Win32 small

bab -  
 bab -
Bonjour,
mon pc est infecté par le virus win32 small. J'ai avast comme antivirus
quelqu'un peut-il m'aider
merci beaucoup
Configuration: Windows XP
Internet Explorer 7.0

3 réponses

  1. Profil bloqué
     
    slt fait ttes ces etapes:

    -etape 1 : Hijackthis poste le rapport ici meme

    - etape 2:
    prend sa Dr Web CureIt ! analyse rapide puis complete

    -etape3 :
    AVG Anti-spyware et A-squared mise a jour des 2

    -etape 4 :
    CCleaner repare et nettoie

    -etape 5 :
    Disk Defrag

    -etape 6 :
    SmitFraudFix choisit la deuxieme reponse puis au bout d'un moment il va te dire:"voulez vous nettoyer le registre" met o

    -etape 7 :
    poste 1nouveau log de hijack
    0
    1. bab
       
      merci, je vais essayer tout ça
      0
      1. bab > bab
         
        rapport de hijack

        mais en anglais !!

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 12:05:06, on 06/04/2008
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v7.00 (7.00.6000.16608)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        C:\Program Files\Alwil Software\Avast4\ashServ.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\WINDOWS\Explorer.EXE
        C:\Program Files\Analog Devices\Core\smax4pnp.exe
        C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
        C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
        C:\Program Files\Windows Live\Messenger\msnmsgr.exe
        C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
        C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
        C:\WINDOWS\system32\cisvc.exe
        C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
        C:\WINDOWS\system32\nvsvc32.exe
        C:\WINDOWS\system32\tcpsvcs.exe
        C:\WINDOWS\System32\snmp.exe
        C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        C:\WINDOWS\system32\cidaemon.exe
        C:\Program Files\Internet Explorer\IEXPLORE.EXE
        C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
        F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\%%%%%.exe
        O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
        O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
        O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
        O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
        O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [Flash Media] C:\WINDOWS\system32\%%%%%.exe
        O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
        O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
        O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
        O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
        O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
        O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6u5-windows-i586-jc.cab?AuthParam=1206812090_ea3bd122ae72d56ee958ae333b05dce5&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD39/JSCDL/jdk/6u5b/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
        O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
        O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
        O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (file missing)
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
        O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
        O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
        O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
        0
  2. Profil bloqué
     
    tu n'a rien mais continue mes etapes stp
    0
    1. bab
       
      je viens de lancer l'analyse complète avec dr web
      0
      1. bab > bab
         
        l'analyse "dr web" à bien été faite, elle n'à detécté aucun virus, ensuite j'ai installé avg antispyware, j'ai du éteindre mon ordi, mais impossible de l'eteindre, obligée de couper le courant ....... horreur!!!! Qd j'ai rallumé l'ordi il me signifit toujours ce virus, donc maintenant je lance l'analyse avec avg.
        0
    2. bab
       
      Version - a-squared Free 3.1
      Dernière mise à jour : 06/04/2008 14:26:37

      Paramètres du Scan :

      Éléments : Mémoire, Traces, Cookies, C:\, F:\
      Analyse les archives : Marche
      Heuristiques : Marche
      Analyse ADS : Marche

      Début de l'analyse : 06/04/2008 14:30:31

      C:\Documents and Settings\Famille Mattel\Cookies\famille_mattel@commentcamarche[2].txt Objets détectés : Trace.TrackingCookie
      C:\Documents and Settings\Famille Mattel\Local Settings\Temporary Internet Files\Content.IE5\FFHVV2FB\wv[1].exe Objets détectés : Trojan-Downloader.Win32.Small.tnt
      C:\Documents and Settings\Famille Mattel\nywtho.exe Objets détectés : Trojan-Downloader.Win32.Small.tnt
      C:\System Volume Information\_restore{2FFA96B1-C1EC-412F-9642-896D33922F12}\RP5\A0008471.exe Objets détectés : Trojan-Downloader.Win32.Small.tnt

      Analysé

      Fichiers: 86513
      Traces: 394498
      Cookies : 17
      Processus: 37

      Objets trouvés

      Fichiers: 3
      Traces: 0
      Cookies : 1
      Processus: 0
      Clés du Registre : 0

      Fin de l'analyse : 06/04/2008 15:09:26
      Temps de l'analyse : 0:38:55
      0
      1. bab > bab
         
