Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

infecté par trojans

 

LOGICIELS : lemarin SECURITE : Thalie21 LOISIRS : bileg ARCHIVE L'ORDINATEUR INDIVIDUEL : muna2a et 167 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

infecté par trojans

Prévenir les modérateurs en cas d'abus 
dedebanzai
dedebanzai
  1. Posté le 04/12/2009 à 18:28:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour voilà je pense que mon ordi est infecté par plusieurs trojans , j'ai pleins de publicités qui apparaissent à chaque fois que je vais sur internet explorer, j'ai essayé de m'en débarasser avec avast, a squared, spybot, malwarebytes anti malware... à chaque fois j les mettais en quarantaine mais ils continuent à revenir, mon ordi est vraiment lent. Est ce qu'il y aurait qqn qui pourrait m'aider? Ca serait vraiment gentil ;)

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 04/12/2009 à 19:06:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Télécharge Genproc. Double-clique sur GenProc.exe et poste le contenu du rapport qui s’ affiche.

(Publicité)
dedebanzai
  1. Posté le 04/12/2009 à 20:02:06  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci de la réponse si rapide! Est ce que c'est normal qu'après plus de 30 minutes il n'y a toujours pas de rapport qui s'affiche? Ca reste bloqué sur 'veuillez patienter pendant que GenProc teste diverses infections ...' :??:

dedebanzai
  1. Posté le 04/12/2009 à 22:29:23  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
apport GenProc 2.655 [2] - 04/12/2009 à 21:15:03
 @ Windows XP Service Pack 2 - Mode normal
 @ Google Chrome Service Pack 2 [Navigateur par défaut]

 GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :


 Poste un rapport Nod32 http://www.eset-nod32.fr/scanner.html (il faut utiliser Internet Explorer)
 - coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :  
 C:\Program Files\EsetOnlineScanner\log.tx​t



 ~~~~ INFORMATION COMPLEMENTAIRE ~~~~

 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2009-12-04 21:15:12
 Windows 5.1.2600 Service Pack 2 NTAPI

 scanning hidden services ...

 scanning hidden autostart entries ...

 scan completed successfully
 hidden services: 0

 
 Rapport de ZHPDiag v1.24.35 par Nicolas Coolman
 Run by delphine at 04/12/2009 21:16:35
 Web site :  http://www.premiumorange.com/z [...] pdiag.html
 Platform : Microsoft Windows XP (5.1.2600) Service Pack 2
 MSIE: Internet Explorer v7.0.5730.11
 MFIE: Mozilla Firefox (3.1b2)

 Boot mode: Normal (Normal boot)
 Total RAM: 1022 MB (34% free)
 System drive C: has 24 GB (45%) free of 54 GB

 ---\\
 C:\Windows\RUNXMLPL.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Program Files\Realtek\InstallShield\Az​MixerSel.exe
 C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
 C:\WINDOWS\system32\IME\PINTLG​NT\ImScInst.exe
 C:\Program Files\Acer\Acer Arcade\PCMService.exe
 C:\Program Files\Launch Manager\LaunchAp.exe
 C:\Program Files\Launch Manager\HotkeyApp.exe
 C:\Program Files\Launch Manager\CtrlVol.exe
 C:\Program Files\Launch Manager\OSDCtrl.exe
 C:\Program Files\Launch Manager\Wbutton.exe
 C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 C:\Acer\Empowering Technology\ePower\ePower_DMC.e​xe
 C:\Acer\Empowering Technology\ePower\Boot.exe
 C:\Acer\Empowering Technology\ePresentation\ePres​entation.exe
 C:\Acer\Empowering Technology\eRecovery\eRAgent.e​xe
 C:\WINDOWS\system32\LVCOMSX.EX​E
 C:\Program Files\Acer\OrbiCam\CameraAssis​tant.exe
 C:\Program Files\Acer\OrbiCam\InstallHelp​er.exe
 C:\WINDOWS\system32\ElkCtrl.ex​e
 C:\WINDOWS\system32\ImageItEnc​rypt.exe
 C:\Program Files\Fichiers communs\Real\Update_OB\realsch​ed.exe
 C:\Program Files\QuickTime\qttask.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\a-squared Anti-Malware\a2guard.exe
 C:\PROGRA~1\ALWILS~1\Avast4\as​hDisp.exe
 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.​exe
 C:\Program Files\Skype\Phone\Skype.exe
 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 C:\Program Files\a-squared Anti-Malware\a2service.exe
 C:\Program Files\a-squared Free\a2service.exe
 C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Alwil Software\Avast4\ashServ.exe
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
 C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\C​LMLServer.exe
 C:\WINDOWS\system32\services.e​xe
 C:\Program Files\Intel\Wireless\Bin\EvtEn​g.exe
 C:\WINDOWS\system32\fxssvc.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\WINDOWS\system32\oodag.exe
 C:\Program Files\Raxco\PerfectDisk\PDAgen​t.exe
 C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe
 C:\WINDOWS\system32\lsass.exe
 C:\Documents and Settings\All Users\Application Data\QuestService\questservice​127.exe
 C:\Program Files\Intel\Wireless\Bin\RegSr​vc.exe
 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 C:\Program Files\Intel\Wireless\Bin\S24Ev​Mon.exe
 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
 C:\WINDOWS\system32\spoolsv.ex​e

 ---\\
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.msn.com/

 ---\\
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://www.google.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t = http://www.google.com/ie
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t = http://ie.search.msn.com/{SUB_ [...] chasst.htm
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local

 ---\\
 R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04​FD64497} - C:\WINDOWS\system32\ieframe.dl​l
 R3 - URLSearchHook: Microsoft Url Search Hook - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (not file)

 ---\\
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelpe​r.ocx
 O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF​2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn​.dll
 O2 - BHO: (no name) - {2C36E371-080B-4AC1-9D22-91D1C​84677C8} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn​.dll
 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\Program Files\Real\RealPlayer\rpbrowse​rrecordplugin.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.4.4525.1752\swg.dll
 O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02​E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B​7C5AC242193BB3E.dll
 O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A4​7F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll

 ---\\
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\WINDOWS\system32\eDStoolbar​.dll
 O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF​26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\Veoh​Toolbar.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

 ---\\
 O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
 O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\Az​MixerSel.exe
 O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
 O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
 O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG​.EXE" /Spoil /RemAdvDef /Migration32
 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLG​NT\ImScInst.exe /SYNC
 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE /SYNC
 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE /IMEName
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [PCMService] C:\Program Files\Acer\Acer Arcade\PCMService.exe
 O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
 O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
 O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
 O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
 O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe 1
 O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.e​xe
 O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
 O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePres​entation.exe
 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.e​xe
 O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EX​E
 O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssis​tant.exe
 O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelp​er.exe /inspect
 O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.ex​e /automation
 O4 - HKLM\..\Run: [ImageItEncrypt] C:\WINDOWS\system32\ImageItEnc​rypt.exe
 O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsch​ed.exe"  -osboot
 O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.ex​e
 O4 - HKLM\..\Run: [a-squared] C:\Program Files\a-squared Anti-Malware\a2guard.exe
 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\as​hDisp.exe
 O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.​exe AcRdB7_0_9
 O4 - HKCU\..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [Veoh] C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
 O4 - Global Startup: Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 O4 - Global Startup: Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Launcher.exe
 O4 - Global Startup: Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

 ---\\
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPho​tos.scr/200
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000

 ---\\
 O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll,201
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFBARH.ICO
 O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-​61144 - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\MSMSGS.EXE,302

 ---\\
 O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dl​l
 O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
 O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dl​l
 O10 - WLSP:\000000000004\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll

 ---\\
 O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - file://C:\WINDOWS\Java\classes​\xmldso.cab
 O16 - DPF: {0CCA191D-13A6-4E29-B746-314DE​E697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/con [...] oader5.cab
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/ [...] ontrol.cab
 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD8​4642501} (Checkers Class) - http://messenger.zone.msn.com/ [...] b56986.cab
 O16 - DPF: {233C1507-6A77-46A4-9443-F871F​945D258} (Shockwave ActiveX Control) - http://download.macromedia.com [...] tor/sw.cab
 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4​f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelpe​r.dll
 O16 - DPF: {48DD0448-9209-4F81-9F6D-D8356​2940134} (MySpace Uploader Control) - http://lads.myspace.com/upload [...] er1006.cab
 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05C​B959537} (MSN Photo Upload Tool) - http://by103w.bay103.mail.live [...] nPUpld.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5F8469B4-B055-49DD-83F7-62B52​2420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/con [...] loader.cab
 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F2​1721616} (DivXBrowserPlugin Object) - http://download.divx.com/playe [...] Plugin.cab
 O16 - DPF: {6A344D34-5231-452A-8A57-D064A​C9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE​305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/con [...] ader55.cab
 O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829D​C0B603C} () - http://fpdownload.macromedia.c [...] rashim.cab
 O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D30​4EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/ass [...] 1105101619
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DB​AF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w [...] NPUpld.cab
 O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E2​07A39E6} (McFreeScan Class) - http://download.mcafee.com/mol [...] cfscan.cab

 ---\\
 O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0​059ce02} - C:\WINDOWS\system32\urlmon.dll
 O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04​FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL
 O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D​7D937CC} - C:\WINDOWS\system32\msvidctl.d​ll
 O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa0​04ba90b} - C:\WINDOWS\system32\urlmon.dll
 O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305​202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\​MSGRAP~1.DLL
 O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04​FD85AB4} - C:\Windows\system32\inetcomm.d​ll
 O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04​f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
