Key=Ftdisk
    ImagePath=System32\DRIVERS\ftdisk.sys - this reference has been left in place
    ----------
    Key=FTRTSVC
    ImagePath=C:\WINDOWS\System32\FTRTSVC.exe - this reference has been left in place
    ----------
    Key=gameenum
    ImagePath=System32\DRIVERS\gameenum.sys - this reference has been left in place
    ----------
    Key=GMSIPCI
    ImagePath=\??\D:\INSTALL\GMSIPCI.SYS - this file has been excluded from scanning
    ----------
    Key=Gpc
    ImagePath=System32\DRIVERS\msgpc.sys - this reference has been left in place
    ----------
    Key=gusvc
    ImagePath="C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" - this reference has been left in place
    ----------
    Key=HidUsb
    ImagePath=System32\DRIVERS\hidusb.sys - this reference has been left in place
    ----------
    Key=hsf_msft
    ImagePath=System32\DRIVERS\HSF_MSFT.sys - this reference has been left in place
    ----------
    Key=i8042prt
    ImagePath=System32\DRIVERS\i8042prt.sys - this reference has been left in place
    ----------
    Key=ImapiService
    ImagePath=C:\WINDOWS\System32\imapi.exe - this reference has been left in place
    ----------
    Key=InCDPass
    ImagePath=System32\DRIVERS\InCDPass.sys - this reference has been left in place
    ----------
    Key=InCDsrv
    ImagePath=C:\Program Files\Ahead\InCD\InCDsrv.exe - this reference has been left in place
    ----------
    Key=IpFilterDriver
    ImagePath=System32\DRIVERS\ipfltdrv.sys - this reference has been left in place
    ----------
    Key=IpInIp
    ImagePath=System32\DRIVERS\ipinip.sys - this reference has been left in place
    ----------
    Key=IpNat
    ImagePath=System32\DRIVERS\ipnat.sys - this reference has been left in place
    ----------
    Key=IPSec
    ImagePath=System32\DRIVERS\ipsec.sys - this reference has been left in place
    ----------
    Key=IRENUM
    ImagePath=System32\DRIVERS\irenum.sys - this reference has been left in place
    ----------
    Key=isapnp
    ImagePath=System32\DRIVERS\isapnp.sys - this reference has been left in place
    ----------
    Key=K56
    ImagePath=System32\DRIVERS\HSF_K56K.sys - this reference has been left in place
    ----------
    Key=Kbdclass
    ImagePath=System32\Drivers\Kbdclass.sys - this reference has been left in place
    ----------
    Key=kbdhid
    ImagePath=System32\DRIVERS\kbdhid.sys - this reference has been left in place
    ----------
    Key=kmixer
    ImagePath=system32\drivers\kmixer.sys - this reference has been left in place
    ----------
    Key=KodakCCS
    ImagePath=%SystemRoot%\system32\drivers\KodakCCS.exe - this reference has been left in place
    ----------
    Key=mnmsrvc
    ImagePath=C:\WINDOWS\System32\mnmsrvc.exe - this reference has been left in place
    ----------
    Key=Mouclass
    ImagePath=System32\Drivers\Mouclass.sys - this reference has been left in place
    ----------
    Key=mouhid
    ImagePath=System32\DRIVERS\mouhid.sys - this reference has been left in place
    ----------
    Key=MRxDAV
    ImagePath=System32\DRIVERS\mrxdav.sys - this reference has been left in place
    ----------
    Key=MRxSmb
    ImagePath=System32\DRIVERS\mrxsmb.sys - this reference has been left in place
    ----------
    Key=MSDTC
    ImagePath=C:\WINDOWS\System32\msdtc.exe - this reference has been left in place
    ----------
    Key=MSIServer
    ImagePath=C:\WINDOWS\System32\msiexec.exe /V - this reference has been left in place
    ----------
    Key=MSKSSRV
    ImagePath=system32\drivers\MSKSSRV.sys - this reference has been left in place
    ----------
    Key=MSPCLOCK
    ImagePath=system32\drivers\MSPCLOCK.sys - this reference has been left in place
    ----------
    Key=MSPQM
    ImagePath=system32\drivers\MSPQM.sys - this reference has been left in place
    ----------
    Key=MSTEE
    ImagePath=system32\drivers\MSTEE.sys - this reference has been left in place
    ----------
    Key=NABTSFEC
    ImagePath=System32\DRIVERS\NABTSFEC.sys - this reference has been left in place
    ----------
    Key=NdisIP
    ImagePath=System32\DRIVERS\NdisIP.sys - this reference has been left in place
    ----------
    Key=NdisTapi
    ImagePath=System32\DRIVERS\ndistapi.sys - this reference has been left in place
    ----------
    Key=Ndisuio
    ImagePath=System32\DRIVERS\ndisuio.sys - this reference has been left in place
    ----------
    Key=NdisWan
    ImagePath=System32\DRIVERS\ndiswan.sys - this reference has been left in place
    ----------
    Key=NetBIOS
    ImagePath=System32\DRIVERS\netbios.sys - this reference has been left in place
    ----------
    Key=NetBT
    ImagePath=System32\DRIVERS\netbt.sys - this reference has been left in place
    ----------
    Key=NetDDE
    ImagePath=%SystemRoot%\system32\netdde.exe - this reference has been left in place
    ----------
    Key=NetDDEdsdm
    ImagePath=%SystemRoot%\system32\netdde.exe - this reference has been left in place