        SmitFraudFix v2.200

        Rapport fait à 15:29:40,04, 06/04/2008
        Executé à partir de C:\Documents and Settings\Famille Mattel\Bureau\SmitfraudFix
        OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
        Le type du système de fichiers est NTFS
        Fix executé en mode normal

        »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
        !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


        »»»»»»»»»»»»»»»»»»»»»»»» hosts


        127.0.0.1 localhost

        »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

        GenericRenosFix by S!Ri


        »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


        »»»»»»»»»»»»»»»»»»»»»»»» DNS

        Description: Intel(R) PRO/100 VE Network Connection - Miniport d'ordonnancement de paquets
        DNS Server Search Order: 212.27.53.252
        DNS Server Search Order: 212.27.54.252

        HKLM\SYSTEM\CCS\Services\Tcpip\..\{C263E170-4A83-4A6F-AEC9-6C322CBAAF0E}: DhcpNameServer=212.27.53.252 212.27.54.252
        HKLM\SYSTEM\CS1\Services\Tcpip\..\{C263E170-4A83-4A6F-AEC9-6C322CBAAF0E}: DhcpNameServer=212.27.53.252 212.27.54.252
        HKLM\SYSTEM\CS2\Services\Tcpip\..\{C263E170-4A83-4A6F-AEC9-6C322CBAAF0E}: DhcpNameServer=212.27.53.252 212.27.54.252
        HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252
        HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252
        HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252


        »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

        Voici le rapport SmitfraudFix



        »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
        !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
        "System"=""


        »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

        Nettoyage terminé.

        »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
        !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll


        »»»»»»»»»»»»»»»»»»»»»»»» Fin
        0
  3. Profil bloqué
     
    continue en prenant sa Spyware Terminator Patch français pour Ad-aware Ad-Aware SE Personal Edition
    0
    1. bab
       
      voici le rapport de hijack.
      Je télécharge actuellement Spyreware terminator
      0
      1. bab > bab
         
        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 15:46:53, on 06/04/2008
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v7.00 (7.00.6000.16608)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        C:\Program Files\Alwil Software\Avast4\ashServ.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
        C:\WINDOWS\system32\cisvc.exe
        C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
        C:\WINDOWS\system32\nvsvc32.exe
        C:\WINDOWS\system32\tcpsvcs.exe
        C:\WINDOWS\System32\snmp.exe
        C:\Program Files\Analog Devices\Core\smax4pnp.exe
        C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
        C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
        C:\Program Files\Windows Live\Messenger\msnmsgr.exe
        C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
        C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        C:\Program Files\Internet Explorer\IEXPLORE.EXE
        C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
        C:\WINDOWS\system32\cidaemon.exe
        C:\Program Files\a-squared Free\a2service.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\WINDOWS\explorer.exe
        C:\Program Files\Internet Explorer\IEXPLORE.EXE
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
        F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\%%%%%.exe
        O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
        O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
        O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
        O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
        O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [Flash Media] C:\WINDOWS\system32\%%%%%.exe
        O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
        O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
        O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
        O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
        O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
        O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6u5-windows-i586-jc.cab?AuthParam=1206812090_ea3bd122ae72d56ee958ae333b05dce5&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD39/JSCDL/jdk/6u5b/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
        O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
        O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
        O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
        O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (file missing)
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
        O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
        O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
        O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
        0
    2. bab
       
      re bonjour,

      c'est impressionant à chaque fois que je fais un scan avec chaque antivir ou antiespion il trouve tjrs qque chose
      0
    3. bab
       
      Ad-Aware SE Build 1.06r1
      Logfile Created on:dimanche 6 avril 2008 16:15:13
      Created with Ad-Aware SE Personal, free for private use.
      Using definitions file:SE1R235 02.04.2008
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      References detected during the scan:
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      Tracking Cookie(TAC index:3):10 total references
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      Ad-Aware SE Settings
      ===========================
      Set : Search for negligible risk entries
      Set : Safe mode (always request confirmation)
      Set : Scan active processes
      Set : Scan registry
      Set : Deep-scan registry
      Set : Scan my IE Favorites for banned URLs
      Set : Scan my Hosts file

