Heur.Downloader

voilà, j'ai fait ce q tu m'a demandé et il n'y a plus de message d'erreur
et le rapport, enfin j'espere q c ça car j'ai rien trouvé d'autre.
0+
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 10212008_234828

Cher Goldorack 59,


comment te remercier.
Vraiment, mon PC ne rame plus tu es un génie!!!
Milles Mercis!

Bonne nuit.
Une dernière chose le rapport que tu m'as demandé.
@+ en core merci



[ Rapport ToolsCleaner version 2.2.4 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

I:\SdFix.exe: trouvé !
I:\VundoFix.txt: trouvé !
I:\Combofix.txt: trouvé !
I:\fixnavi.txt: trouvé !
I:\cleannavi.txt: trouvé !
I:\TB.txt: trouvé !
I:\SDFIX: trouvé !
I:\Vundofix backups: trouvé !
I:\Qoobox: trouvé !
I:\_OtMoveIt: trouvé !
I:\Toolbar SD: trouvé !
I:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
I:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
I:\Documents and Settings\Francine\Bureau\SdFix.exe: trouvé !
I:\Documents and Settings\Francine\Bureau\OtMoveIt2.exe: trouvé !
I:\Documents and Settings\Francine\Bureau\SDFIX: trouvé !
I:\Documents and Settings\Francine\Bureau\SmitFraudfix: trouvé !
I:\Documents and Settings\Francine\Bureau\drivers\HijackThis.lnk: trouvé !
I:\Documents and Settings\Francine\Bureau\drivers\Navilog1.exe: trouvé !
I:\Documents and Settings\Francine\Bureau\drivers\Navilog1.lnk: trouvé !
I:\Documents and Settings\Francine\Mes documents\Mes textes\ToolBarSD.exe: trouvé !
I:\Documents and Settings\Francine\Recent\HijackThis.lnk: trouvé !
I:\Program Files\Navilog1: trouvé !
I:\Program Files\Navilog1\Navilog1.bat: trouvé !
I:\Program Files\Trend Micro\HijackThis: trouvé !
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
I:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

I:\SdFix.exe: supprimé !
I:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
I:\Documents and Settings\Francine\Bureau\SdFix.exe: supprimé !
I:\Documents and Settings\Francine\Bureau\OtMoveIt2.exe: supprimé !
I:\Documents and Settings\Francine\Bureau\drivers\HijackThis.lnk: supprimé !
I:\Documents and Settings\Francine\Bureau\drivers\Navilog1.exe: supprimé !
I:\Documents and Settings\Francine\Bureau\drivers\Navilog1.lnk: supprimé !
I:\Documents and Settings\Francine\Mes documents\Mes textes\ToolBarSD.exe: supprimé !
I:\Documents and Settings\Francine\Recent\HijackThis.lnk: supprimé !
I:\Program Files\Navilog1\Navilog1.bat: supprimé !
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
I:\VundoFix.txt: supprimé !
I:\Combofix.txt: supprimé !
I:\fixnavi.txt: supprimé !
I:\cleannavi.txt: supprimé !
I:\TB.txt: supprimé !
I:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
I:\SDFIX: supprimé !
I:\Vundofix backups: supprimé !
I:\Qoobox: supprimé !
I:\_OtMoveIt: supprimé !
I:\Toolbar SD: supprimé !
I:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
I:\Documents and Settings\Francine\Bureau\SDFIX: supprimé !
I:\Documents and Settings\Francine\Bureau\SmitFraudfix: supprimé !
I:\Program Files\Navilog1: supprimé !
I:\Program Files\Trend Micro\HijackThis: supprimé !

Bonjour Goldorak 59,

voici ce que tu m'as demandé.

j'espère que tu trouveras qqchose pour m'aider.