 O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F​8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
 O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305​202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\​MSGRAP~1.DLL
 O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-00500​48385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\​WEBCOM~1\10\OWC10.DLL
 O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKY​PE4~1.DLL
 O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-00600​8059382} - C:\Windows\system32\mshtml.dll
 O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04​FBBDE6E} - C:\WINDOWS\system32\msvidctl.d​ll
 O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853​AC8BECE} - C:\WINDOWS\system32\wiascr.dll
 O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
 O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA0​0B92AF1} - C:\WINDOWS\system32\urlmon.dll
 O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C​90312E1} - C:\Windows\system32\SHELL32.dl​l
 O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D​022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\​OFFICE12\MSOXMLMF.DLL

 ---\\
 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\System32\igfxdev.dl​l
 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.d​ll

 O20 - AppInit_DLLs: xvbrjj.dll

 ---\\
 O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a30​09f31a9} - %SystemRoot%\system32\SHELL32.​dll
 O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6​c4515e9} - %SystemRoot%\system32\SHELL32.​dll
 O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - C:\WINDOWS\system32\webcheck.d​ll
 O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E22​0524153} - C:\WINDOWS\system32\stobject.d​ll
 O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D52​4869DB5} - C:\WINDOWS\system32\WPDShServi​ceObj.dll

 ---\\
 O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - %SystemRoot%\system32\browseui​.dll

 ---\\
 O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - C:\Program Files\a-squared Anti-Malware\a2service.exe
 O23 - Service: a-squared Free Service (a2free) - C:\Program Files\a-squared Free\a2service.exe
 O23 - Service: Memory Check Service (AcerMemUsageCheckService) - C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
 O23 - Service: avast! Antivirus (avast! Antivirus) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
 O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
 O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
 O23 - Service: CyberLink Media Library Service (CyberLink Media Library Service) - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\C​LMLServer.exe
 O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - C:\Program Files\Intel\Wireless\Bin\EvtEn​g.exe
 O23 - Service: Fax (Fax) - C:\WINDOWS\system32\fxssvc.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs​\jqs.conf
 O23 - Service: Logitech Process Monitor (LVPrcSrv) - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: O&O Defrag (O&O Defrag) - C:\WINDOWS\system32\oodag.exe
 O23 - Service: PDAgent (PDAgent) - C:\Program Files\Raxco\PerfectDisk\PDAgen​t.exe
 O23 - Service: Planificateur LiveUpdate automatique (Planificateur LiveUpdate automatique) - C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe
 O23 - Service: QuestService Service (QuestService Service) - C:\Documents and Settings\All Users\Application Data\QuestService\questservice​127.exe" "C:\Program Files\QuestService\questservic​e.dll" Service
 O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - C:\Program Files\Intel\Wireless\Bin\RegSr​vc.exe
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - C:\Program Files\Intel\Wireless\Bin\S24Ev​Mon.exe
 O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
 O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.ex​e

 ---\\
 O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/delph​ine/LOCALS~1/Temp/msohtml1/01/​clip_image002.jpg
 O24 - Desktop Component 2: PC-Aquarium Deluxe - file:7db39a0d-580f-4be9-9195-8​bfcd226f6c2

 ---\\
 O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftware​Update.job

 ---\\
 O41 - Driver: AFD (AFD) - C:\WINDOWS\System32\drivers\af​d.sys
 O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\system32\DRIVERS\cd​rom.sys
 O41 - Driver: Symantec Eraser Control driver (eeCtrl) - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys
 O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8​042prt.sys
 O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\im​api.sys
 O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\in​telppm.sys
 O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ip​sec.sys
 O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\system32\DRIVERS\kb​dclass.sys
 O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\system32\DRIVERS\mo​uclass.sys
 O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mr​xsmb.sys
 O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\ne​tbios.sys
 O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\ne​tbt.sys
 O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\pr​ocessr.sys
 O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\ra​sacd.sys
 O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rd​bss.sys
 O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RD​PCDD.sys
 O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\re​dbook.sys
 O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tc​pip.sys
 O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\te​rmdd.sys
 O41 - Driver: (no object) (VgaSave) - C:\WINDOWS\System32\drivers\vg​a.sys
 O41 - Driver: (no object) (Wbutton) - C:\WINDOWS\system32\drivers\Wb​utton.sys
 O41 - Driver: Interface de gestion Microsoft Windows pour ACPI (WmiAcpi) - C:\WINDOWS\system32\DRIVERS\wm​iacpi.sys

 ---\\
 O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1)
 O42 - Logiciel: Acer Arcade
 O42 - Logiciel: Acer Empowering Technology
 O42 - Logiciel: Acer GridVista
 O42 - Logiciel: Acer Screensaver
 O42 - Logiciel: Acer eDataSecurity Management
 O42 - Logiciel: Acer eDataSecurity Management 2.0.3076
 O42 - Logiciel: Acer eNet Management
 O42 - Logiciel: Acer ePerformance Management
 O42 - Logiciel: Acer ePower Management
 O42 - Logiciel: Acer ePresentation Management
 O42 - Logiciel: Acer eSettings Management
 O42 - Logiciel: Adobe Acrobat 5.0
 O42 - Logiciel: Adobe Flash Player 10 ActiveX
 O42 - Logiciel: Adobe Flash Player 10 Plugin
 O42 - Logiciel: Adobe Reader 7.0
 O42 - Logiciel: Adobe Shockwave Player 11
 O42 - Logiciel: Agere Systems HDA Modem
 O42 - Logiciel: AlauxSoft Comptes et Budget Free V5.0
 O42 - Logiciel: Apple Mobile Device Support
 O42 - Logiciel: Apple Software Update
 O42 - Logiciel: ArcSoft Camera Suite
 O42 - Logiciel: ArcSoft TotalMedia 2
 O42 - Logiciel: Assistant de connexion Windows Live
 O42 - Logiciel: AviSynth 2.5
 O42 - Logiciel: Bonjour
 O42 - Logiciel: CCleaner (remove only)
 O42 - Logiciel: Canon PhotoRecord
 O42 - Logiciel: Canon PowerShot A40 WIA Driver
 O42 - Logiciel: Canon Utilities PhotoStitch 3.1
 O42 - Logiciel: Canon Utilities RAW Image Converter
 O42 - Logiciel: Canon Utilities RemoteCapture 2.2
 O42 - Logiciel: Canon Utilities ZoomBrowser EX
 O42 - Logiciel: DivX Codec
 O42 - Logiciel: DivX Converter
 O42 - Logiciel: DivX Player
 O42 - Logiciel: DivX Web Player
 O42 - Logiciel: Galerie de photos Windows Live
 O42 - Logiciel: Google Toolbar for Internet Explorer
 O42 - Logiciel: HP LaserJet P1000 series
 O42 - Logiciel: HPSSupply
 O42 - Logiciel: High Definition Audio Driver Package - KB888111
 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
 O42 - Logiciel: Hotfix for Windows XP (KB915865)
 O42 - Logiciel: Hotfix for Windows XP (KB926239)
 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5)
 O42 - Logiciel: Installation Windows Live
 O42 - Logiciel: J2SE Runtime Environment 5.0 Update 7
 O42 - Logiciel: Java(TM) 6 Update 15
 O42 - Logiciel: Java(TM) 6 Update 5
 O42 - Logiciel: Java(TM) 6 Update 7
 O42 - Logiciel: Junk Mail filter update
 O42 - Logiciel: K-Lite Mega Codec Pack 4.6.2
 O42 - Logiciel: Launch Manager V1.1.0.3
 O42 - Logiciel: Lecteur Windows Media 11
 O42 - Logiciel: Logiciel Acer OrbiCam
 O42 - Logiciel: Logiciel Intel(R) PROSet/Wireless
 O42 - Logiciel: MSN
 O42 - Logiciel: MSVCRT
 O42 - Logiciel: MSXML 4.0 SP2 (KB927978)
 O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
 O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
 O42 - Logiciel: MSXML 4.0 SP2 (KB973688)
 O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686)
 O42 - Logiciel: Malwarebytes' Anti-Malware
 O42 - Logiciel: Messenger Plus! Live
 O42 - Logiciel: Microsoft .NET Framework 1.1
 O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297)
 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2
 O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2
 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
 O42 - Logiciel: Microsoft Choice Guard
 O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
 O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
 O42 - Logiciel: Microsoft National Language Support Downlevel APIs
 O42 - Logiciel: Microsoft Office Access MUI (French) 2007
 O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
 O42 - Logiciel: Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
 O42 - Logiciel: Microsoft Office Live Add-in 1.3
 O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007
 O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
 O42 - Logiciel: Microsoft Office Professional 2007
 O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
 O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
 O42 - Logiciel: Microsoft Office Proof (English) 2007
 O42 - Logiciel: Microsoft Office Proof (French) 2007
 O42 - Logiciel: Microsoft Office Proof (German) 2007
 O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
 O42 - Logiciel: Microsoft Office Proofing (French) 2007
 O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007
 O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
 O42 - Logiciel: Microsoft Office Word MUI (French) 2007
 O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
 O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
 O42 - Logiciel: Microsoft Search Enhancement Pack
 O42 - Logiciel: Microsoft Silverlight
 O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
 O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
 O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
 O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
 O42 - Logiciel: Microsoft Works
 O42 - Logiciel: Mozilla Firefox (3.1b2)
 O42 - Logiciel: MrvlUsgTracking
 O42 - Logiciel: NTI Backup NOW! 4.5
 O42 - Logiciel: NTI CD & DVD-Maker
 O42 - Logiciel: NVIDIA Drivers
 O42 - Logiciel: O&O Defrag Professional Edition
 O42 - Logiciel: Outil de téléchargement Windows Live
 O42 - Logiciel: PerfectDisk
 O42 - Logiciel: Picasa 3
 O42 - Logiciel: PowerProducer
 O42 - Logiciel: Programme de gestion Acer OrbiCam
 O42 - Logiciel: QuestService 1.0 build 127
 O42 - Logiciel: QuickTime
 O42 - Logiciel: RealPlayer
 O42 - Logiciel: Realtek High Definition Audio Driver
 O42 - Logiciel: RelevantKnowledge
 O42 - Logiciel: Safari
 O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550)
 O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944)
 O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559)
 O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB973704)
 O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB973593)
 O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363)
 O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
 O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB969693)
 O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
 O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604)
 O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581)
 O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613)
 O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234)
 O42 - Logiciel: Segoe UI
 O42 - Logiciel: Skype™ 3.8
 O42 - Logiciel: Sony Noise Reduction Plug-In 2.0h
 O42 - Logiciel: Spybot - Search & Destroy
 O42 - Logiciel: Synaptics Pointing Device Driver
 O42 - Logiciel: Texas Instruments PCIxx21/x515 drivers.