      Extended Ad-Aware SE Settings
      ===========================
      Set : Unload recognized processes & modules during scan
      Set : Scan registry for all users instead of current user only
      Set : Always try to unload modules before deletion
      Set : During removal, unload Explorer and IE if necessary
      Set : Let Windows remove files in use at next reboot
      Set : Delete quarantined objects after restoring
      Set : Include basic Ad-Aware settings in log file
      Set : Include additional Ad-Aware settings in log file
      Set : Include reference summary in log file
      Set : Include alternate data stream details in log file
      Set : Play sound at scan completion if scan locates critical objects


      06-04-2008 16:15:13 - Scan started. (Full System Scan)

      Listing running processes
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      #:1 [smss.exe]
      FilePath : \SystemRoot\System32\
      ProcessID : 628
      ThreadCreationTime : 06-04-2008 11:48:18
      BasePriority : Normal


      #:2 [csrss.exe]
      FilePath : \??\C:\WINDOWS\system32\
      ProcessID : 692
      ThreadCreationTime : 06-04-2008 11:48:19
      BasePriority : Normal


      #:3 [winlogon.exe]
      FilePath : \??\C:\WINDOWS\system32\
      ProcessID : 716
      ThreadCreationTime : 06-04-2008 11:48:20
      BasePriority : High


      #:4 [services.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 760
      ThreadCreationTime : 06-04-2008 11:48:20
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Système d'exploitation Microsoft® Windows®
      CompanyName : Microsoft Corporation
      FileDescription : Applications Services et Contrôleur
      InternalName : services.exe
      LegalCopyright : © Microsoft Corporation. Tous droits réservés.
      OriginalFilename : services.exe

      #:5 [lsass.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 780
      ThreadCreationTime : 06-04-2008 11:48:20
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : LSA Shell (Export Version)
      InternalName : lsass.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : lsass.exe

      #:6 [svchost.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 944
      ThreadCreationTime : 06-04-2008 11:48:21
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Generic Host Process for Win32 Services
      InternalName : svchost.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : svchost.exe

      #:7 [svchost.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 1012
      ThreadCreationTime : 06-04-2008 11:48:21
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Generic Host Process for Win32 Services
      InternalName : svchost.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : svchost.exe

      #:8 [svchost.exe]
      FilePath : C:\WINDOWS\System32\
      ProcessID : 1112
      ThreadCreationTime : 06-04-2008 11:48:21
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Generic Host Process for Win32 Services
      InternalName : svchost.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : svchost.exe

      #:9 [svchost.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 1204
      ThreadCreationTime : 06-04-2008 11:48:21
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Generic Host Process for Win32 Services
      InternalName : svchost.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : svchost.exe

      #:10 [svchost.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 1372
      ThreadCreationTime : 06-04-2008 11:48:22
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Generic Host Process for Win32 Services
      InternalName : svchost.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : svchost.exe

      #:11 [aswupdsv.exe]
      FilePath : C:\Program Files\Alwil Software\Avast4\
      ProcessID : 1460
      ThreadCreationTime : 06-04-2008 11:48:22
      BasePriority : Normal
      FileVersion : 4, 7, 1098, 0
      ProductVersion : 4, 7, 0, 0
      ProductName : avast! Antivirus
      CompanyName : ALWIL Software
      FileDescription : avast! Antivirus updating service
      InternalName : aswUpdSv.exe
      LegalCopyright : Copyright (c) 2007 ALWIL Software
      OriginalFilename : aswUpdSv.exe

      #:12 [ashserv.exe]
      FilePath : C:\Program Files\Alwil Software\Avast4\
      ProcessID : 1512
      ThreadCreationTime : 06-04-2008 11:48:22
      BasePriority : High
      FileVersion : 4, 7, 1098, 0
      ProductVersion : 4, 7, 0, 0
      ProductName : avast! Antivirus
      CompanyName : ALWIL Software
      FileDescription : avast! antivirus service
      InternalName : aswServ
      LegalCopyright : Copyright (c) 2007 ALWIL Software
      OriginalFilename : aswServ.exe

      #:13 [spoolsv.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 1760
      ThreadCreationTime : 06-04-2008 11:48:25
      BasePriority : Normal
      FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
      ProductVersion : 5.1.2600.2696
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Spooler SubSystem App
      InternalName : spoolsv.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : spoolsv.exe