Encore merci.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:17:17, on 21/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
I:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
I:\WINDOWS\system32\cisvc.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
I:\WINDOWS\system32\HPZipm12.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\SearchIndexer.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\cidaemon.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
I:\Program Files\Analog Devices\Core\smax4pnp.exe
I:\Program Files\Analog Devices\SoundMAX\Smax4.exe
I:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
I:\Program Files\HP\HP Software Update\HPWuSchd2.exe
I:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
I:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
I:\Program Files\Nosibay\VPbubble\launcher.exe
I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\Program Files\Windows Desktop Search\WindowsSearch.exe
I:\Documents and Settings\Francine\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
I:\Documents and Settings\Francine\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
I:\Program Files\Windows Live\Contacts\wlcomm.exe
I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
I:\Program Files\Nosibay\VPbubble\VPbubble.exe
I:\WINDOWS\system32\rundll32.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
I:\Program Files\Windows Live\Toolbar\wltuser.exe
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe
I:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.aufeminin.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - I:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - I:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - I:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - I:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - I:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - I:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: (no name) - {613E416F-BCB6-43AD-B0FC-DF7B0D5A70BF} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {B7DBCD27-56B4-47D2-935C-B98A0DDA2821} - (no file)
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - I:\Program Files\MSN\Toolbar\3.0.0311.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - I:\Program Files\MSN\Toolbar\3.0.0311.0\msneshellx.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NeroCheck] I:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AudioDeck] I:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] I:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] I:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] I:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "I:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Ai Nap] "I:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [HP Software Update] I:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [basicsmssmenu] "I:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [HydraVisionDesktopManager] "I:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe"
O4 - HKLM\..\Run: [AVP] "I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Canal Widget] "I:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [VPbubble] "I:\Program Files\Nosibay\VPbubble\launcher.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = I:\Documents and Settings\Francine\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://I:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://I:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://I:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - I:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://I:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canal-plus.com (HKLM)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - I:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O20 - AppInit_DLLs: I:\PROGRA~1\KASPER~1\KASPER~1\MZVKBD.DLL,I:\PROGRA~1\KASPER~1\KASPER~1\ADIALHK.DLL,I:\PROGRA~1\KASPER~1\KASPER~1\KLOEHK.DLL I:\PROGRA~1\KASPER~1\KASPER~1\MZVKBD3.DLL I:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: efcBqpOH - I:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Basics Service - Seagate Technology LLC - I:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - I:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - I:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - I:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - I:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WZCBDL Service (WZCBDLService) - Unknown owner - I:\Program Files\WZCBDL Service\WZCBDLS.exe (file missing)
O24 - Desktop Component 0: (no name) - http://wallpapers.boolsite.net/...

Bonjour Goldorak 59,

voici ce que tu m'as demandé.

j'espère que tu trouveras qqchose pour m'aider.

Encore merci.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:17:17, on 21/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
I:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
I:\WINDOWS\system32\cisvc.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
I:\WINDOWS\system32\HPZipm12.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\SearchIndexer.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\cidaemon.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
I:\Program Files\Analog Devices\Core\smax4pnp.exe
I:\Program Files\Analog Devices\SoundMAX\Smax4.exe
I:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
I:\Program Files\HP\HP Software Update\HPWuSchd2.exe
I:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
I:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
I:\Program Files\Nosibay\VPbubble\launcher.exe
I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\Program Files\Windows Desktop Search\WindowsSearch.exe
I:\Documents and Settings\Francine\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
I:\Documents and Settings\Francine\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
I:\Program Files\Windows Live\Contacts\wlcomm.exe
I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
I:\Program Files\Nosibay\VPbubble\VPbubble.exe
I:\WINDOWS\system32\rundll32.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
I:\Program Files\Windows Live\Toolbar\wltuser.exe
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe
I:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.aufeminin.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - I:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - I:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - I:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - I:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - I:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - I:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: (no name) - {613E416F-BCB6-43AD-B0FC-DF7B0D5A70BF} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {B7DBCD27-56B4-47D2-935C-B98A0DDA2821} - (no file)
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - I:\Program Files\MSN\Toolbar\3.0.0311.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - I:\Program Files\MSN\Toolbar\3.0.0311.0\msneshellx.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NeroCheck] I:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AudioDeck] I:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] I:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] I:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] I:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "I:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Ai Nap] "I:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [HP Software Update] I:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [basicsmssmenu] "I:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [HydraVisionDesktopManager] "I:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe"
O4 - HKLM\..\Run: [AVP] "I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Canal Widget] "I:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [VPbubble] "I:\Program Files\Nosibay\VPbubble\launcher.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = I:\Documents and Settings\Francine\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://I:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://I:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://I:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - I:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://I:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canal-plus.com (HKLM)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - I:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O20 - AppInit_DLLs: I:\PROGRA~1\KASPER~1\KASPER~1\MZVKBD.DLL,I:\PROGRA~1\KASPER~1\KASPER~1\ADIALHK.DLL,I:\PROGRA~1\KASPER~1\KASPER~1\KLOEHK.DLL I:\PROGRA~1\KASPER~1\KASPER~1\MZVKBD3.DLL I:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: efcBqpOH - I:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Basics Service - Seagate Technology LLC - I:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - I:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - I:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - I:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - I:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WZCBDL Service (WZCBDLService) - Unknown owner - I:\Program Files\WZCBDL Service\WZCBDLS.exe (file missing)
O24 - Desktop Component 0: (no name) - http://wallpapers.boolsite.net/...

Goldorak 59,

voici le rapport.


-----------\\ ToolBar S&D 1.2.2 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz )
BIOS : BIOS Date: 01/30/07 15:09:48 Ver: 08.00.12
USER : Francine ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Internet Security 8.0.0.454 (Not Activated)
Firewall : Kaspersky Internet Security 8.0.0.454 (Not Activated)
A:\ (USB)
D:\ (CD or DVD)
H:\ (USB)
I:\ (Local Disk) - NTFS - Total : 149 Go Free : 64 Go
J:\ (Local Disk) - NTFS - Total : 465 Go Free : 73 Go

"I:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
Option : [1] ( 21/10/2008|13:27 )

-----------\\ Recherche de Fichiers / Dossiers ...