    ----------
    Key=Netlogon
    ImagePath=%SystemRoot%\System32\lsass.exe - this reference has been left in place
    ----------
    Key=nm
    ImagePath=System32\DRIVERS\NMnt.sys - this reference has been left in place
    ----------
    Key=NTACCESS
    ImagePath=\??\D:\NTACCESS.sys - this file has been excluded from scanning
    ----------
    Key=NtLmSsp
    ImagePath=%SystemRoot%\System32\lsass.exe - this reference has been left in place
    ----------
    Key=nv
    ImagePath=System32\DRIVERS\nv4_mini.sys - this reference has been left in place
    ----------
    Key=NVSvc
    ImagePath=%SystemRoot%\System32\nvsvc32.exe - this reference has been left in place
    ----------
    Key=NwlnkFlt
    ImagePath=System32\DRIVERS\nwlnkflt.sys - this reference has been left in place
    ----------
    Key=NwlnkFwd
    ImagePath=System32\DRIVERS\nwlnkfwd.sys - this reference has been left in place
    ----------
    Key=Parport
    ImagePath=System32\DRIVERS\parport.sys - this reference has been left in place
    ----------
    Key=PCAMPR5
    ImagePath=\??\C:\WINDOWS\System32\PCAMPR5.SYS - this file has been excluded from scanning
    ----------
    Key=PCANDIS5
    ImagePath=\??\C:\WINDOWS\System32\PCANDIS5.SYS - this reference has been left in place
    ----------
    Key=PCI
    ImagePath=System32\DRIVERS\pci.sys - this reference has been left in place
    ----------
    Key=pepifilter
    ImagePath=System32\DRIVERS\lv302af.sys - this reference has been left in place
    ----------
    Key=PID_08A0
    ImagePath=System32\DRIVERS\LV302AV.SYS - this reference has been left in place
    ----------
    Key=PlugPlay
    ImagePath=%SystemRoot%\system32\services.exe - this reference has been left in place
    ----------
    Key=PolicyAgent
    ImagePath=%SystemRoot%\System32\lsass.exe - this reference has been left in place
    ----------
    Key=PptpMiniport
    ImagePath=System32\DRIVERS\raspptp.sys - this reference has been left in place
    ----------
    Key=Processor
    ImagePath=System32\DRIVERS\processr.sys - this reference has been left in place
    ----------
    Key=ProtectedStorage
    ImagePath=%SystemRoot%\system32\lsass.exe - this reference has been left in place
    ----------
    Key=PSched
    ImagePath=System32\DRIVERS\psched.sys - this reference has been left in place
    ----------
    Key=Ptilink
    ImagePath=System32\DRIVERS\ptilink.sys - this reference has been left in place
    ----------
    Key=PxHelp20
    ImagePath=System32\Drivers\PxHelp20.sys - this reference has been left in place
    ----------
    Key=RasAcd
    ImagePath=System32\DRIVERS\rasacd.sys - this reference has been left in place
    ----------
    Key=Rasl2tp
    ImagePath=System32\DRIVERS\rasl2tp.sys - this reference has been left in place
    ----------
    Key=RasPppoe
    ImagePath=System32\DRIVERS\raspppoe.sys - this reference has been left in place
    ----------
    Key=Raspti
    ImagePath=System32\DRIVERS\raspti.sys - this reference has been left in place
    ----------
    Key=Rdbss
    ImagePath=System32\DRIVERS\rdbss.sys - this reference has been left in place
    ----------
    Key=RDPCDD
    ImagePath=System32\DRIVERS\RDPCDD.sys - this reference has been left in place
    ----------
    Key=rdpdr
    ImagePath=System32\DRIVERS\rdpdr.sys - this reference has been left in place
    ----------
    Key=RDSessMgr
    ImagePath=C:\WINDOWS\system32\sessmgr.exe - this reference has been left in place
    ----------
    Key=redbook
    ImagePath=System32\DRIVERS\redbook.sys - this reference has been left in place
    ----------
    Key=Rksample
    ImagePath=System32\DRIVERS\HSF_SAMP.sys - this reference has been left in place
    ----------
    Key=RpcLocator
    ImagePath=%SystemRoot%\System32\locator.exe - this reference has been left in place
    ----------
    Key=RSVP
    ImagePath=%SystemRoot%\System32\rsvp.exe - this reference has been left in place
    ----------
    Key=rtl8139
    ImagePath=System32\DRIVERS\RTL8139.SYS - this reference has been left in place
    ----------
    Key=SamSs
    ImagePath=%SystemRoot%\system32\lsass.exe - this reference has been left in place
    ----------
    Key=SCardDrv
    ImagePath=%SystemRoot%\System32\SCardSvr.exe - this reference has been left in place
    ----------
    Key=SCardSvr
    ImagePath=%SystemRoot%\System32\SCardSvr.exe - this reference has been left in place
    ----------
    Key=Secdrv
    ImagePath=System32\DRIVERS\secdrv.sys - this reference has been left in place
    ----------
    Key=serenum
    ImagePath=System32\DRIVERS\serenum.sys - this reference has been left in place
    ----------
    Key=Serial
    ImagePath=System32\DRIVERS\serial.sys - this reference has been left in place
    ----------
    Key=SerialKeys
    ImagePath=C:\WINDOWS\system32\skeys.exe - this reference has been left in place
    ----------
    Key=SetupNTGLM7X
