Hacked By Godzilla comment supprimer?

FéeClochette -  
 FéeClochette -
Bonjour,
voilà, comme beaucoup, mon pc est contaminé par "hacked by godzilla" (c'est écrit dans la barre de la fenêtre internet explorer), et je ne sais pas si c'est lié mais je ne peux plus empêcher les fenêtres intempestives... Comment supprimer ce virus? Merci d'avance!
Configuration: Windows XP
Internet Explorer 7.0

9 réponses

  1. Utilisateur anonyme
     
    Salut,

    Telecharge UsbFix sur ton bureau

    --> Lance l installation avec les parametres par default

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

    --> Double clic sur le raccourci UsbFix sur ton bureau

    --> Le pc va redémarer

    -->Apres redémarrage post le rapport UsbFix.txt

    Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
    1
    1. FéeClochette
       
      Merci beaucoup, apparemment ça a fonctionné, "hacked by godzilla" n'apparaît plus!!!
      voici le rapport d'UsbFix:



      -------------- UsbFix V2.395 ---------------

      * User : pbell - 103050090004
      * Outils mis a jours le 01/11/2008 par Chiquitine29 et Chimay8
      * Recherche effectuée à 12:26:01 le 03/11/2008
      * Windows Xp - Internet Explorer 7.0.5730.11


      --------------- [ Processus actifs ] ----------------


      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\system32\userinit.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\DOCUME~1\pbell\LOCALS~1\Temp\1.tmp\b2e.exe

      --------------- [ Informations lecteurs ] ----------------

      C: - Lecteur fixe

      L: - Lecteur amovible

      N: - Lecteur amovible


      +- Contenu de l'autorun : L:\autorun.inf

      [autorun]
      shellexecute=wscript.exe MS32DLL.dll.vbs
      +- Contenu de l'autorun : N:\autorun.inf

      [autorun]
      shellexecute=wscript.exe MS32DLL.dll.vbs
      --------------- [ Registre / Startup ] ----------------


      ! REG.EXE VERSION 3.0

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
      IMJPMIG8.1 REG_SZ "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      PHIME2002ASync REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      PHIME2002A REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
      SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      PCMService REG_SZ "c:\Apps\Powercinema\PCMService.exe"
      ACTIVBOARD REG_SZ c:\apps\ABoard\ABoard.exe
      BJCFD REG_SZ C:\Program Files\BroadJump\Client Foundation\CFD.exe
      PhilipsDM REG_SZ "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
      Workflow REG_SZ D:\install\Workflow.exe
      EPSON Stylus DX4000 Series REG_SZ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S88.tmp" /EF "HKLM"
      URLLSTCK.exe REG_SZ C:\Program Files\Norton Internet Security\UrlLstCk.exe
      ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
      QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
      Adobe Photo Downloader REG_SZ "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
      avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      Symantec NetDriver Monitor REG_SZ C:\PROGRA~1\SYMNET~1\SNDMon.exe
      Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      SMSTray REG_SZ C:\Program Files\Samsung\EmoDio\SMSTray.exe
      TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

      ! REG.EXE VERSION 3.0

      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
      CursorXP REG_SZ C:\Program Files\CursorXP\CursorXP.exe
      PhilipsLime REG_SZ "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
      OM_Monitor REG_SZ C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
      swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
      Acmw REG_SZ "C:\DOCUME~1\pbell\APPLIC~1\RACLE~1\wuauboot.exe" -vt ndrv
      Idfghfck REG_SZ "C:\Program Files\?ppPatch\d?xplore.exe"

      --------------- [ Registre / Mountpoint2 ] ----------------

      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{522d10e6-bee2-11dc-beaf-0008d320c3c4}\Shell\AutoRun\command
      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b6b3180-f86e-11da-bc9c-000fb59bb502}\Shell\AutoRun\command
      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfc4ae15-afb3-11db-bd6b-00038a000015}\Shell\AutoRun\command

      --------------- [ Nettoyage des disques ] ----------------

      Supprimé ! - [31/10/2008 16:00] L:\autorun.inf
      Supprimé ! - [31/10/2008 16:00] L:\*.dll.vbs
      Supprimé ! - [28/10/2008 13:40] N:\autorun.inf
      Supprimé ! - [28/10/2008 13:40] N:\*.dll.vbs

      --------------- [ Listing des fichiers présents ] ----------------

      -> /!\ Le resultat doit etre interprété par un spécialiste /!\

      [05/08/2004 13:00][-rahs----] C:\NTDETECT.COM
      [18/05/2007 16:23][-rahs----] C:\BOOT.INI

      --------------- ! Fin du rapport ! ----------------
      0
  2. Utilisateur anonyme
     
    Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique sur combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    Avant d'utiliser ComboFix :

    -> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

    -> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

    Une fois fait, sur ton bureau double-clic sur Combofix.exe.

    - Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

    /!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

    - En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

    - Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

    -> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    -> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
    1
    1. FéeClochette
       
      voici le rapport, par contre le programme ne m'a pas demandé de choisir un quelconque menu :

      ComboFix 08-11-03.04 - pbell 2008-11-04 11:11:40.1 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.270 [GMT 1:00]
      Lancé depuis: c:\documents and settings\pbell\Bureau\ComboFix.exe
      * Un nouveau point de restauration a été créé
      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .

      c:\documents and settings\pbell\Application Data\RACLE~1
      c:\documents and settings\pbell\Application Data\RACLE~1\?icrosoft\
      c:\documents and settings\pbell\Application Data\RACLE~1\wuauboot.exe
      c:\documents and settings\pbell\Menu Démarrer\Programmes\Outerinfo
      c:\documents and settings\pbell\Menu Démarrer\Programmes\Outerinfo\Terms.lnk
      c:\documents and settings\pbell\Menu Démarrer\Programmes\Outerinfo\Uninstall.lnk
      c:\documents and settings\pbell\Mes documents\YMANTE~1
      c:\documents and settings\pbell\real.txt
      c:\program files\GamesBar\oberontb.dll
      c:\program files\pppatc~1
      c:\program files\pppatc~1\d?xplore.exe
      c:\program files\ymante~1
      c:\windows\Downloaded Program Files\setup.inf
      c:\windows\stem32~1
      c:\windows\system32\_000005_.tmp.dll

      .
      ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-04 au 2008-11-04 ))))))))))))))))))))))))))))))))))))
      .