I:\DOCUME~1\Francine\LOCALS~1\Temp\NERO14768\Toolbar.exe
I:\Program Files\AskSBar
I:\Program Files\AskSBar\bar
I:\Program Files\AskSBar\SrchAstt
I:\Program Files\Hotbar
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316\buttons
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316\contexts
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316\images
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316\SimpleUpdate
I:\DOCUME~1\Francine\APPLIC~1\Starware316
I:\DOCUME~1\Francine\APPLIC~1\Starware316\BrowserSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Configurator
I:\DOCUME~1\Francine\APPLIC~1\Starware316\ErrorSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Free_Credit_Score
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Free_Music
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Layouts
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Manager
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Reference
I:\DOCUME~1\Francine\APPLIC~1\Starware316\RelatedSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Ringtones
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Screensavers
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Toolbar
I:\DOCUME~1\Francine\APPLIC~1\Starware316\ToolbarLogo
I:\DOCUME~1\Francine\APPLIC~1\Starware316\ToolbarSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\TravelSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Weather
I:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="I:\\WINDOWS\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="https://www.aufeminin.com/"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


--------------------\\ Recherche d'autres infections


I:\DOCUME~1\Francine\LOCALS~1\APPLIC~1\rosot.dat
I:\DOCUME~1\Francine\LOCALS~1\APPLIC~1\rosot_nav.dat
I:\DOCUME~1\Francine\LOCALS~1\APPLIC~1\rosot_navps.dat
[b]==> EGDACCESS <==/b

I:\WINDOWS\system32\qYFiQqru.ini
I:\WINDOWS\system32\qYFiQqru.ini2
[b]==> VUNDO <==/b

--------------------\\ ROGUES ..

I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316
I:\DOCUME~1\Francine\APPLIC~1\Starware316

--------------------\\ Cracks & Keygens ..

I:\DOCUME~1\Francine\Bureau\keygen.exe



1 - "I:\ToolBar SD\TB_1.txt" - 21/10/2008|13:28 - Option : [1]

-----------\\ Fin du rapport a 13:28:36,54

Goldorak 59,

voici le rapport.


-----------\\ ToolBar S&D 1.2.2 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz )
BIOS : BIOS Date: 01/30/07 15:09:48 Ver: 08.00.12
USER : Francine ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Internet Security 8.0.0.454 (Not Activated)
Firewall : Kaspersky Internet Security 8.0.0.454 (Not Activated)
A:\ (USB)
D:\ (CD or DVD)
H:\ (USB)
I:\ (Local Disk) - NTFS - Total : 149 Go Free : 64 Go
J:\ (Local Disk) - NTFS - Total : 465 Go Free : 73 Go

"I:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
Option : [1] ( 21/10/2008|13:27 )

-----------\\ Recherche de Fichiers / Dossiers ...

I:\DOCUME~1\Francine\LOCALS~1\Temp\NERO14768\Toolbar.exe
I:\Program Files\AskSBar
I:\Program Files\AskSBar\bar
I:\Program Files\AskSBar\SrchAstt
I:\Program Files\Hotbar
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316\buttons
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316\contexts
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316\images
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316\SimpleUpdate
I:\DOCUME~1\Francine\APPLIC~1\Starware316
I:\DOCUME~1\Francine\APPLIC~1\Starware316\BrowserSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Configurator
I:\DOCUME~1\Francine\APPLIC~1\Starware316\ErrorSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Free_Credit_Score
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Free_Music
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Layouts
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Manager
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Reference
I:\DOCUME~1\Francine\APPLIC~1\Starware316\RelatedSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Ringtones
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Screensavers
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Toolbar
I:\DOCUME~1\Francine\APPLIC~1\Starware316\ToolbarLogo
I:\DOCUME~1\Francine\APPLIC~1\Starware316\ToolbarSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\TravelSearch
I:\DOCUME~1\Francine\APPLIC~1\Starware316\Weather
I:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="I:\\WINDOWS\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="https://www.aufeminin.com/"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


--------------------\\ Recherche d'autres infections


I:\DOCUME~1\Francine\LOCALS~1\APPLIC~1\rosot.dat
I:\DOCUME~1\Francine\LOCALS~1\APPLIC~1\rosot_nav.dat
I:\DOCUME~1\Francine\LOCALS~1\APPLIC~1\rosot_navps.dat
[b]==> EGDACCESS <==/b

I:\WINDOWS\system32\qYFiQqru.ini
I:\WINDOWS\system32\qYFiQqru.ini2
[b]==> VUNDO <==/b

--------------------\\ ROGUES ..

I:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware316
I:\DOCUME~1\Francine\APPLIC~1\Starware316

--------------------\\ Cracks & Keygens ..

I:\DOCUME~1\Francine\Bureau\keygen.exe



1 - "I:\ToolBar SD\TB_1.txt" - 21/10/2008|13:28 - Option : [1]

-----------\\ Fin du rapport a 13:28:36,54