 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
 O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
 O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb975960)
 O42 - Logiciel: VC80CRTRedist - 8.0.50727.762
 O42 - Logiciel: VLC media player 0.9.8a
 O42 - Logiciel: VeohTV BETA
 O42 - Logiciel: Version d'évaluation de Microsoft Office Professional 2007
 O42 - Logiciel: Videora iPod Converter 4.06
 O42 - Logiciel: Visionneuse Journal Windows Microsoft
 O42 - Logiciel: WinRAR archiver
 O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
 O42 - Logiciel: Windows Imaging Component
 O42 - Logiciel: Windows Installer 3.1 (KB893803)
 O42 - Logiciel: Windows Installer Clean Up
 O42 - Logiciel: Windows Internet Explorer 7
 O42 - Logiciel: Windows Live Call
 O42 - Logiciel: Windows Live Communications Platform
 O42 - Logiciel: Windows Live Contrôle parental
 O42 - Logiciel: Windows Live FolderShare
 O42 - Logiciel: Windows Live Mail
 O42 - Logiciel: Windows Live Messenger
 O42 - Logiciel: Windows Live Toolbar
 O42 - Logiciel: Windows Live Writer
 O42 - Logiciel: Windows Media Format 11 runtime
 O42 - Logiciel: Windows Media Player 11
 O42 - Logiciel: Windows Messenger 5.1
 O42 - Logiciel: YouTube Downloader App 1.02
 O42 - Logiciel: a-squared Anti-Malware 4.5
 O42 - Logiciel: a-squared Free 4.5
 O42 - Logiciel: avast! Antivirus
 O42 - Logiciel: iTunes
 O42 - Logiciel: mCore
 O42 - Logiciel: mMHouse
 O42 - Logiciel: mPfMgr
 O42 - Logiciel: mProSafe
 O42 - Logiciel: mWlsSafe
 O42 - Logiciel: mXML

 ---\\
 O44 - LFC:Last File Created 04/12/2009 - 12:10:24 ---A- C:\WINDOWS\System32\CONFIG.NT
 O44 - LFC:Last File Created 04/12/2009 - 20:29:54 ---A- C:\WINDOWS\WindowsUpdate.log
 O44 - LFC:Last File Created 04/12/2009 - 20:30:46 ---A- C:\WINDOWS\System32\OODBS.lor
 O44 - LFC:Last File Created 04/12/2009 - 20:30:56 -S-A- C:\WINDOWS\bootstat.dat
 O44 - LFC:Last File Created 04/12/2009 - 20:31:04 ---A- C:\WINDOWS\SchedLgU.Txt
 O44 - LFC:Last File Created 04/12/2009 - 20:31:08 ---A- C:\WINDOWS\ComponentList.xml
 O44 - LFC:Last File Created 04/12/2009 - 20:31:12 ---A- C:\WINDOWS\System32\d3d9caps.d​at
 O44 - LFC:Last File Created 04/12/2009 - 20:31:12 ---A- C:\WINDOWS\System32\nvapps.xml
 O44 - LFC:Last File Created 04/12/2009 - 20:32:02 ---A- C:\WINDOWS\Sti_Trace.log
 O44 - LFC:Last File Created 04/12/2009 - 20:32:02 ---A- C:\WINDOWS\wiaservc.log
 O44 - LFC:Last File Created 04/12/2009 - 20:32:04 ---A- C:\WINDOWS\wiadebug.log
 O44 - LFC:Last File Created 04/12/2009 - 20:32:08 ---A- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt
 O44 - LFC:Last File Created 04/12/2009 - 20:32:16 ---A- C:\WINDOWS\0.log
 O44 - LFC:Last File Created 04/12/2009 - 20:33:10 ---A- C:\WINDOWS\System32\wpa.dbl
 O44 - LFC:Last File Created 04/12/2009 - 21:03:50 ---A- C:\WINDOWS\win.ini
 O44 - LFC:Last File Created 05/11/2009 - 17:36:22 ---A- C:\WINDOWS\System32\MRT.exe
 O44 - LFC:Last File Created 12/11/2009 - 08:40:24 ---A- C:\WINDOWS\System32\FNTCACHE.D​AT
 O44 - LFC:Last File Created 24/11/2009 - 23:47:28 ---A- C:\WINDOWS\System32\AvastSS.sc​r
 O44 - LFC:Last File Created 24/11/2009 - 23:47:54 ---A- C:\WINDOWS\System32\drivers\aa​vmker4.sys
 O44 - LFC:Last File Created 24/11/2009 - 23:48:58 ---A- C:\WINDOWS\System32\drivers\as​wRdr.sys
 O44 - LFC:Last File Created 24/11/2009 - 23:49:08 ---A- C:\WINDOWS\System32\drivers\as​wTdi.sys
 O44 - LFC:Last File Created 24/11/2009 - 23:50:00 ---A- C:\WINDOWS\System32\drivers\as​wFsBlk.sys
 O44 - LFC:Last File Created 24/11/2009 - 23:50:12 ---A- C:\WINDOWS\System32\drivers\as​wSP.sys
 O44 - LFC:Last File Created 24/11/2009 - 23:51:00 ---A- C:\WINDOWS\System32\drivers\as​wmon2.sys
 O44 - LFC:Last File Created 24/11/2009 - 23:51:10 ---A- C:\WINDOWS\System32\drivers\as​wmon.sys
 O44 - LFC:Last File Created 24/11/2009 - 23:54:30 ---A- C:\WINDOWS\System32\aswBoot.ex​e
 O44 - LFC:Last File Created 26/11/2009 - 02:10:18 ---A- C:\WINDOWS\System32\TZLog.log

 ---\\
 O51 - MPSK:{49fcb37b-1e9a-11db-b513-​806d6172696f}\Shell\AutoRun\co​mmand - D:\setupSNK.exe

 ---\\
 O63 - Logiciel: HijackThis 2.0.2
 O63 - Logiciel: GenProc


 End of the scan: 508 lines

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 04/12/2009 à 23:03:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Java(TM) 6 Update 15
 Java(TM) 6 Update 5
 Java(TM) 6 Update 7


 Va dans Démarrer > Panneau de Config. > Ajout/suppres... de programmes pour désinstaller/supprimer les versions de Java ci-dessus.

 Ensuite, télécharge JavaRA

 [:Poulbot:6] Aide en images

 ... pour installer la dernière version.

 ---
 De même avec Adobe\Acrobat 7.0 :

 cette version est susceptible de contenir des failles de sécurité ; installe la dernière version ...

 http://www.secuser.com/vulnera [...] reader.htm

 ---
 Je vois aussi des restes de Norton/Symantec !