      2008-11-03 23:07 . 2008-11-03 23:08 <REP> d-------- c:\program files\Miss Teri Tale - Vote 4 Me
      2008-11-03 21:48 . 2008-11-03 22:03 <REP> d-------- c:\program files\Navilog1
      2008-11-03 16:26 . 2008-11-03 16:26 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
      2008-11-03 16:26 . 2008-11-03 16:26 <REP> d-------- c:\documents and settings\pbell\Application Data\Malwarebytes
      2008-11-03 16:26 . 2008-11-03 16:26 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
      2008-11-03 16:26 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
      2008-11-03 16:26 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
      2008-11-03 16:08 . 2008-11-03 16:08 <REP> d-------- C:\Themes
      2008-11-03 14:30 . 2008-11-03 14:30 <REP> d-------- c:\program files\Trend Micro
      2008-11-03 12:20 . 2008-11-03 12:26 <REP> d-------- c:\program files\UsbFix
      2008-11-03 00:02 . 2008-11-03 00:03 <REP> d-------- c:\documents and settings\pbell\Application Data\SprillBermudeFr
      2008-10-27 19:23 . 2008-10-27 19:25 <REP> d-------- c:\documents and settings\pbell\Application Data\PetShowCraze
      2008-10-27 15:40 . 2008-10-27 15:40 <REP> d-------- c:\documents and settings\pbell\Application Data\Pogo Games
      2008-10-25 11:50 . 2008-10-25 11:50 <REP> d-------- c:\documents and settings\All Users\Application Data\SpinTop Games
      2008-10-21 13:48 . 2008-10-21 13:48 <REP> d-------- c:\documents and settings\pbell\Application Data\Alawar
      2008-10-21 12:01 . 2008-10-21 12:01 <REP> d-------- c:\documents and settings\All Users\Application Data\MysteryChronicles
      2008-10-14 13:45 . 2008-10-14 13:45 <REP> d-------- c:\documents and settings\pbell\Application Data\Amaranth Games
      2008-10-13 18:04 . 2008-10-13 18:04 <REP> d-------- c:\documents and settings\pbell\Application Data\SulusGames
      2008-10-06 17:56 . 2008-10-06 17:56 <REP> d-------- c:\documents and settings\pbell\Application Data\AlterLab
      2008-10-05 23:33 . 2008-10-27 15:05 <REP> d-------- c:\program files\Oberon Media

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-11-04 10:11 --------- d-----w c:\program files\GamesBar
      2008-11-04 09:57 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
      2008-11-03 23:09 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
      2008-11-03 19:10 --------- d-----w c:\documents and settings\All Users\Application Data\BigFishGamesCache
      2008-11-03 15:07 --------- d-----w c:\program files\CursorXP
      2008-11-03 13:50 --------- d-----w c:\program files\eMule
      2008-10-28 21:44 --------- d-----w c:\documents and settings\pbell\Application Data\Big Fish Games
      2008-10-25 13:18 --------- d-----w c:\documents and settings\pbell\Application Data\PlayFirst
      2008-10-25 13:18 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst
      2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll
      2008-10-13 19:40 --------- d-----w c:\documents and settings\pbell\Application Data\Flood Light Games
      2008-10-13 19:40 --------- d-----w c:\documents and settings\All Users\Application Data\Flood Light Games
      2008-10-05 22:37 --------- d-----w c:\documents and settings\All Users\Application Data\Sandlot Games
      2008-10-03 17:12 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
      2008-10-03 16:23 --------- d-----w c:\program files\Fichiers communs\xing shared
      2008-10-03 16:21 --------- d-----w c:\program files\Fichiers communs\Real
      2008-09-30 20:29 --------- d-----w c:\documents and settings\pbell\Application Data\Games
      2008-09-23 08:50 --------- d-----w c:\documents and settings\All Users\Application Data\Gogii
      2008-09-22 21:16 --------- d-----w c:\documents and settings\All Users\Application Data\TheRace_dev
      2008-09-22 16:35 --------- d-----w c:\documents and settings\pbell\Application Data\Meridian93
      2008-09-22 10:54 --------- d-----w c:\documents and settings\pbell\Application Data\blg
      2008-09-22 10:54 --------- d-----w c:\documents and settings\All Users\Application Data\blg
      2008-09-21 21:27 --------- d-----w c:\program files\bfgclient
      2008-09-18 12:49 --------- d-----w c:\documents and settings\pbell\Application Data\BeachPartyCraze
      2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
      2008-09-15 15:39 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
      2008-09-08 10:53 --------- d-----w c:\documents and settings\All Users\Application Data\FamilyFlights
      2008-09-02 06:36 73,784 ----a-w c:\documents and settings\pbell\Application Data\GDIPFONTCACHEV1.DAT
      2008-08-28 10:04 333,056 ------w c:\windows\system32\dllcache\srv.sys
      2008-08-27 09:11 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
      2008-08-25 08:39 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
      2008-08-25 08:38 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
      2008-08-24 19:56 96,704 ----a-w c:\windows\~GLC0000.TMP
      2008-08-23 05:56 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
      2008-08-23 05:54 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
      2008-08-14 13:44 2,182,400 ----a-w c:\windows\system32\ntoskrnl.exe
      2008-08-14 13:44 2,182,400 ------w c:\windows\system32\dllcache\ntoskrnl.exe
      2008-08-14 13:44 2,138,112 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
      2008-08-14 13:44 2,059,776 ----a-w c:\windows\system32\ntkrnlpa.exe
      2008-08-14 13:44 2,059,776 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
      2008-08-14 13:44 2,017,792 ------w c:\windows\system32\dllcache\ntkrpamp.exe
      2008-08-14 09:51 138,368 ------w c:\windows\system32\dllcache\afd.sys
      2008-05-13 13:12 0 ----a-w c:\program files\temp01
      2008-04-10 16:22 2,149,941 ----a-w c:\program files\cleanvirusmsn.zip
      2007-12-03 09:38 9 ----a-w c:\documents and settings\pbell\Application Data\mdb.bin
      2007-07-27 11:55 3,858,985 ----a-w c:\program files\eMule0.48a-Installer.exe
      2007-07-09 19:37 4,909,080 ----a-w c:\program files\picasa2Setup.exe
      2007-06-26 10:30 17,929,072 ----a-w c:\program files\Install_Messenger.exe
      2007-04-18 20:23 87,608 ----a-w c:\documents and settings\pbell\Application Data\ezpinst.exe
      2007-04-18 20:23 47,360 ----a-w c:\documents and settings\pbell\Application Data\pcouffin.sys
      2007-04-27 15:41 56 --sh--r c:\windows\system32\E72D798504.sys
      2007-04-27 15:41 1,890 --sha-w c:\windows\system32\KGyGaAvL.sys
      .

      ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Idfghfck"="c:\program files\?ppPatch\d?xplore.exe" [?]
      "PhilipsLime"="c:\program files\Philips\Philips Lime Service\bin\LimeAlive.exe" [2005-09-08 159744]
      "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 68856]
      "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
      "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
      "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
      "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
      "ATIPTA"="c:\ati technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 339968]
      "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
      "PCMService"="c:\apps\Powercinema\PCMService.exe" [2004-10-08 81920]
      "ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]
      "BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
      "PhilipsDM"="c:\program files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [2005-09-14 512000]
      "URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2004-01-27 70760]
      "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2003-09-09 70800]
      "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
      "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-10-21 98304]
      "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
      "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
      "Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2006-02-26 95960]
      "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
      "SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2008-06-23 479232]
      "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-10-03 185872]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]
      "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
      "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

      c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-07-09 113664]
      Microsoft Office.lnk - c:\program files\microsoft office\Office10\OSA.EXE [2001-02-13 83360]
      NETGEAR WPN111 Smart Wizard.lnk - c:\program files\NETGEAR\WPN111 Configuration Utility\wpn111.exe [2006-03-06 491606]
      WiFi Station pour Livebox.lnk - c:\program files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe [2007-03-21 694272]

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{88485281-8b4b-4f8d-9ede-82e29a064277}"= "c:\progra~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "VIDC.MJPG"= pvmjpg21.dll
      "VIDC.HFYU"= huffyuv.dll
      "vidc.ffds"= c:\program files\ffdshow\ffdshow.ax
      "vidc.mpng"= c:\program files\t@b\[u]0/u.957\686\tabdec.dll
      "vidc.mvjp"= c:\program files\t@b\[u]0/u.957\686\tabdec.dll
      "vidc.444p"= c:\program files\t@b\[u]0/u.957\686\tabdec.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
      "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%ProgramFiles%\\AOL 9.0\\aol.exe"=
      "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
      "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\APPS\\Inventime\\my.exe"=
      "c:\\Program Files\\Messenger\\msmsgs.exe"=
      "c:\\Program Files\\eMule\\emule.exe"=
      "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "<NO NAME>"=
      "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
      "c:\\WINDOWS\\system32\\muzapp.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
      "AllowInboundEchoRequest"= 1 (0x1)

      R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-19 78416]
      R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
      R3 Cap713x;Cap713x Video Capture;c:\windows\system32\DRIVERS\Cap713x.sys [2004-10-08 751104]
      R3 usbscan;Pilote de scanneur USB;c:\windows\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
      R3 USBSTOR;Pilote de stockage de masse USB;c:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
      S3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;c:\windows\system32\Drivers\athwpn.sys [2004-10-14 43392]
      S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.SYS [2003-07-24 17149]
      S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;c:\windows\system32\DRIVERS\usb8023.sys [2004-08-05 12672]
      S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\DRIVERS\WPN111.sys [2005-01-07 286720]

      *Newly Created Service* - PROCEXP90
      .
      Contenu du dossier 'Tâches planifiées'

      2008-11-04 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files\Glary Utilities\initialize.exe [2008-04-09 12:22]

      2008-10-31 c:\windows\Tasks\Norton AntiVirus - Analyser mon ordinateur.job
      - c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2003-12-04 20:06]

      2008-11-04 c:\windows\Tasks\Symantec NetDetect.job
      - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2003-09-09 12:39]

      2008-11-03 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
      - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
      .
      - - - - ORPHELINS SUPPRIMES - - - -

      BHO-{A547EF18-2383-7C56-AE3E-78A296EC4FBE} - c:\windows\system32\kwnpso.dll
      HKCU-Run-OM_Monitor - c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe
      HKCU-Run-Acmw - c:\docume~1\pbell\APPLIC~1\RACLE~1\wuauboot.exe
      HKLM-Run-Workflow - d:\install\Workflow.exe
      HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe


      .
      ------- Examen supplémentaire -------
      .
      FireFox -: Profile - c:\documents and settings\pbell\Application Data\Mozilla\Firefox\Profiles\2xxdndj1.default\
      FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
      .

      **************************************************************************

      catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-11-04 11:16:20
      Windows 5.1.2600 Service Pack 2 NTFS

      Recherche de processus cachés ...

      Recherche d'éléments en démarrage automatique cachés ...