      #:14 [guard.exe]
      FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
      ProcessID : 124
      ThreadCreationTime : 06-04-2008 11:48:31
      BasePriority : Normal
      FileVersion : 7, 5, 1, 22
      ProductVersion : 7, 5, 1, 22
      ProductName : AVG Anti-Spyware
      CompanyName : GRISOFT s.r.o.
      FileDescription : AVG Anti-Spyware guard
      InternalName : AVG Anti-Spyware guard
      LegalCopyright : Copyright © 2007 GRISOFT s.r.o.
      OriginalFilename : guard.exe

      #:15 [cisvc.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 156
      ThreadCreationTime : 06-04-2008 11:48:31
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Content Index service
      InternalName : cisvc.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : cisvc.exe

      #:16 [mdm.exe]
      FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\
      ProcessID : 212
      ThreadCreationTime : 06-04-2008 11:48:31
      BasePriority : Normal
      FileVersion : 7.00.9466
      ProductVersion : 7.00.9466
      ProductName : Microsoft® Visual Studio .NET
      CompanyName : Microsoft Corporation
      FileDescription : Machine Debug Manager
      InternalName : mdm.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : mdm.exe

      #:17 [nvsvc32.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 428
      ThreadCreationTime : 06-04-2008 11:48:35
      BasePriority : Normal
      FileVersion : 6.14.10.7124
      ProductVersion : 6.14.10.7124
      ProductName : NVIDIA Driver Helper Service, Version 71.24
      CompanyName : NVIDIA Corporation
      FileDescription : NVIDIA Driver Helper Service, Version 71.24
      InternalName : NVSVC
      LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
      OriginalFilename : nvsvc32.exe

      #:18 [tcpsvcs.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 516
      ThreadCreationTime : 06-04-2008 11:48:35
      BasePriority : Normal
      FileVersion : 5.1.2600.0 (xpclient.010817-1148)
      ProductVersion : 5.1.2600.0
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : TCP/IP Services Application
      InternalName : TCPSVCS.EXE
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : TCPSVCS.EXE

      #:19 [snmp.exe]
      FilePath : C:\WINDOWS\System32\
      ProcessID : 584
      ThreadCreationTime : 06-04-2008 11:48:36
      BasePriority : Normal
      FileVersion : 5.1.2600.3038 (xpsp_sp2_gdr.061119-2303)
      ProductVersion : 5.1.2600.3038
      ProductName : Système d'exploitation Microsoft® Windows®
      CompanyName : Microsoft Corporation
      FileDescription : Service SNMP
      InternalName : snmp.exe
      LegalCopyright : © Microsoft Corporation. Tous droits réservés.
      OriginalFilename : snmp.exe

      #:20 [smax4pnp.exe]
      FilePath : C:\Program Files\Analog Devices\Core\
      ProcessID : 1684
      ThreadCreationTime : 06-04-2008 11:48:41
      BasePriority : Normal
      FileVersion : 5, 2, 0, 5
      ProductVersion : 5, 2, 0, 5
      ProductName : SMax4PNP Application
      CompanyName : Analog Devices, Inc.
      FileDescription : SMax4PNP MFC Application
      InternalName : SMax4PNP
      LegalCopyright : Copyright (C) 2002-2004 Analog Devices
      OriginalFilename : SMax4PNP.EXE

      #:21 [ashdisp.exe]
      FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
      ProcessID : 1712
      ThreadCreationTime : 06-04-2008 11:48:41
      BasePriority : Normal
      FileVersion : 4, 7, 1098, 0
      ProductVersion : 4, 7, 0, 0
      ProductName : avast! Antivirus
      CompanyName : ALWIL Software
      FileDescription : avast! service GUI component
      InternalName : aswDisp
      LegalCopyright : Copyright (c) 2007 ALWIL Software
      OriginalFilename : aswDisp.exe

      #:22 [avgas.exe]
      FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
      ProcessID : 1920
      ThreadCreationTime : 06-04-2008 11:48:42
      BasePriority : Normal
      FileVersion : 7, 5, 1, 43
      ProductVersion : 7, 5, 1, 43
      ProductName : AVG Anti-Spyware
      CompanyName : GRISOFT s.r.o.
      FileDescription : AVG Anti-Spyware
      InternalName : AVG Anti-Spyware
      LegalCopyright : Copyright © 2007 GRISOFT s.r.o.
      OriginalFilename : avgas.exe