 Peut-être une version pré-installée à l' achat du PC ...
 Pour bien désinstaller Norton, utilise cet outil :

 http://www.secuser.com/vulnera [...] reader.htm

 ---
 Ce programme aussi, si tu le trouves, supprime-le :

 RelevantKnowledge <-

 pareil, va voir dans Ajout/suppres... de programmes et aussi dans ...

 C:\Program Files\...

 ---
 Ensuite, ...

 Clique droit sur SdFix[/g] (par AndyManchesta)

 Choisis "Enregistrer sous" (dans IE c'est "Enregistrer la cible/le lien sous.." ) et sauvegarde-le (Enregistrer dans) sur le Bureau.

 Important : dans "Nom du fichier" enregistre (renomme) "sdfix" ou "SdFix.exe" en sd-fix.exe

 Redémarre en mode sans échec (de préférence par F8 au démarrage).

 ------------------------------​--------------
 Tu n' auras pas accès à Internet pendant le "mode sans échec".
 Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
 sur le "bureau" pour l' avoir à ta disposition.
 ------------------------------​--------------

 Sur le bureau, double-clique sur sd-fix.exe et choisis Install pour l'extraire sur le Bureau.
 Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.cmd (ou RunThis.bat) pour lancer le script.

 Appuie sur Y pour commencer le processus de nettoyage.
 Il va supprimer les services et les entrées du Registre des trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

 Appuie sur une touche pour redémarrer le PC.

 Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

 Après le chargement du Bureau, l'outil terminera son travail et affichera "Finished".
 Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

 Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

 Copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.

 Tuto : http://www.malekal.com/tutorial_SDFix.php

 ---
 Puis, lance un scan Malwarebytes (après l' avoir mis à jour) et poste le rapport.

(Publicité)
dedebanzai
  1. Posté le 05/12/2009 à 01:35:58  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 Merci beaucoup pour l'aide super détaillée. Je pense avoir fait tout ce que tu as dis. Voici le rapport:


 Final Check :

 catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2009-12-05 00:25:01
 Windows 5.1.2600 Service Pack 2 FAT NTAPI

 scanning hidden processes ...

 scanning hidden services ...

 scanning hidden autostart entries ...

 scanning hidden files ...

 scan completed successfully
 hidden processes: 0
 hidden services: 0
 hidden files: 0


 Remaining Services :




 Authorized Application Key Export:

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\\system32\\sessmgr.e​xe"="%windir%\\system32\\sessm​gr.exe:*:enabled:@xpsp2res.dll​,-22019"
 "C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"="C:\\P​rogram Files\\Acer\\Acer Arcade\\PCMService.exe:*:Enabl​ed:CyberLink PowerCinema Resident Program"
 "C:\\Program Files\\Messenger\\MSMSGS.EXE"=​"C:\\Program Files\\Messenger\\MSMSGS.EXE:*​:Enabled:Windows Messenger"
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%w​indir%\\Network Diagnostic\\xpnetdiag.exe:*:En​abled:@xpsp3res.dll,-20000"
 "C:\\Program Files\\Kontiki\\KService.exe"=​"C:\\Program Files\\Kontiki\\KService.exe:*​:Enabled:Delivery Manager Service"
 "C:\\Program Files\\Real\\RealPlayer\\RealP​lay.exe"="C:\\Program Files\\Real\\RealPlayer\\RealP​lay.exe:*:Enabled:RealPlayer"
 "C:\\Program Files\\Last.fm\\LastFM.exe"="C​:\\Program Files\\Last.fm\\LastFM.exe:*:E​nabled:LastFM"
 "C:\\Program Files\\eMule\\emule.exe"="C:\\​Program Files\\eMule\\emule.exe:*:Enab​led:eMule"
 "C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe​"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe​:*:Enabled:Veoh Client"
 "C:\\Program Files\\MSN Messenger\\msnmgr.exe"="C:\\Pr​ogram Files\\MSN Messenger\\msnmgr.exe:*:Disabl​ed:Messenger"
 "C:\\Program Files\\BitComet\\BitComet.exe"​="C:\\Program Files\\BitComet\\BitComet.exe:​*:Disabled:BitComet - a BitTorrent Client"
 "C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Pro​gram Files\\Windows Media Player\\wmplayer.exe:*:Enabled​:Windows Media Player"
 "C:\\Program Files\\uTorrent\\uTorrent.exe"​="C:\\Program Files\\uTorrent\\uTorrent.exe:​*:Enabled:æTorrent"
 "C:\\Documents and Settings\\DELPHINE\\Bureau\\ut​orrent.exe"="C:\\Documents and Settings\\DELPHINE\\Bureau\\ut​orrent.exe:*:Enabled:æTorrent"
 "C:\\WINDOWS\\System32\\spool\​\drivers\\W32X86\\3\\HP1006MC.​EXE"="C:\\WINDOWS\\System32\\s​pool\\drivers\\W32X86\\3\\HP10​06MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE"
 "C:\\Program Files\\Bonjour\\mDNSResponder.​exe"="C:\\Program Files\\Bonjour\\mDNSResponder.​exe:*:Enabled:Bonjour"
 "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="​C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:​Enabled:Windows Live Call"
 "C:\\Program Files\\iTunes\\iTunes.exe"="C:​\\Program Files\\iTunes\\iTunes.exe:*:En​abled:iTunes"
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=​"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*​:Enabled:Windows Live Messenger"
 "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e:*:Enabled:Windows Live FolderShare"
 "C:\\Program Files\\Java\\JRE6\\BIN\\java.e​xe"="C:\\Program Files\\Java\\JRE6\\BIN\\java.e​xe:*:Enabled:Java(TM) Platform SE binary"
 "C:\\Program Files\\Skype\\Phone\\Skype.exe​"="C:\\Program Files\\Skype\\Phone\\Skype.exe​:*:Enabled:Skype. The whole world can talk for free."
 "C:\\Documents and Settings\\DELPHINE\\Local Settings\\Temp\\7zSA7.tmp\\Sym​NRT.exe"="C:\\Documents and Settings\\DELPHINE\\Local Settings\\Temp\\7zSA7.tmp\\Sym​NRT.exe:*:Enabled:Norton Removal Tool"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\\system32\\sessmgr.e​xe"="%windir%\\system32\\sessm​gr.exe:*:enabled:@xpsp2res.dll​,-22019"
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%w​indir%\\Network Diagnostic\\xpnetdiag.exe:*:En​abled:@xpsp3res.dll,-20000"
 "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="​C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:​Enabled:Windows Live Call"
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=​"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*​:Enabled:Windows Live Messenger"
 "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e:*:Enabled:Windows Live FolderShare"

 Remaining Files :



 Files with Hidden Attributes :

 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.​dll"
 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dl​l"
 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.​dll"
 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.d​ll"
 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.d​ll"
 Wed 22 Oct 2008       962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
 Mon 26 Jan 2009     1,740,632 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
 Mon 26 Jan 2009     5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
 Wed  4 Nov 2009     1,168,216 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
 Thu  5 Mar 2009     2,260,480 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
 Sun 10 Sep 2006         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
 Fri 23 Oct 2009    10,053,112 A..H. --- "C:\Program Files\Google\Picasa3\setup.exe​"
 Wed 22 Oct 2008       949,072 A.SH. --- "C:\System Volume Information\_restore{004AA4CB-​CEFA-470B-84B6-7AE41AC1EA5D}\R​P536\A0078541.dll"
 Mon 15 Sep 2008     1,562,960 A.SH. --- "C:\System Volume Information\_restore{004AA4CB-​CEFA-470B-84B6-7AE41AC1EA5D}\R​P536\A0078542.dll"
 Tue 12 Dec 2006             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 06/12/2009 à 02:02:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Manque le rapport Malwarebytes !

dedebanzai
  1. Posté le 06/12/2009 à 14:34:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
j'ai oublié le plus important ;)

 Voici tout ce qu'à détecté malwarebytes today...  :ouch:




 ype de recherche: Examen complet (C:\|D:\|)
 Eléments examinés: 203796
 Temps écoulé: 57 minute(s), 58 second(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 3
 Clé(s) du Registre infectée(s): 30
 Valeur(s) du Registre infectée(s): 4
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 39
 Fichier(s) infecté(s): 165

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn​.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACECommon.​dll (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn​SubL.dll (Adware.Agent) -> No action taken.

 Clé(s) du Registre infectée(s):
 HKEY_CLASSES_ROOT\explorerbar.​tcp (Adware.Agent) -> No action taken.
 HKEY_CLASSES_ROOT\explorerbar.​tcp.1 (Adware.Agent) -> No action taken.
 HKEY_CLASSES_ROOT\Interface\{6​160f76a-1992-4b17-a32d-0c706d1​59105} (Adware.DoubleD) -> No action taken.