      Recherche de fichiers cachés ...

      Scan terminé avec succès
      Fichiers cachés: 0

      **************************************************************************

      [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MysqlInventime]
      "ImagePath"="c:\mysql\bin\mysqld-nt MysqlInventime"
      .
      Heure de fin: 2008-11-04 11:20:00
      ComboFix-quarantined-files.txt 2008-11-04 10:19:39

      Avant-CF: 9 826 013 184 octets libres
      Après-CF: 9,881,808,896 octets libres

      222 --- E O F --- 2008-11-03 23:12:02
      0
  3. Utilisateur anonyme
     
    Télécharge HijackThis (outils de dignostic) ici :

    -> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
    -> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
    -> ftp://ftp.commentcamarche.com/download/HJTInstall.exe

    -> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

    -> Clique sur Install ensuite sur I Accept

    -> Clique sur Do a scan system and save log file

    -> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
    0
    1. FéeClochette
       
      voici le rapport :

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 14:30:22, on 03/11/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16735)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
      C:\WINDOWS\system32\bgsvcgen.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\system32\slserv.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\WINDOWS\system32\wscntfy.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\WINDOWS\explorer.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiStationLB.exe
      C:\Program Files\?ppPatch\d?xplore.exe
      C:\DOCUME~1\pbell\APPLIC~1\RACLE~1\wuauboot.exe
      C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: testCPV6 - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Program Files\CPV\CPV7.dll (file missing)
      O2 - BHO: LabelCommand module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Documents and Settings\All Users\Application Data\services\services.dll (file missing)
      O2 - BHO: msvbcr40 module - {2756BAD7-2F9F-47ef-AE6D-8D39CCEB396F} - C:\WINDOWS\system32\msvbcr40.dll (file missing)
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
      O2 - BHO: (no name) - {66AC9868-59F6-012B-8C39-58C07152D6ED} - C:\WINDOWS\system32\fcoex.dll
      O2 - BHO: OIN Analytics - {6B221E01-F517-4959-8C41-81948E7F2F17} - C:\Program Files\OINAnalytics\OINAnalytics2.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
      O2 - BHO: (no name) - {A547EF18-2383-7C56-AE3E-78A296EC4FBE} - C:\WINDOWS\system32\kwnpso.dll (file missing)
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
      O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
      O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
      O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file)
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
      O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
      O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
      O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
      O4 - HKLM\..\Run: [Workflow] D:\install\Workflow.exe
      O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S88.tmp" /EF "HKLM"
      O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
      O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
      O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Acmw] "C:\DOCUME~1\pbell\APPLIC~1\RACLE~1\wuauboot.exe" -vt ndrv
      O4 - HKCU\..\Run: [Idfghfck] "C:\Program Files\?ppPatch\d?xplore.exe"
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office10\OSA.EXE
      O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
      O4 - Global Startup: WiFi Station pour Livebox.lnk = ?
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3d1edfddca9243c6a7524105ba1b1ab8
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3d1edfddca9243c6a7524105ba1b1ab8
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
      O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
      O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
      O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://dida.univ-tln.fr/qp2.cab
      O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
      O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/pbell/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
      O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - file:///C:/Documents%20and%20Settings/pbell/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/ddfotg.1.0.0.37.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - https://www.photobox.fr/?channel=1005
      O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
      O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://jeuxenligne.orange.fr/GameShell/online/fr/Diner_Dash/DinerDash.1.0.0.4.cab
      O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/pbell/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
      O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{4699A48C-7B72-42F0-84FE-F2DB63DE760E}: NameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\..\{CE42C708-BF61-4320-8C35-02739C906654}: NameServer = 192.168.1.1
      O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      O23 - Service: Winmutsavltf - Ralink Technology Inc. - C:\WINDOWS\system32\drivers\rt25u98.sys
      0
  4. Utilisateur anonyme
     
    commence par désinstaller proprement norton :

    pour désinstaller norton proprement telecharge cet outil

    http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20050414110429924?OpenDocument&seg=hm&lg=fr&ct=fr

    ensuite :

    Telecharge malwarebytes

    Tu l´instale; le programme va se mettre automatiquement a jour.

    Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

    Puis click sur "rechercher".

    Laisse le scanner le pc...

    Si des elements on ete trouvés > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "yes".

    A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

    Copie et colle le rapport stp.

    PS : les rapport sont aussi rangé dans l onglet rapport/log
    0
    1. FéeClochette
       
      voici le rapport après avoir supprimé les éléments trouvés :

      Malwarebytes' Anti-Malware 1.30
      Version de la base de données: 1358
      Windows 5.1.2600 Service Pack 2

      03/11/2008 20:00:27
      mbam-log-2008-11-03 (20-00-27).txt

      Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
      Eléments examinés: 161313
      Temps écoulé: 2 hour(s), 49 minute(s), 0 second(s)

      Processus mémoire infecté(s): 1
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 57
      Valeur(s) du Registre infectée(s): 8
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 24
      Fichier(s) infecté(s): 120

      Processus mémoire infecté(s):
      C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Unloaded process successfully.