    ImagePath=\??\D:\NTGLM7X.sys - this file has been excluded from scanning
    ----------
    Key=sfdrv01
    ImagePath=System32\drivers\sfdrv01.sys - this reference has been left in place
    ----------
    Key=sfhlp02
    ImagePath=System32\drivers\sfhlp02.sys - this reference has been left in place
    ----------
    Key=sfsync02
    ImagePath=System32\drivers\sfsync02.sys - this reference has been left in place
    ----------
    Key=sfvfs02
    ImagePath=System32\drivers\sfvfs02.sys - this reference has been left in place
    ----------
    Key=SLIP
    ImagePath=System32\DRIVERS\SLIP.sys - this reference has been left in place
    ----------
    Key=SoftFax
    ImagePath=System32\DRIVERS\HSF_FAXX.sys - this reference has been left in place
    ----------
    Key=splitter
    ImagePath=system32\drivers\splitter.sys - this reference has been left in place
    ----------
    Key=Spooler
    ImagePath=%SystemRoot%\system32\spoolsv.exe - this reference has been left in place
    ----------
    Key=sr
    ImagePath=System32\DRIVERS\sr.sys - this reference has been left in place
    ----------
    Key=Srv
    ImagePath=System32\DRIVERS\srv.sys - this reference has been left in place
    ----------
    Key=SSHDRV84
    ImagePath=\??\C:\WINDOWS\System32\drivers\SSHDRV84.sys - this reference has been left in place
    ----------
    Key=streamip
    ImagePath=System32\DRIVERS\StreamIP.sys - this reference has been left in place
    ----------
    Key=swenum
    ImagePath=System32\DRIVERS\swenum.sys - this reference has been left in place
    ----------
    Key=swmidi
    ImagePath=system32\drivers\swmidi.sys - this reference has been left in place
    ----------
    Key=SwPrv
    ImagePath=C:\WINDOWS\System32\dllhost.exe /Processid:{20747FE9-A886-46AA-A925-1B2C68727C04} - this reference has been left in place
    ----------
    Key=sysaudio
    ImagePath=system32\drivers\sysaudio.sys - this reference has been left in place
    ----------
    Key=SysmonLog
    ImagePath=%SystemRoot%\system32\smlogsvc.exe - this reference has been left in place
    ----------
    Key=Tcpip
    ImagePath=System32\DRIVERS\tcpip.sys - this reference has been left in place
    ----------
    Key=TermDD
    ImagePath=System32\DRIVERS\termdd.sys - this reference has been left in place
    ----------
    Key=TlntSvr
    ImagePath=C:\WINDOWS\System32\tlntsvr.exe - this reference has been left in place
    ----------
    Key=Tones
    ImagePath=System32\DRIVERS\HSF_TONE.sys - this reference has been left in place
    ----------
    Key=UMWdf
    ImagePath=C:\WINDOWS\System32\wdfmgr.exe - this reference has been left in place
    ----------
    Key=Update
    ImagePath=System32\DRIVERS\update.sys - this reference has been left in place
    ----------
    Key=UPS
    ImagePath=%SystemRoot%\System32\ups.exe - this reference has been left in place
    ----------
    Key=usbaudio
    ImagePath=system32\drivers\usbaudio.sys - this reference has been left in place
    ----------
    Key=usbccgp
    ImagePath=System32\DRIVERS\usbccgp.sys - this reference has been left in place
    ----------
    Key=usbhub
    ImagePath=System32\DRIVERS\usbhub.sys - this reference has been left in place
    ----------
    Key=usbprint
    ImagePath=System32\DRIVERS\usbprint.sys - this reference has been left in place
    ----------
    Key=USBSTOR
    ImagePath=System32\DRIVERS\USBSTOR.SYS - this reference has been left in place
    ----------
    Key=usbuhci
    ImagePath=System32\DRIVERS\usbuhci.sys - this reference has been left in place
    ----------
    Key=USB_RNDIS
    ImagePath=System32\DRIVERS\usb8023.sys - this reference has been left in place
    ----------
    Key=usnjsvc
    ImagePath=C:\Program Files\MSN Messenger\usnsvc.exe - this reference has been left in place
    ----------
    Key=V124
    ImagePath=System32\DRIVERS\HSF_V124.sys - this reference has been left in place
    ----------
    Key=VgaSave
    ImagePath=\SystemRoot\System32\drivers\vga.sys - this reference has been left in place
    ----------
    Key=viaagp1
    ImagePath=System32\DRIVERS\viaagp1.sys - this reference has been left in place
    ----------
    Key=ViaIde
    ImagePath=System32\DRIVERS\viaidexp.sys - this reference has been left in place
    ----------
    Key=viamraid
    ImagePath=System32\DRIVERS\viamraid.sys - this reference has been left in place
    ----------
    Key=VSS
    ImagePath=%SystemRoot%\System32\vssvc.exe - this reference has been left in place
    ----------
    Key=Wanarp
    ImagePath=System32\DRIVERS\wanarp.sys - this reference has been left in place
    ----------
    Key=wdmaud
    ImagePath=system32\drivers\wdmaud.sys - this reference has been left in place
    ----------
    Key=WmiApSrv
    ImagePath=C:\WINDOWS\System32\wbem\wmiapsrv.exe - this reference has been left in place
    ----------
    Key=WSTCODEC
    ImagePath=System32\DRIVERS\WSTCODEC.SYS - this reference has been left in place
    ----------