 HKEY_CLASSES_ROOT\CLSID\{1d74e​9dd-8987-448b-b2cb-67fff2b8a93​2} (Adware.Agent) -> No action taken.
 HKEY_CLASSES_ROOT\TypeLib\{565​dd573-549e-4da9-8cd7-6ae3df253​39a} (Adware.Agent) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{1d74e9dd-8987-448b-​b2cb-67fff2b8a932} (Adware.Agent) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2​cb-67fff2b8a932} (Adware.Agent) -> No action taken.
 HKEY_CLASSES_ROOT\CLSID\{cac89​ff9-34a9-4431-8cfe-292a47f843b​c} (Adware.Agent) -> No action taken.
 HKEY_CLASSES_ROOT\CLSID\{3de88​beb-f271-484a-ba71-01d30f439f0​c} (Adware.DoubleD) -> No action taken.
 HKEY_CLASSES_ROOT\CLSID\{8ceb1​85e-81a5-46d3-bc20-c555d605afb​d} (Adware.DoubleD) -> No action taken.
 HKEY_CLASSES_ROOT\CLSID\{a7252​2ba-9ff3-4c83-abc6-9b476728a39​6} (Adware.DoubleD) -> No action taken.
 HKEY_CLASSES_ROOT\CLSID\{c5762​628-ae15-4ca6-96c4-b00dd17f341​9} (Adware.DoubleD) -> No action taken.
 HKEY_CLASSES_ROOT\Typelib\{ac5​ab953-ed25-4f9c-87f0-b086b0178​ffa} (Adware.DoubleD) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Explorer\Bars\{cac89ff9​-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{42c7c39f-3128-4a17-​bdb7-91c46032b5b9} (Adware.Agent) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{cac89ff9-34a9-4431-​8cfe-292a47f843bc} (Adware.Agent) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{eb4a577d-bcad-4b1c-​8af2-9a74b8dd3431} (Adware.Agent) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{d45817b8-3ead-4d1d-​8fca-ec63a8e35de2} (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8c​fe-292a47f843bc} (Adware.Agent) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall\questservice (Adware.Agent) -> No action taken.
 HKEY_CURRENT_USER\{D45817B8-3E​AD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Au​tomated Content Enhancer (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Cu​stomized Platform Advancer (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Qu​estService (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\We​b Search Operator (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\System\Curr​entControlSet\Services\QuestSe​rvice Service (Adware.DoubleD) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Aut​omated Content Enhancer (Adware.DoubleD) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Cus​tomized Platform Advancer (Adware.DoubleD) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\cs41275 (Malware.Trace) -> No action taken.

 Valeur(s) du Registre infectée(s):
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Internet Explorer\Toolbar\WebBrowser\{d​45817b8-3ead-4d1d-8fca-ec63a8e​35de2} (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zilla\Firefox\Extensions\{8141​440e-08f0-4339-9959-5c31c6a69f​23} (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zilla\Firefox\Extensions\{e636​05fc-d583-4c81-867f-9457bdb3ea​1b} (Adware.DoubleD) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zilla\Firefox\Extensions\{e889​f097-b0be-471b-89ad-b86b6f04b5​06} (Adware.DoubleD) -> No action taken.

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 C:\Program Files\Internet Today (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190 (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840 (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\Data (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\​content (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\compone​nts (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610 (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\for_anti_a​v (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\for_anti_a​v\1.1.0.1610 (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\data (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190 (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\Data (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\​content (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\compone​nts (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630 (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\​content (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\compone​nts (Adware.Agent) -> No action taken.
 C:\Documents and Settings\All Users\Application Data\QuestService (Adware.DoubleD) -> No action taken.
 C:\Program Files\QuestService (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190 (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Textual Content Provider\1.1.0.1610 (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> No action taken.

 Fichier(s) infecté(s):
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn​.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOn​.dll (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\All Users\Application Data\QuestService\questservice​127.exe (Adware.DoubleD) -> No action taken.
 C:\Program Files\QuestService\questservic​e.exe (Adware.DoubleD) -> No action taken.
 C:\Program Files\QuestService\uninstall.e​xe (Adware.Agent) -> No action taken.
 C:\System Volume Information\_restore{004AA4CB-​CEFA-470B-84B6-7AE41AC1EA5D}\R​P535\A0078224.exe (Adware.Agent) -> No action taken.
 C:\System Volume Information\_restore{004AA4CB-​CEFA-470B-84B6-7AE41AC1EA5D}\R​P535\A0078226.RBF (Adware.DoubleD) -> No action taken.
 C:\System Volume Information\_restore{004AA4CB-​CEFA-470B-84B6-7AE41AC1EA5D}\R​P536\A0078263.exe (Adware.DoubleD) -> No action taken.
 C:\System Volume Information\_restore{004AA4CB-​CEFA-470B-84B6-7AE41AC1EA5D}\R​P543\A0080182.exe (Trojan.FakeAlert) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\unins000.dat (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\unins000.exe (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\InternetToday​.ico (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\InternetToday​.skf (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\mfc80.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\Microsoft.VC8​0.CRT.manifest (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\Microsoft.VC8​0.MFC.manifest (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\msvcr80.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Internet Today\1.1.0.1190\SkinCrafterDl​l.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\unins000.d​at (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\unins000.e​xe (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\WSO.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.​dll (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\Data\confi​g.md (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome.​manifest (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\install​.rdf (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\​WSOAddOn.jar (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\​content\WSOAddOn.js (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\​content\WSOAddOn.xul (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\compone​nts\WSOFFAddOn.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\compone​nts\WSOFFAddOn.xpt (Adware.Agent) -> No action taken.
 C:\Program Files\Web Search Operator\3.1.0.1840\FF\compone​nts\WSOFFHelperComponent.js (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\unins000.d​at (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\unins000.e​xe (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\data\pxtmp​data.mx (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_Co​nfig.mx (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_Da​ta.mx (Adware.Agent) -> No action taken.
 C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_Do​mainExcludeList.mx (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\unins000.d​at (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\unins000.e​xe (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACECommon.​dll (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn​Sub.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn​SubL.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\Data\confi​g.md (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome.​manifest (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\install​.rdf (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\​ACEAddOn.jar (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\​content\ACEAddOn.js (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\​content\ACEAddOn.xul (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\compone​nts\ACEFFAddOn.xpt (Adware.Agent) -> No action taken.
 C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\compone​nts\ACEFFHelperComponent.js (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.d​at (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.e​xe (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPACommon.​dll (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOn​Sub.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOn​SubL.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data\confi​g.md (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome.​manifest (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\install​.rdf (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\​CPAAddOn.jar (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\​content\CPAAddOn.js (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\​content\CPAAddOn.xul (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\compone​nts\CPAFFAddOn.dll (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\compone​nts\CPAFFAddOn.xpt (Adware.Agent) -> No action taken.
 C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\compone​nts\CPAFFHelperComponent.js (Adware.Agent) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\config.md (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-163238.671.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-163448.906.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-163828.000.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-163900.875.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-164041.781.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-164227.453.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-164413.796.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\ipdata.md (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\rstatus.md (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-165659.953.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-170356.015.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-180834.109.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-181035.984.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-201431.468.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-205314.875.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​1-215658.765.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-103550.953.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-104353.234.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-104743.250.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-121851.812.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-122143.843.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-122328.781.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-122529.296.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-124059.000.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-144809.218.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-150551.359.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-194652.781.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-211117.921.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-215903.718.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-223506.843.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​2-235229.796.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​3-002443.812.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​3-215006.046.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​3-220057.078.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​3-233745.500.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-112621.406.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-114410.421.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-115608.218.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-120306.062.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-120513.171.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-132636.234.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-163135.734.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-164344.578.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-183845.312.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-190516.187.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-191323.781.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-193546.937.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-204014.843.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-224434.515.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-225332.500.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-225854.250.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-234145.593.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​4-235409.593.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​5-000228.578.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​5-003131.234.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​5-105411.015.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​5-111805.562.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​5-112845.078.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​5-145054.906.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​5-151143.515.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​6-014353.046.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​6-110549.531.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_2009120​6-111158.703.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\config.md (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-163254.937.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-163449.203.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-163828.062.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-163901.015.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-164041.859.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-164227.593.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-164413.875.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-165701.328.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-170356.906.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-180834.468.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-181036.062.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-201431.765.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-205314.968.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​201-215659.468.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-103552.062.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-104353.812.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-104743.359.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-121853.359.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-122144.750.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-122328.937.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-122530.078.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-124059.437.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-144809.843.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-150552.171.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-194653.734.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-211119.046.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-215903.953.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-223506.937.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​202-235233.234.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​203-002444.218.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​203-215007.375.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091​203-220058.171.log (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Co​nfig.mx (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Do​mainExcludeList.mx (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Da​ta.mx (Adware.DoubleD) -> No action taken.
 C:\Documents and Settings\delphine\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> No action taken.