      #:23 [realsched.exe]
      FilePath : C:\Program Files\Fichiers communs\Real\Update_OB\
      ProcessID : 1904
      ThreadCreationTime : 06-04-2008 11:48:43
      BasePriority : Normal
      FileVersion : 0.1.0.4279
      ProductVersion : 0.1.0.4279
      ProductName : RealPlayer (32-bit)
      CompanyName : RealNetworks, Inc.
      FileDescription : RealNetworks Scheduler
      InternalName : schedapp
      LegalCopyright : Copyright © RealNetworks, Inc. 1995-2007
      LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
      OriginalFilename : realsched.exe

      #:24 [ctfmon.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 2076
      ThreadCreationTime : 06-04-2008 11:48:44
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : CTF Loader
      InternalName : CTFMON
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : CTFMON.EXE

      #:25 [memoptimizer.exe]
      FilePath : C:\Program Files\TuneUp Utilities 2008\
      ProcessID : 2088
      ThreadCreationTime : 06-04-2008 11:48:44
      BasePriority : Normal
      FileVersion : 7.0.7992.228
      ProductVersion : 7.0.0.0
      ProductName : TuneUp Utilities
      CompanyName : TuneUp Software GmbH
      FileDescription : TuneUp MemOptimizer
      LegalCopyright : Copyright © 2003-2007 TuneUp Software GmbH
      LegalTrademarks : TuneUp Utilities

      #:26 [msnmsgr.exe]
      FilePath : C:\Program Files\Windows Live\Messenger\
      ProcessID : 2096
      ThreadCreationTime : 06-04-2008 11:48:45
      BasePriority : Normal
      FileVersion : 8.5.1302.1018
      ProductVersion : 8.5.1302
      ProductName : Messenger
      CompanyName : Microsoft Corporation
      FileDescription : Windows Live Messenger
      InternalName : msnmsgr.exe
      LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved.
      OriginalFilename : msnmsgr.exe

      #:27 [googletoolbarnotifier.exe]
      FilePath : C:\Program Files\Google\GoogleToolbarNotifier\
      ProcessID : 2112
      ThreadCreationTime : 06-04-2008 11:48:45
      BasePriority : Normal
      FileVersion : 2, 0, 301, 1654
      ProductVersion : 2, 0, 301, 1654
      ProductName : GoogleToolbarNotifier
      CompanyName : Google Inc.
      FileDescription : GoogleToolbarNotifier
      LegalCopyright : Copyright © 2005-2007
      OriginalFilename : GoogleToolbarNotifier.exe

      #:28 [ashmaisv.exe]
      FilePath : C:\Program Files\Alwil Software\Avast4\
      ProcessID : 2308
      ThreadCreationTime : 06-04-2008 11:48:51
      BasePriority : Normal


      #:29 [ashwebsv.exe]
      FilePath : C:\Program Files\Alwil Software\Avast4\
      ProcessID : 2332
      ThreadCreationTime : 06-04-2008 11:48:51
      BasePriority : Normal


      #:30 [alg.exe]
      FilePath : C:\WINDOWS\System32\
      ProcessID : 2936
      ThreadCreationTime : 06-04-2008 11:49:02
      BasePriority : Normal
      FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
      ProductVersion : 5.1.2600.2180
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Application Layer Gateway Service
      InternalName : ALG.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : ALG.exe

      #:31 [wlloginproxy.exe]
      FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
      ProcessID : 1552
      ThreadCreationTime : 06-04-2008 11:50:46
      BasePriority : Normal
      FileVersion : 4.200.520.1
      ProductVersion : 4.200.520.1
      ProductName : Microsoft® Windows Live Login Helper
      CompanyName : Microsoft Corporation
      FileDescription : WLLoginProxy.exe
      InternalName : WLLoginProxy
      LegalCopyright : Copyright © 1995-2006 Microsoft Corporation.
      LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation.
      OriginalFilename : WLLoginProxy.exe

      #:32 [cidaemon.exe]
      FilePath : C:\WINDOWS\system32\
      ProcessID : 2104
      ThreadCreationTime : 06-04-2008 11:56:12
      BasePriority : Idle
      FileVersion : 5.1.2600.0 (xpclient.010817-1148)
      ProductVersion : 5.1.2600.0
      ProductName : Microsoft® Windows® Operating System
      CompanyName : Microsoft Corporation
      FileDescription : Indexing Service filter daemon
      InternalName : cidaemon.exe
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : cidaemon.exe