    ******************************
    15:40:06: Scanning -----VXD ENTRIES-----
    Checking VMM32 VxD files being loaded

    ******************************
    15:40:06: Scanning ----- WINLOGON\NOTIFY DLLS -----
    Checking DLLs called from the Winlogon\Notify key:
    Key=crypt32chain
    DLLName=crypt32.dll - this reference has been left in place
    ----------
    Key=cryptnet
    DLLName=cryptnet.dll - this reference has been left in place
    ----------
    Key=cscdll
    DLLName=cscdll.dll - this reference has been left in place
    ----------
    Key=ScCertProp
    DLLName=wlnotify.dll - this reference has been left in place
    ----------
    Key=Schedule
    DLLName=wlnotify.dll - this reference has been left in place
    ----------
    Key=sclgntfy
    DLLName=sclgntfy.dll - this reference has been left in place
    ----------
    Key=SensLogn
    DLLName=WlNotify.dll - this reference has been left in place
    ----------
    Key=termsrv
    DLLName=wlnotify.dll - this reference has been left in place
    ----------
    Key=WgaLogon
    DLLName=WgaLogon.dll - this reference has been left in place
    ----------
    Key=wlballoon
    DLLName=wlnotify.dll - this reference has been left in place
    ----------

    ******************************
    15:40:07: Scanning ----- CONTEXTMENUHANDLERS -----
    Key = avast
    CLSID = {472083B0-C522-11CF-8763-00608CC02F24}
    C:\Program Files\Alwil Software\Avast4\ashShell.dll - this ContextMenuHandler has been left in place
    ----------
    Key = axcrypt.File
    CLSID = {C1C11DE3-3DD7-40E8-82D7-59E98C190ECA}
    C:\Program Files\Axon Data\AxCrypt\1.6.3\AxCrypt.dll - this ContextMenuHandler has been left in place
    ----------
    Key = BriefcaseMenu
    CLSID = {85BBD920-42A0-1069-A2E4-08002B30309D}
    syncui.dll - this ContextMenuHandler has been left in place
    ----------
    Key = Offline Files
    CLSID = {750fdf0e-2a26-11d1-a3ea-080036587f03}
    %SystemRoot%\System32\cscui.dll - this ContextMenuHandler has been left in place
    ----------
    Key = Open With
    CLSID = {09799AFB-AD67-11d1-ABCD-00C04FC30936}
    %SystemRoot%\system32\SHELL32.dll - this ContextMenuHandler has been left in place
    ----------
    Key = Open With EncryptionMenu
    CLSID = {A470F8CF-A1E8-4f65-8335-227475AA5C46}
    %SystemRoot%\system32\SHELL32.dll - this ContextMenuHandler has been left in place
    ----------
    Key = Trojan Remover
    CLSID = {52B87208-9CCF-42C9-B88E-069281105805}
    C:\PROGRA~1\TROJAN~1\Trshlex.dll - this ContextMenuHandler has been left in place
    ----------
    Key = {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
    %SystemRoot%\system32\SHELL32.dll - this ContextMenuHandler has been left in place
    ----------

    ******************************
    15:40:10: Scanning ----- FOLDER\COLUMNHANDLERS -----
    Key = {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    %SystemRoot%\system32\SHELL32.dll - this Folder\ColumnHandler has been left in place
    ----------
    Key = {24F14F01-7B1C-11d1-838f-0000F80461CF}
    %SystemRoot%\system32\SHELL32.dll - this Folder\ColumnHandler has been left in place
    ----------
    Key = {24F14F02-7B1C-11d1-838f-0000F80461CF}
    %SystemRoot%\system32\SHELL32.dll - this Folder\ColumnHandler has been left in place
    ----------
    Key = {66742402-F9B9-11D1-A202-0000F81FEDEE}
    %SystemRoot%\system32\SHELL32.dll - this Folder\ColumnHandler has been left in place
    ----------
    Key = {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
    "C:\Program Files\OpenOffice.org 2.1\program\shlxthdl.dll" - this Folder\ColumnHandler has been left in place
    ----------
    Key = {F9DB5320-233E-11D1-9F84-707F02C10627}
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll - this Folder\ColumnHandler has been left in place
    ----------

    ******************************
    15:40:12: Scanning ----- BROWSER HELPER OBJECTS -----
    Key = {AA58ED58-01DD-4d91-8333-CF10577473F7}
    c:\program files\google\googletoolbar2.dll - this Browser Helper Object has been left in place
    ----------

    ******************************
    15:40:13: Scanning ----- SHELLSERVICEOBJECTS -----
    Key = PostBootReminder
    %SystemRoot%\system32\SHELL32.dll - this ShellServiceObject has been left in place
    ----------
    Key = CDBurn
    %SystemRoot%\system32\SHELL32.dll - this ShellServiceObject has been left in place
    ----------
    Key = WebCheck
    %SystemRoot%\System32\webcheck.dll - this ShellServiceObject has been left in place
    ----------
    Key = SysTray
    C:\WINDOWS\System32\stobject.dll - this ShellServiceObject has been left in place
    ----------

    ******************************
    15:40:14: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
    No SharedTaskScheduler entries found to scan

    ******************************
    15:40:14: Scanning ----- IMAGEFILE DEBUGGERS -----
    No "Debugger" entries found.

    ******************************
    15:40:14: Scanning ----- APPINIT_DLLS -----
    The AppInit_DLLs value is blank

    ******************************
    15:40:14: Scanning ------ COMMON STARTUP GROUP ------
    [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
    The Common Startup Group attempts to load the following file(s) at boot time:
    desktop.ini - this file is expected and has been left in place
    --------------------
    Lancement rapide d'Adobe Reader.lnk - this links to C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe and has been left in place
    --------------------

    ******************************
    No User Startup Groups were located to check

    ******************************
    15:40:14: Scanning ----- SCHEDULED TASKS -----

    ******************************
    15:40:14: ----- EXTRA CHECKS -----
    PE386 rootkit checks completed
    ----------
    Winlogon registry rootkit checks completed
    ----------
    Heuristic checks for hidden files/drivers completed
    ----------