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbarmenu button (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3b} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3c} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbartoggle button (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\labelcommand.labelcommand (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\labelcommand.labelcommand.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\msvbcr40.msvbcr40 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\msvbcr40.msvbcr40.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\oincs.oinanalytics (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\oincs.oinanalytics.1 (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\{f7fa36a4-3177-4b57-b9c1-e9c5b2e0d3a9} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Adware.ClickSpring) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oinanalytics (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\OINAnalytics.DLL (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\SoftLand Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\DELETED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\SAVED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\fcoex.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\bfgtoolbar.dll (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics\OINAnalytics2.dll (Adware.BHO) -> Quarantined and deleted successfully.
      C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Local Settings\Temp\NDR13.tmp (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Local Settings\Temp\!update.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Program Files\CPV\CPV7.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\nvcoi.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.MSNFix (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore\JavaCore.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore\UnInstall.MSNFix (Adware.Insider) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS\NoDNS.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151034.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151038.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\WINDOWS\b152.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\pbfrv2.dll (Adware.2020Search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\outerinfo.ico (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\Terms.rtf (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\toolbar.ini (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\uninstall.exe (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\bfgtoolbartb0402.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\bundle.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080822204032562.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080823143116843.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824174924109.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824183221156.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080826125027546.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS\UnInstall.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\mst.MSNFix (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\nvcoi.exe.lzma (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\CPV\CPV7.dll.lzma (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\WinTouch\wintouch.MSNFix (Adware.WinPop) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\a.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg274875 (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\dictionary.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ivillage.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thelagoon.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thereef.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\y.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      0
    2. FéeClochette
       
      voici le rapport après avoir supprimé les éléments trouvés :

      Malwarebytes' Anti-Malware 1.30
      Version de la base de données: 1358
      Windows 5.1.2600 Service Pack 2

      03/11/2008 20:00:27
      mbam-log-2008-11-03 (20-00-27).txt

      Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
      Eléments examinés: 161313
      Temps écoulé: 2 hour(s), 49 minute(s), 0 second(s)

      Processus mémoire infecté(s): 1
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 57
      Valeur(s) du Registre infectée(s): 8
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 24
      Fichier(s) infecté(s): 120

      Processus mémoire infecté(s):
      C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Unloaded process successfully.

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbarmenu button (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3b} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3c} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbartoggle button (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\labelcommand.labelcommand (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\labelcommand.labelcommand.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\msvbcr40.msvbcr40 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\msvbcr40.msvbcr40.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\oincs.oinanalytics (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\oincs.oinanalytics.1 (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\{f7fa36a4-3177-4b57-b9c1-e9c5b2e0d3a9} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Adware.ClickSpring) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oinanalytics (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\OINAnalytics.DLL (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\SoftLand Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\DELETED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\SAVED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\fcoex.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\bfgtoolbar.dll (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics\OINAnalytics2.dll (Adware.BHO) -> Quarantined and deleted successfully.
      C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Local Settings\Temp\NDR13.tmp (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Local Settings\Temp\!update.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Program Files\CPV\CPV7.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\nvcoi.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.MSNFix (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore\JavaCore.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore\UnInstall.MSNFix (Adware.Insider) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS\NoDNS.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151034.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151038.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\WINDOWS\b152.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\pbfrv2.dll (Adware.2020Search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\outerinfo.ico (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\Terms.rtf (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\toolbar.ini (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\uninstall.exe (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\bfgtoolbartb0402.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\bundle.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080822204032562.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080823143116843.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824174924109.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824183221156.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080826125027546.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS\UnInstall.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\mst.MSNFix (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\nvcoi.exe.lzma (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\CPV\CPV7.dll.lzma (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\WinTouch\wintouch.MSNFix (Adware.WinPop) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\a.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg274875 (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\dictionary.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ivillage.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thelagoon.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thereef.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\y.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      0
    3. FéeClochette
       
      voici le rapport après avoir supprimé les éléments trouvés (par contre j'ai toujours des fenêtres intempestives "avdertissement by outerinfo") :

      Malwarebytes' Anti-Malware 1.30
      Version de la base de données: 1358
      Windows 5.1.2600 Service Pack 2

      03/11/2008 20:00:27
      mbam-log-2008-11-03 (20-00-27).txt

      Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
      Eléments examinés: 161313
      Temps écoulé: 2 hour(s), 49 minute(s), 0 second(s)

      Processus mémoire infecté(s): 1
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 57
      Valeur(s) du Registre infectée(s): 8
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 24
      Fichier(s) infecté(s): 120

      Processus mémoire infecté(s):
      C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Unloaded process successfully.

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Trojan.BHO.H) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbarmenu button (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3b} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3c} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbartoggle button (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\labelcommand.labelcommand (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\labelcommand.labelcommand.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\msvbcr40.msvbcr40 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\msvbcr40.msvbcr40.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\oincs.oinanalytics (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\oincs.oinanalytics.1 (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\{f7fa36a4-3177-4b57-b9c1-e9c5b2e0d3a9} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{66ac9868-59f6-012b-8c39-58c07152d6ed} (Adware.ClickSpring) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oinanalytics (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\OINAnalytics.DLL (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\xInsiDERexe (Adware.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\SoftLand Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\DELETED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\SAVED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\fcoex.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\?racle\wuauboot.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\bfgtoolbar.dll (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics\OINAnalytics2.dll (Adware.BHO) -> Quarantined and deleted successfully.
      C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Local Settings\Temp\NDR13.tmp (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Local Settings\Temp\!update.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
      C:\Program Files\CPV\CPV7.MSNFix (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\nvcoi.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.MSNFix (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore\JavaCore.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
      C:\Program Files\JavaCore\UnInstall.MSNFix (Adware.Insider) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS\NoDNS.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151034.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP751\A0151038.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\WINDOWS\b152.MSNFix (Trojan.Insider) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\pbfrv2.dll (Adware.2020Search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\outerinfo.ico (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\Terms.rtf (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\toolbar.ini (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\uninstall.exe (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\bfgtoolbartb0402.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\bundle.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Program Files\bfgtoolbar\Cache\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080822204032562.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080823143116843.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824174924109.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080824183221156.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080826125027546.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\NoDNS\UnInstall.MSNFix (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\mst.MSNFix (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\nvcoi\nvcoi.exe.lzma (Trojan.Stars) -> Quarantined and deleted successfully.
      C:\Program Files\CPV\CPV7.dll.lzma (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Program Files\OINAnalytics\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\WinTouch\wintouch.MSNFix (Adware.WinPop) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\a.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg274875 (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\dictionary.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\ivillage.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thelagoon.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\thereef.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\pbell\Application Data\bfgtoolbar\y.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    réouvre malewarebyte
    va sur quarantaine
    supprime tout