(Publicité)
dedebanzai
  1. Posté le 06/12/2009 à 14:48:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai tout mis en quarantaine et j'ai redémarré mon ordi. J'ai ensuite refait un  examen complet avec Malwarebytes et il m'a indiqué que je n'avait plus rien d'infecté. Je n'ai pas eu depuis de fenêtres publicitaires qui s'affichent. Comment être vraiment sûre de s'être débarassé de tout ces trojans?

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 06/12/2009 à 17:32:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Clique droit sur SdFix[/g] (par AndyManchesta)

 Choisis "Enregistrer sous" (dans IE c'est "Enregistrer la cible/le lien sous.." ) et sauvegarde-le (Enregistrer dans) sur le Bureau.

 Important : dans "Nom du fichier" enregistre (renomme) "sdfix" ou "SdFix.exe" en sd-fix.exe

 Redémarre en mode sans échec (de préférence par F8 au démarrage).

 ------------------------------​--------------
 Tu n' auras pas accès à Internet pendant le "mode sans échec".
 Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
 sur le "bureau" pour l' avoir à ta disposition.
 ------------------------------​--------------

 Sur le bureau, double-clique sur sd-fix.exe et choisis Install pour l'extraire sur le Bureau.
 Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.cmd (ou RunThis.bat) pour lancer le script.

 Appuie sur Y pour commencer le processus de nettoyage.
 Il va supprimer les services et les entrées du Registre des trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

 Appuie sur une touche pour redémarrer le PC.

 Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

 Après le chargement du Bureau, l'outil terminera son travail et affichera "Finished".
 Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

 Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

 Copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.

 Tuto : http://www.malekal.com/tutorial_SDFix.php

 ---
 Ensuite, ...

 Poste un rapport Nod32 : http://www.eset-nod32.fr/scanner.html (il faut utiliser Internet Explorer)

 Coche toutes les cases à chaque fois et, une fois le scan achevé, colle le rapport :

 -> C:\Program Files\EsetOnlineScanner\log.txt <- le rapport

dedebanzai
  1. Posté le 07/12/2009 à 02:52:39  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voilà! les 2 rapports.



 atchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2009-12-06 19:33:48
 Windows 5.1.2600 Service Pack 2 FAT NTAPI

 scanning hidden processes ...

 scanning hidden services ...

 scanning hidden autostart entries ...

 scanning hidden files ...

 scan completed successfully
 hidden processes: 0
 hidden services: 0
 hidden files: 0


 Remaining Services :




 Authorized Application Key Export:

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\\system32\\sessmgr.e​xe"="%windir%\\system32\\sessm​gr.exe:*:enabled:@xpsp2res.dll​,-22019"
 "C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"="C:\\P​rogram Files\\Acer\\Acer Arcade\\PCMService.exe:*:Enabl​ed:CyberLink PowerCinema Resident Program"
 "C:\\Program Files\\Messenger\\MSMSGS.EXE"=​"C:\\Program Files\\Messenger\\MSMSGS.EXE:*​:Enabled:Windows Messenger"
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%w​indir%\\Network Diagnostic\\xpnetdiag.exe:*:En​abled:@xpsp3res.dll,-20000"
 "C:\\Program Files\\Kontiki\\KService.exe"=​"C:\\Program Files\\Kontiki\\KService.exe:*​:Enabled:Delivery Manager Service"
 "C:\\Program Files\\Real\\RealPlayer\\RealP​lay.exe"="C:\\Program Files\\Real\\RealPlayer\\RealP​lay.exe:*:Enabled:RealPlayer"
 "C:\\Program Files\\Last.fm\\LastFM.exe"="C​:\\Program Files\\Last.fm\\LastFM.exe:*:E​nabled:LastFM"
 "C:\\Program Files\\eMule\\emule.exe"="C:\\​Program Files\\eMule\\emule.exe:*:Enab​led:eMule"
 "C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe​"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe​:*:Enabled:Veoh Client"
 "C:\\Program Files\\MSN Messenger\\msnmgr.exe"="C:\\Pr​ogram Files\\MSN Messenger\\msnmgr.exe:*:Disabl​ed:Messenger"
 "C:\\Program Files\\BitComet\\BitComet.exe"​="C:\\Program Files\\BitComet\\BitComet.exe:​*:Disabled:BitComet - a BitTorrent Client"
 "C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Pro​gram Files\\Windows Media Player\\wmplayer.exe:*:Enabled​:Windows Media Player"
 "C:\\Program Files\\uTorrent\\uTorrent.exe"​="C:\\Program Files\\uTorrent\\uTorrent.exe:​*:Enabled:æTorrent"
 "C:\\Documents and Settings\\DELPHINE\\Bureau\\ut​orrent.exe"="C:\\Documents and Settings\\DELPHINE\\Bureau\\ut​orrent.exe:*:Enabled:æTorrent"
 "C:\\WINDOWS\\System32\\spool\​\drivers\\W32X86\\3\\HP1006MC.​EXE"="C:\\WINDOWS\\System32\\s​pool\\drivers\\W32X86\\3\\HP10​06MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE"
 "C:\\Program Files\\Bonjour\\mDNSResponder.​exe"="C:\\Program Files\\Bonjour\\mDNSResponder.​exe:*:Enabled:Bonjour"
 "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="​C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:​Enabled:Windows Live Call"
 "C:\\Program Files\\iTunes\\iTunes.exe"="C:​\\Program Files\\iTunes\\iTunes.exe:*:En​abled:iTunes"
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=​"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*​:Enabled:Windows Live Messenger"
 "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e:*:Enabled:Windows Live FolderShare"
 "C:\\Program Files\\Java\\JRE6\\BIN\\java.e​xe"="C:\\Program Files\\Java\\JRE6\\BIN\\java.e​xe:*:Enabled:Java(TM) Platform SE binary"
 "C:\\Documents and Settings\\DELPHINE\\Local Settings\\Temp\\7zSA7.tmp\\Sym​NRT.exe"="C:\\Documents and Settings\\DELPHINE\\Local Settings\\Temp\\7zSA7.tmp\\Sym​NRT.exe:*:Enabled:Norton Removal Tool"
 "C:\\Program Files\\Skype\\Phone\\Skype.exe​"="C:\\Program Files\\Skype\\Phone\\Skype.exe​:*:Enabled:Skype. The whole world can talk for free."

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\\system32\\sessmgr.e​xe"="%windir%\\system32\\sessm​gr.exe:*:enabled:@xpsp2res.dll​,-22019"
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%w​indir%\\Network Diagnostic\\xpnetdiag.exe:*:En​abled:@xpsp3res.dll,-20000"
 "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="​C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:​Enabled:Windows Live Call"
 "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=​"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*​:Enabled:Windows Live Messenger"
 "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e:*:Enabled:Windows Live FolderShare"

 Remaining Files :



 Files with Hidden Attributes :

 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.​dll"
 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dl​l"
 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.​dll"
 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.d​ll"
 Fri 14 Apr 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.d​ll"
 Wed 22 Oct 2008       962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
 Mon 26 Jan 2009     1,740,632 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
 Mon 26 Jan 2009     5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
 Wed  4 Nov 2009     1,168,216 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
 Thu  5 Mar 2009     2,260,480 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
 Sun 10 Sep 2006         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
 Fri 23 Oct 2009    10,053,112 A..H. --- "C:\Program Files\Google\Picasa3\setup.exe​"
 Wed 22 Oct 2008       949,072 A.SH. --- "C:\System Volume Information\_restore{004AA4CB-​CEFA-470B-84B6-7AE41AC1EA5D}\R​P536\A0078541.dll"
 Mon 15 Sep 2008     1,562,960 A.SH. --- "C:\System Volume Information\_restore{004AA4CB-​CEFA-470B-84B6-7AE41AC1EA5D}\R​P536\A0078542.dll"
 Tue 12 Dec 2006             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
 Thu 29 Oct 2009       206,336 ...H. --- "C:\Documents and Settings\delphine\Application Data\Microsoft\Word\~WRL0047.t​mp"



 2nd rapport ESET (J'ai du faire un deuxième scan avec Eset pour avoir un rapport, après la premier scan il m'avait encore trouvé 3 trojans...)

 OnlineScanner.ocx - registred OK
 # version=7
 # iexplore.exe=7.00.6000.16915 (vista_gdr.090826-0339)
 # OnlineScanner.ocx=1.0.0.6211
 # api_version=3.0.2
 # EOSSerial=3676f76753d1b4458cc7​b416ade39413
 # end=finished
 # remove_checked=true
 # archives_checked=true
 # unwanted_checked=true
 # unsafe_checked=false
 # antistealth_checked=true
 # utc_time=2009-12-07 01:32:30
 # local_time=2009-12-07 01:32:30 (+0000, GMT)
 # country="France"
 # lang=1036
 # osver=5.1.2600 NT Service Pack 2
 # compatibility_mode=512 16777215 100 0 31805321 31805321 0 0
 # compatibility_mode=769 16775141 100 98 17427 196423095 13949 0
 # compatibility_mode=8192 67108863 100 0 16741 16741 0 0
 # compatibility_mode=9730 16764889 100 100 387111 61380629 0 0
 # scanned=95160
 # found=0
 # cleaned=0

(Publicité)
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 07/12/2009 à 23:21:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Clique droit sur ComboFix (par sUBs).