    ******************************
    15:40:14: Scanning ------ DOWNLOADED PROGRAM FILES ------
    The following files are located in the DOWNLOADED PROGRAM FILES directory:
    C:\WINDOWS\Downloaded Program Files\AxInst.exe - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\desktop.ini - this file is expected and has been left in place
    C:\WINDOWS\Downloaded Program Files\erma.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\PURen-us.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\PURfr-fr.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\PURfr-xx.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\swflash.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe - this file has been left in place

    ******************************
    15:40:16: Scanning ----- RUNNING PROCESSES -----

    C:\WINDOWS\System32\smss.exe
    --------------------
    C:\WINDOWS\system32\csrss.exe
    --------------------
    C:\WINDOWS\system32\winlogon.exe
    --------------------
    C:\WINDOWS\system32\services.exe
    --------------------
    C:\WINDOWS\system32\lsass.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\WINDOWS\System32\svchost.exe
    --------------------
    C:\WINDOWS\System32\svchost.exe
    --------------------
    C:\WINDOWS\System32\svchost.exe
    --------------------
    C:\WINDOWS\system32\spoolsv.exe
    --------------------
    C:\WINDOWS\Explorer.EXE
    --------------------
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    --------------------
    C:\Program Files\Logitech\Video\LogiTray.exe
    --------------------
    C:\Program Files\Winsos\WINSOS.EXE
    --------------------
    C:\Program Files\Antipub\antipub.exe
    --------------------
    C:\WINDOWS\System32\alg.exe
    --------------------
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    --------------------
    C:\Program Files\MSN Messenger\msnmsgr.exe
    --------------------
    C:\WINDOWS\System32\cisvc.exe
    --------------------
    C:\WINDOWS\System32\FTRTSVC.exe
    --------------------
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    --------------------
    C:\WINDOWS\System32\nvsvc32.exe
    --------------------
    C:\WINDOWS\System32\svchost.exe
    --------------------
    C:\WINDOWS\System32\wdfmgr.exe
    --------------------
    C:\Program Files\MSN Messenger\usnsvc.exe
    --------------------
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    --------------------
    C:\WINDOWS\System32\cidaemon.exe
    --------------------
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    --------------------
    C:\Documents and Settings\m\Application Data\Simply Super Software\Trojan Remover\rhr2.exe
    FileSize: 1 782 336
    [This is a Trojan Remover component]
    --------------------

    ******************************
    15:40:27: Checking AUTOEXEC.BAT file
    AUTOEXEC.BAT found in C:\
    No malicious entries were found in the AUTOEXEC.BAT file

    ******************************
    15:40:27: Checking AUTOEXEC.NT file
    AUTOEXEC.NT found in C:\WINDOWS\System32
    No malicious entries were found in the AUTOEXEC.NT file

    ******************************
    ------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Start Page":
    http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Local Page":
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Search Page":
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
    http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
    http://www.google.com/toolbar/ie8/sidebar.html
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page":
    https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fmeteo%2f%3f
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Local Page":
    C:\WINDOWS\SYSTEM32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Search Page":
    https://www.google.com/?gws_rd=ssl

    ******************************

    NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES


    Scan completed at: 14/04/2007 15:40:27
    ************************************************************

    ***** TROJAN REMOVER HAS RESTARTED THE SYSTEM *****
    13/04/2007 23:11:29: Trojan Remover has been restarted
    13/04/2007 23:11:29: Trojan Remover closed
    ************************************************************

    ***** NORMAL SCAN FOR ACTIVE MALWARE *****
    Trojan Remover Ver 6.5.9, Build 2462. For information, email simplysupsupport@aol.com
    [Unregistered version]
    Scan started at: 13/04/2007 23:02:36
    Using Database v6778
    Operating System: Windows XP Professional (Build 2600)
    Using data directory: C:\Documents and Settings\m\Application Data\Simply Super Software\Trojan Remover\
    Logfile directory: C:\Documents and Settings\m\Mes documents\Simply Super Software\Trojan Remover Logfiles\
    Running with Administrator privileges

    **************************************************
    Checking Registry exefile command for modifications
    Checking Registry comfile command for modifications
    Checking Registry piffile command for modifications
    Checking Registry batfile command for modifications
    Checking Registry regfile command for modifications
    Checking Registry cmdfile command for modifications
    Checking Registry scrfile command for modifications

    ******************************
    23:02:37: Scanning ----------WIN.INI-----------
    WIN.INI found in C:\WINDOWS

    ******************************
    23:02:37: Scanning --------SYSTEM.INI---------
    SYSTEM.INI found in C:\WINDOWS

    ******************************
    23:02:37: ----- SCANNING FOR ROOTKIT SERVICES -----
    No hidden Services were detected.