    Fais un clic droit sur ce lien : (IL-MAFIOSO)
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le blocnote.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
    0
    1. FéeClochette
       
      voici de nouveau le rapport :

      Search Navipromo version 3.6.8 commencé le 03/11/2008 à 21:50:27,64

      !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
      !!! Postez ce rapport sur le forum pour le faire analyser !!!
      !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

      Outil exécuté depuis C:\Program Files\navilog1
      Session actuelle : "pbell"

      Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO


      Microsoft Windows XP [version 5.1.2600]
      Internet Explorer : 7.0.5730.13
      Système de fichiers : NTFS

      Recherche executé en mode normal

      *** Recherche Programmes installés ***


      *** Recherche dossiers dans "C:\WINDOWS" ***


      *** Recherche dossiers dans "C:\Program Files" ***


      *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


      *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


      *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


      *** Recherche dossiers dans "C:\Documents and Settings\pbell\applic~1" ***


      *** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***


      *** Recherche dossiers dans "C:\Documents and Settings\pbell\locals~1\applic~1" ***


      *** Recherche dossiers dans "C:\Documents and Settings\pbell\menudm~1\progra~1" ***


      *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
      pour + d'infos : http://www.gmer.net



      *** Recherche avec GenericNaviSearch ***
      !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
      !!! A vérifier impérativement avant toute suppression manuelle !!!

      * Recherche dans "C:\WINDOWS\system32" *

      * Recherche dans "C:\Documents and Settings\pbell\locals~1\applic~1" *



      *** Recherche fichiers ***



      *** Recherche clés spécifiques dans le Registre ***


      *** Module de Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Recherche nouveaux fichiers Instant Access :


      2)Recherche Heuristique :

      * Dans "C:\WINDOWS\system32" :


      * Dans "C:\Documents and Settings\pbell\locals~1\applic~1" :


      3)Recherche Certificats :

      Certificat Egroup absent !
      Certificat Electronic-Group absent !
      Certificat Montorgueil absent !
      Certificat OOO-Favorit absent !
      Certificat Sunny-Day-Design-Ltd absent !

      4)Recherche fichiers connus :



      *** Analyse terminée le 03/11/2008 à 22:03:33,07 ***
      0
  7. Utilisateur anonyme
     
    Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    * Lance l'installation du programme en exécutant le fichier téléchargé.
    * Double-clique maintenant sur le raccourci de Toolbar-S&D.
    * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
    * Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
    * Poste le rapport généré. (C:\TB.txt)
    0
    1. FéeClochette
       
      Comment se fait-il que la procédure soit aussi longue? Tout ceci ne sert-il qu'à supprimer le virus?
      0
  8. Utilisateur anonyme
     
    14 post c pas beaucoup

    ton pc presentait plusieures infections donc plusieures outils sont necessaire
    0
  9. FéeClochette
     
    Ok ok, voici le nouveau rapport :

    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.80GHz )
    BIOS : Award Medallion BIOS v6.00PG
    USER : pbell ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton AntiVirus 2004 (Not Activated)
    Firewall : Norton Internet Security 2004 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:181 Go (Free:9 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)
    K:\ (USB)
    L:\ (USB)
    M:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [1] ( 04/11/2008|19:54 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\pbell\Cookies\pbell@bananalotto[2].txt
    C:\DOCUME~1\pbell\Cookies\pbell@www.bananalotto[2].txt
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-21-13-08-10
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-21-13-08-10.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-13-11-51
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-13-11-51.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-18-33-52
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-18-33-52.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-19-17-24-14
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-19-17-24-14.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-20-18-21-11
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-20-18-21-11.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-26-18-29-51
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-26-18-29-51.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-07-18-35-18
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-07-18-35-18.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-10-18-15-29
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-10-18-15-29.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\Azada16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\caribbean_hideaway16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cradle_of_persia16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cradle_rome16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\death_nile16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deep_quest16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dr_daisy_pet_vet16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\family_restaurant16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\farm_frenzy16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\fashion_craze16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\kids.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\pirate_poker16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\pirate_stories_kit_ellis16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\seasonmatch16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\solitaire_cruise16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\supercow16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\Turbo_Subs16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
    C:\Program Files\GamesBar
    C:\Program Files\GamesBar\Localization-French.ini
    C:\Program Files\GamesBar\OBGet.exe
    C:\Program Files\GamesBar\uninst.exe
    C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\GamesBar

    -----------\\ Extensions

    (pbell) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
    "Start Page"="https://www.orange.fr/portail"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    1 - "C:\ToolBar SD\TB_1.txt" - 04/11/2008|19:57 - Option : [1]

    -----------\\ Fin du rapport a 19:57:07,50
    0
  10. Utilisateur anonyme
     
    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    ! Ne ferme pas la fenêtre lors de la suppression !
    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.
    0
    1. FéeClochette
       
      voici le rapport :


      -----------\\ ToolBar S&D 1.2.4 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
      X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.80GHz )
      BIOS : Award Medallion BIOS v6.00PG
      USER : pbell ( Administrator )
      BOOT : Normal boot
      Antivirus : Norton AntiVirus 2004 (Not Activated)
      Firewall : Norton Internet Security 2004 (Not Activated)
      C:\ (Local Disk) - NTFS - Total:181 Go (Free:9 Go)
      D:\ (CD or DVD)
      E:\ (CD or DVD)
      F:\ (USB)
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)
      K:\ (USB)
      L:\ (USB)
      M:\ (USB)

      "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
      Option : [2] ( 04/11/2008|20:10 )