      #:33 [a2service.exe]
      FilePath : C:\Program Files\a-squared Free\
      ProcessID : 900
      ThreadCreationTime : 06-04-2008 12:27:02
      BasePriority : Normal
      FileVersion : 3.0.0.384
      ProductVersion : 3.0.0.0
      ProductName : a-squared
      CompanyName : Emsi Software GmbH
      FileDescription : a-squared Service
      InternalName : a2service
      LegalCopyright : (C) 2003-2007 Emsi Software GmbH
      OriginalFilename : a2service.exe

      #:34 [iexplore.exe]
      FilePath : C:\Program Files\Internet Explorer\
      ProcessID : 2636
      ThreadCreationTime : 06-04-2008 13:13:26
      BasePriority : Normal
      FileVersion : 7.00.6000.16608 (vista_gdr.071204-1500)
      ProductVersion : 7.00.6000.16608
      ProductName : Windows® Internet Explorer
      CompanyName : Microsoft Corporation
      FileDescription : Internet Explorer
      InternalName : iexplore
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : IEXPLORE.EXE

      #:35 [explorer.exe]
      FilePath : C:\WINDOWS\
      ProcessID : 3892
      ThreadCreationTime : 06-04-2008 13:32:26
      BasePriority : Normal
      FileVersion : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
      ProductVersion : 6.00.2900.3156
      ProductName : Système d'exploitation Microsoft® Windows®
      CompanyName : Microsoft Corporation
      FileDescription : Explorateur Windows
      InternalName : explorer
      LegalCopyright : © Microsoft Corporation. Tous droits réservés.
      OriginalFilename : EXPLORER.EXE

      #:36 [iexplore.exe]
      FilePath : C:\Program Files\Internet Explorer\
      ProcessID : 952
      ThreadCreationTime : 06-04-2008 13:42:53
      BasePriority : Normal
      FileVersion : 7.00.6000.16608 (vista_gdr.071204-1500)
      ProductVersion : 7.00.6000.16608
      ProductName : Windows® Internet Explorer
      CompanyName : Microsoft Corporation
      FileDescription : Internet Explorer
      InternalName : iexplore
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : IEXPLORE.EXE

      #:37 [sp_rsser.exe]
      FilePath : C:\Program Files\Spyware Terminator\
      ProcessID : 144
      ThreadCreationTime : 06-04-2008 13:50:03
      BasePriority : Normal
      FileVersion : 2.1.0.284
      ProductName : Crawler Spyware Terminator
      CompanyName : Crawler.com
      FileDescription : Spyware Terminator Realtime Shield Service
      LegalCopyright : © Crawler.com

      #:38 [ctoolbar.exe]
      FilePath : C:\Program Files\Crawler\Toolbar\
      ProcessID : 3564
      ThreadCreationTime : 06-04-2008 13:50:51
      BasePriority : Normal
      FileVersion : 5.1.0.191
      ProductName : Crawler Toolbar
      CompanyName : Crawler.com
      FileDescription : Crawler Toolbar
      LegalCopyright : © Crawler.com
      OriginalFilename : CToolbar.exe

      #:39 [hijackthis.exe]
      FilePath : C:\Program Files\Trend Micro\HijackThis\
      ProcessID : 1072
      ThreadCreationTime : 06-04-2008 14:03:33
      BasePriority : Normal
      FileVersion : 2.00.0002
      ProductVersion : 2.00.0002
      ProductName : HijackThis
      CompanyName : Trend Micro Inc.
      FileDescription : HijackThis
      InternalName : HijackThis
      LegalCopyright : (c) 2007 Trend Micro Inc
      OriginalFilename : HijackThis.exe

      #:40 [ad-aware.exe]
      FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
      ProcessID : 3600
      ThreadCreationTime : 06-04-2008 14:14:31
      BasePriority : Normal
      FileVersion : 6.2.0.236
      ProductVersion : SE 106
      ProductName : Lavasoft Ad-Aware SE
      CompanyName : Lavasoft Sweden
      FileDescription : Ad-Aware SE Core application
      InternalName : Ad-Aware.exe
      LegalCopyright : Copyright © Lavasoft AB Sweden
      OriginalFilename : Ad-Aware.exe
      Comments : All Rights Reserved