    ******************************
    23:02:41: Scanning -----WINDOWS REGISTRY-----
    --------------------
    Checking HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
    This key's "Shell" value calls the following program(s):
    Explorer.exe - this entry has been left in place
    ----------
    This key's "Userinit" value calls the following program(s):
    C:\WINDOWS\system32\userinit.exe - this entry has been left in place
    ----------
    This key's "System" value appears to be blank
    ----------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    --------------------
    Checking HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    Value Name = load
    The Data Value for this entry appears to be blank
    --------------------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    This Registry Key attempts to run the following program(s):
    Value Name = NvCplDaemon
    Value Data = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup - this command has been left in place
    --------------------
    Value Name = WA6PV_Check
    C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe - running process located and terminated
    Value Data = C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe - appears to contain SECURITYRISK.WINFIXER
    Value Data = C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe - this command has been removed
    C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe has been renamed to: C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe.ren
    Value Name = type32
    Value Data = C:\Program Files\Microsoft IntelliType Pro\type32.exe - this command has been left in place
    --------------------
    Value Name = LogitechVideoTray
    Value Data = C:\Program Files\Logitech\Video\LogiTray.exe - this command has been left in place
    --------------------
    Value Name = LogitechGalleryRepair
    Value Data = C:\Program Files\Logitech\Video\ISStart.exe - this command has been left in place
    --------------------
    Value Name = TrojanScanner
    Value Data = C:\Program Files\Trojan Remover\Trjscan.exe - this program is Trojan Remover's own scan file
    --------------------
    Value Name = TrojanScanner
    Value Data = C:\Program Files\Trojan Remover\Trjscan.exe - this program is Trojan Remover's own scan file
    --------------------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
    This Registry Key appears to be empty
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
    This Registry Key attempts to run the following program(s):
    Value Name =
    The Value Data for this entry appears to be blank
    --------------------
    --------------------
    Checking HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    This Registry Key attempts to run the following program(s):
    Value Name = unilex01
    The Value Data for this entry appears to be blank
    --------------------
    Value Name = WINSOS VERIFY
    Value Data = C:\Program Files\Winsos\WINSOS.EXE" MINI - this command has been left in place
    --------------------
    --------------------
    Checking HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
    This Registry Key appears to be empty

    ******************************
    23:03:03: Scanning -----SHELLEXECUTEHOOKS-----
    ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
    File: shell32.dll - this file is expected and has been left in place
    ----------

    ******************************
    23:03:03: Scanning -----HIDDEN REGISTRY ENTRIES-----
    Taskdir check completed
    ----------
    Hidden Registry Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    ValueName: jkpsbz
    Value: c:\windows\system32\jkpsbz.exe jkpsbz
    jkpsbz - this registry value has been removed [file not found to scan]
    c:\windows\system32\jkpsbz.exe - process is either not running or could not be terminated
    c:\windows\system32\jkpsbz.exe has been renamed to: c:\windows\system32\jkpsbz.exe.ren
    This file will also be marked for renaming during PC restart, in case it is re-created
    NVS2.INF, associated with Adware.NaviPromo, found in C:\WINDOWS\System32\
    C:\WINDOWS\System32\NVS2.INF has been renamed to: C:\WINDOWS\System32\NVS2.INF.ren
    PACK.EPK, associated with Adware.NaviPromo, found in C:\WINDOWS\
    C:\WINDOWS\PACK.EPK has been renamed to: C:\WINDOWS\PACK.EPK.ren
    C:\WINDOWS\System32\jkpsbz.dat has been renamed to: C:\WINDOWS\System32\jkpsbz.dat.ren
    This file will also be marked for renaming during PC restart, in case it is re-created
    C:\WINDOWS\System32\jkpsbz_nav.dat has been renamed to: C:\WINDOWS\System32\jkpsbz_nav.dat.ren
    This file will also be marked for renaming during PC restart, in case it is re-created
    C:\WINDOWS\System32\jkpsbz_navps.dat has been renamed to: C:\WINDOWS\System32\jkpsbz_navps.dat.ren
    This file will also be marked for renaming during PC restart, in case it is re-created
    ----------

    ******************************
    23:03:12: Scanning -----ACTIVE SCREENSAVER-----
    ScreenSaver=C:\WINDOWS\System32\SCREEN~1.SCR - this command has been left in place
    --------------------

    ******************************
    23:03:12: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
    Checking the StubPath calls in the Active Setup\Installed Components registry keys:
    Key=>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    StubPath=C:\WINDOWS\inf\unregmp2.exe - this reference has been left in place
    ----------
    Key={2C7339CF-2B09-4501-B3F3-F3508C9228ED}
    StubPath=C:\WINDOWS\system32\regsvr32.exe - this reference has been left in place
    ----------
    Key={44BBA840-CC51-11CF-AAFA-00AA00B6015C}
    StubPath=C:\Program Files\Outlook Express\setup50.exe - this reference has been left in place
    ----------
    Key={7790769C-0471-11d2-AF11-00C04FA35D02}
    StubPath=C:\Program Files\Outlook Express\setup50.exe - this reference has been left in place
    ----------
    Key={89820200-ECBD-11cf-8B85-00AA005B4340}
    StubPath=regsvr32.exe - this reference has been left in place
    ----------
    Key={89820200-ECBD-11cf-8B85-00AA005B4383}
    StubPath=C:\WINDOWS\System32\ie4uinit.exe - this reference has been left in place
    ----------
    Key={9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}
    StubPath=C:\WINDOWS\System32\updcrl.exe - this reference has been left in place
    ----------