      -----------\\ SUPPRESSION

      Supprime! - C:\DOCUME~1\pbell\Cookies\pbell@bananalotto[2].txt
      Supprime! - C:\DOCUME~1\pbell\Cookies\pbell@www.bananalotto[2].txt
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-21-13-08-10
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\07-12-21-13-08-10.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-13-11-51
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-13-11-51.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-18-33-52
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-02-08-18-33-52.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-19-17-24-14
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-19-17-24-14.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-20-18-21-11
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-20-18-21-11.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-26-18-29-51
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-26-18-29-51.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-07-18-35-18
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-07-18-35-18.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-10-18-15-29
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-04-10-18-15-29.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\Azada16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\caribbean_hideaway16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cradle_of_persia16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cradle_rome16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\death_nile16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deep_quest16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dr_daisy_pet_vet16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\family_restaurant16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\farm_frenzy16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\fashion_craze16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\kids.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\pirate_poker16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\pirate_stories_kit_ellis16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\seasonmatch16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\solitaire_cruise16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\supercow16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\Turbo_Subs16x16.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
      Supprime! - C:\Program Files\GamesBar\Localization-French.ini
      Supprime! - C:\Program Files\GamesBar\OBGet.exe
      Supprime! - C:\Program Files\GamesBar\uninst.exe
      Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\GamesBar
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
      Supprime! - C:\Program Files\GamesBar

      -----------\\ Recherche de Fichiers / Dossiers ...


      -----------\\ Extensions

      (pbell) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
      "Start Page"="https://www.orange.fr/portail"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Start Page"="https://www.msn.com/fr-fr/"


      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      1 - "C:\ToolBar SD\TB_1.txt" - 04/11/2008|19:57 - Option : [1]
      2 - "C:\ToolBar SD\TB_2.txt" - 04/11/2008|20:13 - Option : [2]

      -----------\\ Fin du rapport a 20:13:44,20
      0
    2. FéeClochette
       
      qu'est-ce qui a pu m'apporter ces virus (de façon à ce que je n'en ai plus à l'avenir...), le téléchargement de jeux sur oranger ou fish games peut-il être proteur de virus?
      0
      1. bobo > FéeClochette
         
        Voici mon rapport
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\csrss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\Ati2evxx.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\Ati2evxx.exe
        C:\WINDOWS\system32\userinit.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        C:\Program Files\Alwil Software\Avast4\ashServ.exe
        C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
        C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
        C:\Program Files\CyberLink\Shared Files\RichVideo.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\wdfmgr.exe
        C:\Program Files\Inventel\Gateway\wlancfg.exe
        C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\1.tmp\b2e.exe
        C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        C:\WINDOWS\AGRSMMSG.exe
        C:\Program Files\Apoint2K\Apoint.exe
        C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
        C:\WINDOWS\system32\wbem\wmiprvse.exe
        C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
        C:\WINDOWS\System32\alg.exe
        C:\WINDOWS\system32\ZoomingHook.exe
        C:\WINDOWS\system32\TCtrlIOHook.exe
        C:\WINDOWS\system32\TPSMain.exe
        C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
        C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
        C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
        C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
        C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
        C:\WINDOWS\system32\dla\tfswctrl.exe
        C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
        C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
        C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
        C:\WINDOWS\system32\wbem\wmiprvse.exe
        C:\WINDOWS\System32\WScript.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
        C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
        C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        C:\Program Files\Apoint2K\Apntex.exe
        C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
        C:\WINDOWS\system32\TPSBattM.exe

        --------------- [ Informations lecteurs ] ----------------

        C: - Lecteur fixe

        E: - Lecteur amovible

        F: - Lecteur fixe


        +- Contenu de l'autorun : C:\autorun.inf

        [autorun]
        shellexecute=wscript.exe MS32DLL.dll.vbs
        +- Contenu de l'autorun : E:\autorun.inf

        [autorun]
        shellexecute=wscript.exe MS32DLL.dll.vbs
        +- Contenu de l'autorun : F:\autorun.inf

        [autorun]
        shellexecute=wscript.exe MS32DLL.dll.vbs
        --------------- [ Registre / Startup ] ----------------


        ! REG.EXE VERSION 3.0

        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
        AGRSMMSG REG_SZ AGRSMMSG.exe
        Apoint REG_SZ C:\Program Files\Apoint2K\Apoint.exe
        CeEKEY REG_SZ C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
        <SANS NOM> REG_SZ
        TPNF REG_SZ C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
        HWSetup REG_SZ C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
        SVPWUTIL REG_SZ C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
        Zooming REG_SZ ZoomingHook.exe
        TCtryIOHook REG_SZ TCtrlIOHook.exe
        TPSMain REG_SZ TPSMain.exe
        SmoothView REG_SZ C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
        TFncKy REG_SZ TFncKy.exe
        PadTouch REG_SZ C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
        Tvs REG_SZ C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
        NDSTray.exe REG_SZ NDSTray.exe
        dla REG_SZ C:\WINDOWS\system32\dla\tfswctrl.exe
        ATIPTA REG_SZ "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
        CFSServ.exe REG_SZ CFSServ.exe -NoClient
        avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        EverioService REG_SZ "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"

        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

        ! REG.EXE VERSION 3.0

        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
        CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
        TOSCDSPD REG_SZ C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
        WOOKIT REG_SZ C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
        swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

        --------------- [ Registre / Mountpoint2 ] ----------------

        Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27cd580c-2f76-11dc-a383-0013ceadbe83}\Shell\AutoRun\command
        Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a567c34-9575-11dd-a69f-0013ceadbe83}\Shell\AutoRun\command
        Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d38b6c8-00db-11dd-a53b-0013ceadbe83}\Shell\AutoRun\command
        Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a64db73e-7080-11dd-a61d-0013ceadbe83}\Shell\AutoRun\command
        Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c14705ef-a03a-11dd-a6c4-0013ceadbe83}\Shell\AutoRun\command
        Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c701822d-2be7-11dd-a5a6-0013ceadbe83}\Shell\AutoRun\command
        Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e26d754f-6d36-11dd-a60d-0013ceadbe83}\Shell\AutoRun\command