 Choisis "Enregistrer sous" (dans IE c'est "Enregistrer la cible/le lien sous.." ) et sauvegarde-le (Enregistrer dans) sur le Bureau (et pas ailleurs.

 Important : dans "Nom du fichier" enregistre (renomme) "combofix" en combo-fix.exe

 Prends connaissance de ce tutoriel : http://www.bleepingcomputer.co [...] r-combofix

 Ferme toutes les fenêtres et applications.
 Déconnecte-toi du net et désactive tes protections résidentes :
 http://forum.pcastuces.com/des [...] -f31s4.htm

 Sur le bureau, double-clique sur combo-fix.exe.
 Tape sur la touche Y (Yes) pour démarrer le scan.
 (si l’ installation de la Console de récupération est demandé, accepte)
 ComboFix redémarrera ton PC.
 Lorsque le scan sera complété, un rapport apparaîtra.
 Copie/colle ce rapport dans ta prochaine réponse.

 PS : le rapport se trouve également ici : C:\Combofix.txt

 [:lolo 1:7] Ne clique pas dans la fenêtre de Combofix durant l’analyse : cela pourrait provoquer le gel du programme.

 ---

dedebanzai
  1. Posté le 11/12/2009 à 11:58:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
hey,

 Voici le rapport de combo fix.



 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .

 c:\program files\WinPCap
 c:\program files\WinPCap\daemon_mgm.exe
 c:\program files\WinPCap\npf_mgm.exe
 c:\program files\WinPCap\rpcapd.exe
 c:\windows\Downloaded Program Files\popcaploader.inf
 c:\windows\system32\drivers\np​f.sys
 c:\windows\system32\Packet.dll
 c:\windows\system32\pthreadVC.​dll
 c:\windows\system32\twain_32.d​ll
 c:\windows\system32\WanPacket.​dll
 c:\windows\system32\wpcap.dll
 D:\Autorun.inf

 .
 ((((((((((((((((((((((((((((((​(((((((((   Pilotes/Services   ))))))))))))))))))))))))))))))​)))))))))))))))))))
 .

 -------\Legacy_NPF
 -------\Service_NPF


 (((((((((((((((((((((((((((((   Fichiers créés du 2009-11-10 au 2009-12-10  ))))))))))))))))))))))))))))))​))))))
 .

 2009-12-10 10:27 . 2009-12-10 10:27 -------- d-----w- c:\windows\LastGood.Tmp
 2009-12-06 19:46 . 2009-12-06 19:46 -------- d-----w- c:\program files\ESET
 2009-12-06 19:20 . 2008-11-06 02:03 -------- d-----w- C:\SDFix
 2009-12-05 11:23 . 2009-12-05 11:23 -------- d-----w- C:\GenProc
 2009-12-05 00:14 . 2009-12-05 00:14 -------- d-----w- c:\windows\ERUNT
 2009-12-04 19:28 . 2009-12-04 19:28 -------- d-----w- c:\program files\CCleaner
 2009-12-04 12:10 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\as​wRdr.sys
 2009-12-04 12:10 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\as​wTdi.sys
 2009-12-04 12:10 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aa​vmker4.sys
 2009-12-04 12:10 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.sc​r
 2009-12-04 12:10 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\as​wmon.sys
 2009-12-04 12:10 . 2009-11-24 23:51 94160 ----a-w- c:\windows\system32\drivers\as​wmon2.sys
 2009-12-04 12:10 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\as​wSP.sys
 2009-12-04 12:10 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\as​wFsBlk.sys
 2009-12-04 12:09 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.ex​e
 2009-12-03 00:50 . 2009-12-03 00:50 -------- d-----w- c:\program files\a-squared Free
 2009-12-02 12:34 . 2009-12-02 12:34 -------- d-----w- c:\program files\a-squared Anti-Malware
 2009-12-01 16:31 . 2009-12-01 16:31 -------- d-----w- c:\documents and settings\delphine\Local Settings\Application Data\Gameztar Toolbar

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2009-12-10 11:34 . 2006-12-10 09:53 664 ----a-w- c:\windows\system32\d3d9caps.d​at
 2009-12-06 12:27 . 2009-12-06 12:27 4844295 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes​' Anti-Malware\mbam-setup.exe
 2009-12-04 23:16 . 2008-11-22 09:41 411368 ----a-w- c:\windows\system32\deploytk.d​ll
 2009-12-04 23:15 . 2009-12-04 23:15 152576 ----a-w- c:\documents and settings\delphine\Application Data\Sun\Java\jre1.6.0_17\lzma​.dll
 2009-12-04 23:14 . 2009-12-04 23:14 79488 ----a-w- c:\documents and settings\delphine\Application Data\Sun\Java\jre1.6.0_17\gtap​i.dll
 2009-12-03 16:14 . 2008-12-03 19:56 38224 ----a-w- c:\windows\system32\drivers\mb​amswissarmy.sys
 2009-12-03 16:13 . 2008-12-03 19:56 19160 ----a-w- c:\windows\system32\drivers\mb​am.sys
 2009-10-30 07:05 . 2006-07-29 02:51 93192 ----a-w- c:\documents and settings\delphine\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
 2009-10-18 03:25 . 2006-04-14 16:49 86182 ----a-w- c:\windows\system32\perfc00C.d​at
 2009-10-18 03:25 . 2006-04-14 16:49 512862 ----a-w- c:\windows\system32\perfh00C.d​at
 2009-10-15 23:58 . 2009-10-15 23:58 -------- d-----w- c:\program files\Microsoft.NET
 2009-10-15 23:51 . 2009-10-15 23:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
 2009-09-30 14:40 . 2009-09-30 14:40 152576 ----a-w- c:\documents and settings\delphine\Application Data\Sun\Java\jre1.6.0_15\lzma​.dll
 2009-09-11 15:12 . 2004-08-05 05:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
 .

 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.​exe AcRdB7_0_9" [X]
 "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
 "Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 3587120]
 "swg"="c:\program files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​" [2008-11-02 68856]
 "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe 1" [X]
 "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsch​ed.exe  -osboot" [X]
 "QuickTime Task"="c:\program files\QuickTime\qttask.exe -atboottime" [X]
 "preload"="c:\windows\RUNXMLPL​.exe" [2005-05-19 32768]
 "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh​.exe" [2005-12-16 761945]
 "RTHDCPL"="RTHDCPL.EXE" [2006-01-11 15961088]
 "AzMixerSel"="c:\program files\Realtek\InstallShield\Az​MixerSel.exe" [2005-06-11 53248]
 "AGRSMMSG"="AGRSMMSG.exe" [2005-09-09 88203]
 "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
 "IMJPMIG8.1"="c:\windows\IME\i​mjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
 "MSPY2002"="c:\windows\system3​2\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
 "PHIME2002ASync"="c:\windows\s​ystem32\IME\TINTLGNT\TINTSETP.​EXE" [2004-08-05 455168]
 "PHIME2002A"="c:\windows\syste​m32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
 "NvCplDaemon"="c:\windows\syst​em32\NvCpl.dll" [2006-01-19 7397376]
 "NvMediaCenter"="c:\windows\sy​stem32\NvMcTray.dll" [2006-01-19 86016]
 "PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-03-23 151552]
 "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]
 "LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-04-19 69632]
 "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]
 "LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2005-07-25 241664]
 "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-04-20 86016]
 "ePower_DMC"="c:\acer\Empoweri​ng Technology\ePower\ePower_DMC.e​xe" [2006-03-30 421888]
 "Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
 "Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePres​entation.exe" [2006-03-31 204800]
 "eRecoveryService"="c:\acer\Em​powering Technology\eRecovery\eRAgent.e​xe" [2006-04-28 401408]
 "LVCOMSX"="c:\windows\system32​\LVCOMSX.EXE" [2006-04-06 225280]
 "LogitechCameraAssistant"="c:\​program files\Acer\OrbiCam\CameraAssis​tant.exe" [2006-04-06 331776]
 "LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelp​er.exe" [2006-04-06 19:06 73728]
 "LogitechCameraService(E)"="c:​\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
 "ImageItEncrypt"="c:\windows\s​ystem32\ImageItEncrypt.exe" [2005-12-30 40960]
 "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