    ******************************
    23:03:16: Scanning ----- SERVICEDLL REGISTRY KEYS -----
    Checking DLL files called from the CurrentControlSet\Services Keys:
    --------------------
    Key=Alerter
    ServiceDLL=%SystemRoot%\system32\alrsvc.dll - this reference has been left in place
    --------------------
    Key=AppMgmt
    ServiceDLL=%SystemRoot%\System32\appmgmts.dll - this reference has been left in place
    --------------------
    Key=AudioSrv
    ServiceDLL=%SystemRoot%\System32\audiosrv.dll - this reference has been left in place
    --------------------
    Key=BITS
    ServiceDLL=%SystemRoot%\System32\qmgr.dll - this reference has been left in place
    --------------------
    Key=Browser
    ServiceDLL=%SystemRoot%\System32\browser.dll - this reference has been left in place
    --------------------
    Key=CryptSvc
    ServiceDLL=%SystemRoot%\System32\cryptsvc.dll - this reference has been left in place
    --------------------
    Key=Dhcp
    ServiceDLL=%SystemRoot%\System32\dhcpcsvc.dll - this reference has been left in place
    --------------------
    Key=dmserver
    ServiceDLL=%SystemRoot%\System32\dmserver.dll - this reference has been left in place
    --------------------
    Key=Dnscache
    ServiceDLL=%SystemRoot%\System32\dnsrslvr.dll - this reference has been left in place
    --------------------
    Key=ERSvc
    ServiceDLL=%SystemRoot%\System32\ersvc.dll - this reference has been left in place
    --------------------
    Key=EventSystem
    ServiceDLL=C:\WINDOWS\System32\es.dll - this reference has been left in place
    --------------------
    Key=FastUserSwitchingCompatibility
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=helpsvc
    ServiceDLL=%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll - this reference has been left in place
    --------------------
    Key=HidServ
    ServiceDLL=%SystemRoot%\System32\hidserv.dll - this reference has been left in place
    --------------------
    Key=lanmanserver
    ServiceDLL=%SystemRoot%\System32\srvsvc.dll - this reference has been left in place
    --------------------
    Key=lanmanworkstation
    ServiceDLL=%SystemRoot%\System32\wkssvc.dll - this reference has been left in place
    --------------------
    Key=LmHosts
    ServiceDLL=%SystemRoot%\System32\lmhsvc.dll - this reference has been left in place
    --------------------
    Key=Messenger
    ServiceDLL=%SystemRoot%\System32\msgsvc.dll - this reference has been left in place
    --------------------
    Key=Netman
    ServiceDLL=%SystemRoot%\System32\netman.dll - this reference has been left in place
    --------------------
    Key=Nla
    ServiceDLL=%SystemRoot%\System32\mswsock.dll - this reference has been left in place
    --------------------
    Key=NtmsSvc
    ServiceDLL=%SystemRoot%\system32\ntmssvc.dll - this reference has been left in place
    --------------------
    Key=RasAuto
    ServiceDLL=%SystemRoot%\System32\rasauto.dll - this reference has been left in place
    --------------------
    Key=RasMan
    ServiceDLL=%SystemRoot%\System32\rasmans.dll - this reference has been left in place
    --------------------
    Key=RemoteAccess
    ServiceDLL=%SystemRoot%\System32\mprdim.dll - this reference has been left in place
    --------------------
    Key=RemoteRegistry
    ServiceDLL=%SystemRoot%\system32\regsvc.dll - this reference has been left in place
    --------------------
    Key=RpcSs
    ServiceDLL=%SystemRoot%\system32\rpcss.dll - this reference has been left in place
    --------------------
    Key=Schedule
    ServiceDLL=%SystemRoot%\system32\schedsvc.dll - this reference has been left in place
    --------------------
    Key=seclogon
    ServiceDLL=%SystemRoot%\System32\seclogon.dll - this reference has been left in place
    --------------------
    Key=SENS
    ServiceDLL=%SystemRoot%\system32\sens.dll - this reference has been left in place
    --------------------
    Key=SharedAccess
    ServiceDLL=%SystemRoot%\System32\ipnathlp.dll - this reference has been left in place
    --------------------
    Key=ShellHWDetection
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=srservice
    ServiceDLL=C:\WINDOWS\System32\srsvc.dll - this reference has been left in place
    --------------------
    Key=SSDPSRV
    ServiceDLL=%SystemRoot%\System32\ssdpsrv.dll - this reference has been left in place
    --------------------
    Key=stisvc
    ServiceDLL=%SystemRoot%\system32\wiaservc.dll - this reference has been left in place
    --------------------
    Key=TapiSrv
    ServiceDLL=%SystemRoot%\System32\tapisrv.dll - this reference has been left in place
    --------------------
    Key=TermService
    ServiceDLL=%SystemRoot%\System32\termsrv.dll - this reference has been left in place
    --------------------
    Key=Themes
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=TrkWks
    ServiceDLL=%SystemRoot%\system32\trkwks.dll - this reference has been left in place
    --------------------
    Key=uploadmgr
    ServiceDLL=%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll - this reference has been left in place
    --------------------
    Key=upnphost
    ServiceDLL=%SystemRoot%\System32\upnphost.dll - this reference has been left in place
    --------------------
    Key=W32Time
    ServiceDLL=C:\WINDOWS\System32\w32time.dll - this reference has been left in place
    --------------------
    Key=WebClient
    ServiceDLL=%SystemRoot%\System32\webclnt.dll - this reference has been left in place
    --------------------
    Key=winmgmt
    ServiceDLL=%SystemRoot%\system32\wbem\WMIsvc.dll - this reference has been left in place
    --------------------
    Key=WmdmPmSN
    ServiceDLL=C:\WINDOWS\System32\MsPMSNSv.dll - this reference has been left in place
    --------------------
    Key=Wmi
    ServiceDLL=%SystemRoot%\System32\advapi32.dll - this reference has been left in place
    --------------------
    Key=wuauserv
    ServiceDLL=C:\WINDOWS\System32\wuauserv.dll - this reference has been left in place
    --------------------
    Key=WZCSVC
    ServiceDLL=%SystemRoot%\System32\wzcsvc.dll - this reference has been left in place