      #:41 [hh.exe]
      FilePath : C:\WINDOWS\
      ProcessID : 2556
      ThreadCreationTime : 06-04-2008 14:14:33
      BasePriority : Normal
      FileVersion : 5.2.3790.2453 (srv03_sp1_gdr.050525-1542)
      ProductVersion : 5.2.3790.2453
      ProductName : HTML Help
      CompanyName : Microsoft Corporation
      FileDescription : Microsoft® HTML Help Executable
      InternalName : HH 1.41
      LegalCopyright : © Microsoft Corporation. All rights reserved.
      OriginalFilename : HH.exe

      Memory scan result:
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      New critical objects: 0
      Objects found so far: 0


      Started registry scan
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      Registry Scan result:
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      New critical objects: 0
      Objects found so far: 0


      Started deep registry scan
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      Deep registry scan result:
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      New critical objects: 0
      Objects found so far: 0


      Started Tracking Cookie scan
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@tradedoubler[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:1
      Value : Cookie:famille mattel@tradedoubler.com/
      Expires : 01-04-2028 15:11:28
      LastSync : Hits:1
      UseCount : 0
      Hits : 1

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@bluestreak[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:5
      Value : Cookie:famille mattel@bluestreak.com/
      Expires : 04-04-2018 12:16:06
      LastSync : Hits:5
      UseCount : 0
      Hits : 5

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@msnportal.112.2o7[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:1
      Value : Cookie:famille mattel@msnportal.112.2o7.net/
      Expires : 05-04-2013 15:43:00
      LastSync : Hits:1
      UseCount : 0
      Hits : 1

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@tribalfusion[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:14
      Value : Cookie:famille mattel@tribalfusion.com/
      Expires : 06-04-2009 15:24:08
      LastSync : Hits:14
      UseCount : 0
      Hits : 14

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@weborama[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:1
      Value : Cookie:famille mattel@weborama.fr/
      Expires : 06-04-2010 15:44:08
      LastSync : Hits:1
      UseCount : 0
      Hits : 1

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@mediaplex[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:1
      Value : Cookie:famille mattel@mediaplex.com/
      Expires : 22-06-2009 02:00:00
      LastSync : Hits:1
      UseCount : 0
      Hits : 1

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@advertising[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:12
      Value : Cookie:famille mattel@advertising.com/
      Expires : 05-04-2013 15:44:20
      LastSync : Hits:12
      UseCount : 0
      Hits : 12

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@searchmobile.solution.weborama[2].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:8
      Value : Cookie:famille mattel@searchmobile.solution.weborama.fr/
      Expires : 05-06-2008 15:44:20
      LastSync : Hits:8
      UseCount : 0
      Hits : 8

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : famille_mattel@smartadserver[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment : Hits:9
      Value : Cookie:famille mattel@smartadserver.com/
      Expires : 01-04-2028 15:44:20
      LastSync : Hits:9
      UseCount : 0
      Hits : 9

      Tracking cookie scan result:
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      New critical objects: 9
      Objects found so far: 9



      Deep scanning and examining files (C:)
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      Tracking Cookie Object Recognized!
      Type : IECache Entry
      Data : gégélcm@adserver.aol[1].txt
      TAC Rating : 3
      Category : Data Miner
      Comment :
      Value : C:\Documents and Settings\gégélcm\Cookies\gégélcm@adserver.aol[1].txt

      Disk Scan Result for C:\
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      New critical objects: 0
      Objects found so far: 10


      Deep scanning and examining files (F:)
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      Disk Scan Result for F:\
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      New critical objects: 0
      Objects found so far: 10


      Scanning Hosts file......
      Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      Hosts file scan result:
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      1 entries scanned.
      New critical objects:0
      Objects found so far: 10


      Voici le rapport après ad awre se personnel edition

      Performing conditional scans...
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

      Conditional scan result:
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      New critical objects: 0
      Objects found so far: 10

      16:27:45 Scan Complete

      Summary Of This Scan
      »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
      Total scanning time:00:12:32.359
      Objects scanned:171391
      Objects identified:10
      Objects ignored:0
      New critical objects:10
      0