        --------------- [ Nettoyage des disques ] ----------------

        Supprimé ! - [04/11/2008 21:34] C:\WINDOWS\MS32DLL.dll.vbs
        Supprimé ! - [04/11/2008 21:34] C:\autorun.inf
        Supprimé ! - [04/11/2008 21:34] C:\MS32DLL.dll.vbs
        Supprimé ! - [04/11/2008 21:34] E:\autorun.inf
        Supprimé ! - [04/11/2008 21:34] E:\MS32DLL.dll.vbs
        Supprimé ! - [04/11/2008 21:34] F:\autorun.inf
        Supprimé ! - [04/11/2008 21:34] F:\MS32DLL.dll.vbs

        --------------- [ Listing des fichiers présents ] ----------------

        -> /!\ Le resultat doit etre interprété par un spécialiste /!\

        [16/09/2005 07:37][--a------] C:\AUTOEXEC.BAT
        [05/08/2004 11:00][-rahs----] C:\NTDETECT.COM
        [02/03/2006 10:19][-rahs----] C:\boot.ini

        --------------- ! Fin du rapport ! ----------------
        0
    3. FéeClochette
       
      Vous ne m'avez pas répondu, je vous renvoie donc je dernier rapport que vous m'aviez demandé :

      Voici mon rapport
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\userinit.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\wdfmgr.exe
      C:\Program Files\Inventel\Gateway\wlancfg.exe
      C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\1.tmp\b2e.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Apoint2K\Apoint.exe
      C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\system32\ZoomingHook.exe
      C:\WINDOWS\system32\TCtrlIOHook.exe
      C:\WINDOWS\system32\TPSMain.exe
      C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
      C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
      C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
      C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
      C:\WINDOWS\system32\dla\tfswctrl.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\WINDOWS\System32\WScript.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
      C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
      C:\WINDOWS\system32\TPSBattM.exe

      --------------- [ Informations lecteurs ] ----------------

      C: - Lecteur fixe

      E: - Lecteur amovible

      F: - Lecteur fixe


      +- Contenu de l'autorun : C:\autorun.inf

      [autorun]
      shellexecute=wscript.exe MS32DLL.dll.vbs
      +- Contenu de l'autorun : E:\autorun.inf

      [autorun]
      shellexecute=wscript.exe MS32DLL.dll.vbs
      +- Contenu de l'autorun : F:\autorun.inf

      [autorun]
      shellexecute=wscript.exe MS32DLL.dll.vbs
      --------------- [ Registre / Startup ] ----------------


      ! REG.EXE VERSION 3.0

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion­\Run
      AGRSMMSG REG_SZ AGRSMMSG.exe
      Apoint REG_SZ C:\Program Files\Apoint2K\Apoint.exe
      CeEKEY REG_SZ C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      <SANS NOM> REG_SZ
      TPNF REG_SZ C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      HWSetup REG_SZ C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
      SVPWUTIL REG_SZ C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
      Zooming REG_SZ ZoomingHook.exe
      TCtryIOHook REG_SZ TCtrlIOHook.exe
      TPSMain REG_SZ TPSMain.exe
      SmoothView REG_SZ C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
      TFncKy REG_SZ TFncKy.exe
      PadTouch REG_SZ C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
      Tvs REG_SZ C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
      NDSTray.exe REG_SZ NDSTray.exe
      dla REG_SZ C:\WINDOWS\system32\dla\tfswctrl.exe
      ATIPTA REG_SZ "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
      CFSServ.exe REG_SZ CFSServ.exe -NoClient
      avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      EverioService REG_SZ "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

      ! REG.EXE VERSION 3.0

      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
      CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
      TOSCDSPD REG_SZ C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      WOOKIT REG_SZ C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
      swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

      --------------- [ Registre / Mountpoint2 ] ----------------

      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27cd580c-2f76-11dc-a383-0013ceadbe83}\Shell\AutoRun\command
      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a567c34-9575-11dd-a69f-0013ceadbe83}\Shell\AutoRun\command
      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d38b6c8-00db-11dd-a53b-0013ceadbe83}\Shell\AutoRun\command
      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a64db73e-7080-11dd-a61d-0013ceadbe83}\Shell\AutoRun\command
      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c14705ef-a03a-11dd-a6c4-0013ceadbe83}\Shell\AutoRun\command
      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c701822d-2be7-11dd-a5a6-0013ceadbe83}\Shell\AutoRun\command
      Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e26d754f-6d36-11dd-a60d-0013ceadbe83}\Shell\AutoRun\command

      --------------- [ Nettoyage des disques ] ----------------

      Supprimé ! - [04/11/2008 21:34] C:\WINDOWS\MS32DLL.dll.vbs
      Supprimé ! - [04/11/2008 21:34] C:\autorun.inf
      Supprimé ! - [04/11/2008 21:34] C:\MS32DLL.dll.vbs
      Supprimé ! - [04/11/2008 21:34] E:\autorun.inf
      Supprimé ! - [04/11/2008 21:34] E:\MS32DLL.dll.vbs
      Supprimé ! - [04/11/2008 21:34] F:\autorun.inf
      Supprimé ! - [04/11/2008 21:34] F:\MS32DLL.dll.vbs

      --------------- [ Listing des fichiers présents ] ----------------

      -> /!\ Le resultat doit etre interprété par un spécialiste /!\

      [16/09/2005 07:37][--a------] C:\AUTOEXEC.BAT
      [05/08/2004 11:00][-rahs----] C:\NTDETECT.COM
      [02/03/2006 10:19][-rahs----] C:\boot.ini

      --------------- ! Fin du rapport ! ----------------
      0