    ******************************
    23:03:26: Scanning ----- SERVICES REGISTRY KEYS -----
    Checking files called from the CurrentControlSet\Services Keys:
    Key=ACPI
    ImagePath=System32\DRIVERS\ACPI.sys - this reference has been left in place
    ----------
    Key=aec
    ImagePath=system32\drivers\aec.sys - this reference has been left in place
    ----------
    Key=AFD
    ImagePath=\SystemRoot\System32\drivers\afd.sys - this reference has been left in place
    ----------
    Key=ALG
    ImagePath=%SystemRoot%\System32\alg.exe - this reference has been left in place
    ----------
    Key=aspnet_state
    ImagePath=%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - this reference has been left in place
    ----------
    Key=aswUpdSv
    ImagePath="C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" - this reference has been left in place
    ----------
    Key=AsyncMac
    ImagePath=System32\DRIVERS\asyncmac.sys - this reference has been left in place
    ----------
    Key=atapi
    ImagePath=System32\DRIVERS\atapi.sys - this reference has been left in place
    ----------
    Key=Atmarpc
    ImagePath=System32\DRIVERS\atmarpc.sys - this reference has been left in place
    ----------
    Key=audstub
    ImagePath=System32\DRIVERS\audstub.sys - this reference has been left in place
    ----------
    Key=avast! Antivirus
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashServ.exe" - this reference has been left in place
    ----------
    Key=avast! Mail Scanner
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service - this reference has been left in place
    ----------
    Key=avast! Web Scanner
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service - this reference has been left in place
    ----------
    Key=basic2
    ImagePath=System32\DRIVERS\HSF_BSC2.sys - this reference has been left in place
    ----------
    Key=Boonty Games
    ImagePath="C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" - this reference has been left in place
    ----------
    Key=CCDECODE
    ImagePath=System32\DRIVERS\CCDECODE.sys - this reference has been left in place
    ----------
    Key=Cdrom
    ImagePath=System32\DRIVERS\cdrom.sys - this reference has been left in place
    ----------
    Key=cisvc
    ImagePath=C:\WINDOWS\System32\cisvc.exe - this reference has been left in place
    ----------
    Key=ClipSrv
    ImagePath=%SystemRoot%\system32\clipsrv.exe - this reference has been left in place
    ----------
    Key=cmuda
    ImagePath=system32\drivers\cmuda.sys - this reference has been left in place [file not found to scan]
    ----------
    Key=cmuda2
    ImagePath=system32\drivers\cmuda2.sys - this reference has been left in place
    ----------
    Key=COMSysApp
    ImagePath=C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} - this reference has been left in place
    ----------
    Key=DcCam
    ImagePath=System32\DRIVERS\DcCam.sys - this reference has been left in place
    ----------
    Key=DcFpoint
    ImagePath=System32\DRIVERS\DcFpoint.sys - this reference has been left in place
    ----------
    Key=DCFS2K
    ImagePath=system32\drivers\dcfs2k.sys - this reference has been left in place
    ----------
    Key=DcLps
    ImagePath=System32\DRIVERS\DcLps.sys - this reference has been left in place
    ----------
    Key=DcPTP
    ImagePath=System32\DRIVERS\DcPTP.sys - this reference has been left in place
    ----------
    Key=Disk
    ImagePath=System32\DRIVERS\disk.sys - this reference has been left in place
    ----------
    Key=dmadmin
    ImagePath=%SystemRoot%\System32\dmadmin.exe /com - this reference has been left in place
    ----------
    Key=dmboot
    ImagePath=System32\drivers\dmboot.sys - this reference has been left in place
    ----------
    Key=dmio
    ImagePath=System32\drivers\dmio.sys - this reference has been left in place
    ----------
    Key=dmload
    ImagePath=System32\drivers\dmload.sys - this reference has been left in place
    ----------
    Key=DMusic
    ImagePath=system32\drivers\DMusic.sys - this reference has been left in place
    ----------
    Key=drmkaud
    ImagePath=system32\drivers\drmkaud.sy
    1
  2. cece2404 Messages postés 160 Statut Membre 7
     
    bonsoir. Est- ce que je peux désinstaller trojan remover maintenant vu que c'est bon. Je l'ai utilisé plusieurs fois mais j'ai vu qu'il y a 30 jours d'eesai

    merci
    1
  3. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Bonsoir,

    Juste en passant
    Tu as combien d'anti-virus ??

    1
  4. cece2404 Messages postés 160 Statut Membre 7
     
    j'ai 1 seul anti virus AVAST
    1
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. cece2404 Messages postés 160 Statut Membre 7
     
    ok merci beaucoup pour ton aide
    1
  7. florian.guston
     
    hello apparement tu as aussi une version gratuite de drivecleaner dans ton pc; c'est un malware...si tu ne recois que des spams et que tu n'as pas d'autres probs genre pc qui rame ou sablier pendant 5min tu peux tenter de le virer avec trojan remover, en mode sans échec; tapoter f8 dès le démarrage de ton os, tu le trouveras en free sur le web; bonne chance ;)
    0
  8. florian.guston
     
    bonsoir normalement c oki, le rapport étant très long il faudra néanmoins que tu le fasses réanalyser par un autre car 2 avis valent tjs mieux; le trojan remover est efficace généralement et je te conseille un Ccleaner pour bien nettoyer ton pc après chaque surf, voila en espérant que le prob est résolu a plus ;)
    0
  9. florian.guston
     
    bonsoir, tant que ton pc est ok tu n'en a plus besoin, pas la peine de scanner ts les jours :) quand le délai d'essai sera expiré il ne sera plus a jour et sera bon pour la corbeille... a +
    0