 "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2009-11-05 3279192]
 "avast!"="c:\progra~1\ALWILS~1​\Avast4\ashDisp.exe" [2009-11-24 81000]
 "SunJavaUpdateSched"="c:\progr​am files\Java\jre6\bin\jusched.ex​e" [2009-12-04 149280]
 "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
 "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe" [2009-09-04 935288]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="c:\windows\syste​m32\CTFMON.EXE" [2004-08-05 15360]

 c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
 Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Fra​mework.Launcher.exe [2006-7-29 45056]
 Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\control\session manager]
 BootExecute REG_MULTI_SZ    PDBoot.exe\0autocheck autochk *\0OODBS

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecFirewall]
 "DisableMonitoring"=dword:0000​0001

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "%windir%\\system32\\sessmgr.e​xe"=
 "c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
 "c:\\Program Files\\Messenger\\MSMSGS.EXE"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "c:\\Program Files\\Real\\RealPlayer\\RealP​lay.exe"=
 "c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe​"=
 "c:\\Program Files\\MSN Messenger\\msnmgr.exe"=
 "c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
 "c:\\Program Files\\uTorrent\\uTorrent.exe"​=
 "c:\\WINDOWS\\System32\\spool\​\drivers\\W32X86\\3\\HP1006MC.​EXE"=
 "c:\\Program Files\\Bonjour\\mDNSResponder.​exe"=
 "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
 "c:\\Program Files\\iTunes\\iTunes.exe"=
 "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
 "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.ex​e"=
 "c:\\Program Files\\Java\\JRE6\\BIN\\java.e​xe"=
 "c:\\Program Files\\Skype\\Phone\\Skype.exe​"=

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "443:UDP"= 443:UDP:*:Disabled:UDP port 443 ooVoo
 "37674:TCP"= 37674:TCP:*:Disabled:TCP port 37674 ooVoo
 "37674:UDP"= 37674:UDP:*:Disabled:UDP port 37674 ooVoo
 "37675:UDP"= 37675:UDP:*:Disabled:UDP port 37675 ooVoo

 R1 aswSP;avast! Self Protection;c:\windows\system32​\drivers\aswSP.sys [04/12/2009 12:10 114768]
 R2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [02/12/2009 12:34 1858144]
 R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [03/12/2009 00:50 1858144]
 R2 aswFsBlk;aswFsBlk;c:\windows\s​ystem32\drivers\aswFsBlk.sys [04/12/2009 12:10 20560]
 R2 fssfltr;FssFltr;c:\windows\sys​tem32\drivers\fssfltr_tdi.sys [21/03/2009 18:49 54752]
 R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\d​rivers\lv321av.sys [12/06/2006 17:21 1097472]
 S1 mailKmd;mailKmd; [x]
 S3 3xHybrid;TerraTec BDA capture service;c:\windows\system32\dr​ivers\3xHybrid.sys [21/09/2007 20:56 846592]
 S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://www.google.fr/
 uDefault_Search_URL = hxxp://www.google.com/ie
 mWindow Title =
 uInternet Settings,ProxyOverride = *.local
 uSearchURL,(Default) = hxxp://www.google.com/search?q​=%s
 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.sc​r/200
 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\​EXCEL.EXE/3000
 DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes​\xmldso.cab
 DPF: {BA3BAF69-72B1-4BCE-BE96-A4D30​4EAFBB4} - hxxp://assets.photobox.com/ass​ets/aurigma/ImageUploader4.cab​?20081105101619
 FF - ProfilePath - c:\documents and settings\delphine\Application Data\Mozilla\Firefox\Profiles\​tq71ht3i.default\
 FF - prefs.js: browser.search.selectedEngine - Google
 FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com/
 FF - prefs.js: network.proxy.type - 2
 FF - component: c:\program files\Real\RealPlayer\browserr​ecord\components\nprpbrowserre​cordplugin.dll
 FF - plugin: c:\program files\Google\Picasa3\npPicasa3​.dll
 FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
 FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NP​VeohVersion.dll
 FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - c:\windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\
 .
 - - - - ORPHELINS SUPPRIMES - - - -

 BHO-{2C36E371-080B-4AC1-9D22-9​1D1C84677C8} - (no file)
 HKLM-Run-StandardInstall - (no file)
 AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstall​er.exe
 AddRemove-HijackThis - c:\genproc\Outil\HijackThis.ex​e
 AddRemove-{7B63B2922B174135AFC​0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.​exe



 ******************************​******************************​**************

 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2009-12-10 11:35
 Windows 5.1.2600 Service Pack 2 FAT NTAPI

 Recherche de processus cachés ...

 Recherche d'éléments en démarrage automatique cachés ...

 Recherche de fichiers cachés ...

 Scan terminé avec succès
 Fichiers cachés: 0

 ******************************​******************************​**************
 .
 --------------------- CLES DE REGISTRE BLOQUEES ---------------------

 [HKEY_LOCAL_MACHINE\software\Mi​crosoft\Windows\CurrentVersion​\System*]
 "OODEFRAG10.00.00.01WORKSTATIO​N"="B2D05DE55F3259A5C5A31EC930​5E9EF8E09C4BA57CC1D019F2695FF5​F74721A4EA4DDFB231DB811D6D7A62​A70EEEAF9921A6B49465B765D88B06​01279C4C8C9CF58496B7590B01D6EE​DBB0E6CAD6ED234E6ED87BF2192E19​547CD2999020C862D0A21EC38D42F0​AA602A84B582DB22FEBC9E127BECC7​4CFEBC9E127BECC74CFEBC9E127BEC​C74CFEBC9E127BECC74CFEBC9E127B​ECC74CFEBC9E127BECC74CA6A0AC49​80AC79339DB7CE019D40AA5CA2D972​26D213B5558EDD5E5BE2F6E667CBAF​48A0A6D01E8611C219F33212D697AE​F6DF6D03ED4210E487E2C16D15D777​526F4B476C0C20715C9576077AADAF​CB72A49AD8343FEFAA935DB1914A12​B23BAD843C42CCB3247ECCDCD20837​347A1E90AF0568DC7701CD80690A40​1797F34B244542C3CDD4255DF00587​8BCA1B74ED053B4CB25D951C2CB62A​8E864FCD45CB6DA815C3AB5F704150​9F02E9CCBA33204494B48FCAF939FB​B5C3765BA63F23E2B3C97F7D52A7AA​E2E261C23E09D11E1EB227929C6D6C​26756EFB0E7F7F5B603B19E9636FE7​E6497C96A260697F006FD4AB06513B​41978157CB3EB3F277F5230430ECB4​DC3FB818CDC961038F624DB9B3FB65​EE11F708C2E125195A7E5846E46F02​597BCC659D359BD4BD68999AA05E30​E5A1FD0774B2305CCBBF8A2A26E773​338A5C530B18F9922D7F7CE1B243C8​96C22037A349D16C6810810ADE4415​DAEF0BB8456EA54997794D0708544B​AAF66D6853481BC959EF5B4AFC7106​5F8E015036F0080FF0A0A0024D1B6B​B917D5BF43A11F9B33BD8EDB4D5B6B​94C352B1A360768CBC8E04F7A79C00​E1D79E0F7C9D4AF295994D1EA3B159​9BE938F0364E6BB992561FD8395D9E​8B3CF4A3A4ED09EC0CE3BB5060A703​D869638B41756AEAEA52D48F10EDAF​1560E5DD60C581361CEFE4038B72F5​5C481B3F8FD8BC530FC0926E8C6991​634B142815C525DCFCAA88CB8160F2​562C80C3A7F0834BD79D8C3DBCA60D​0F4CDF33841559D6392976D25589E8​1055F3361E7911E5245265F90B0223​6A2B9B8DA0D2C62E4578830E5D7CBE​18F1AB87EBD982A3CB5A5AD1DDA47A​E3E47A429DC275D66BDABF96E41738​36B446C6CE53FC71BDADB361939FDA​6D8C6D066D321B82C3363BE683A02A​EF9FD4D94BE89A7810EAA538085D43​079BB7365DEDAB5B0C8381A5AD031F​0B1B69C17006C02CB427ADC95318E8​085EC603F933A1E775275A203D2074​43744CEF785E6545A2B7C30682A2A3​555F6D5D9397BE80E223D9FCE7DA17​E6EF213BE056B54C54D65487F5AE62​A0B7AC5370BF9205A6E07933404F88​D5C17A38F77EC8EDDEF320AD1AEA7B​B0C282758F15C3056099E4D9728F62​8D04D906A395881D864CD3D2F1721C​06090DBD1A85215672350AC8C0B690​934D2F96D2C16D88F748A27A1BF835​7FE9D0563910CCD43A2D56D815A915​84487FE2316F"
 "OODEFRAG08.00.00.01WORKSTATIO​N"="63DA0F738E53A36BFC17853A33​0D55CC377E607622326C57F8A1A5EB​8FB47151CE2CD7F5B00DB0464ACACB​942981533871E0043F77460C18BB86​2A918869542122650E44C10EAF72BC​D6B8702F7C8B7F715C10ADB9782A54​B362867868F01A23CCD5E169BB0241​27468508BF943679D14BDAE8B8A52C​B94E32DC68B97F00CF4F03816845A2​85AC341AD8D746AA5ABCF2D47A54A9​FEBB54DED1CE5E44A0B82834BDA01C​8AF82B5B7B3305A91EC586963A270C​7F9E8CF0B3726BC65E5B2435F57138​9DD9C2FEBC9E127BECC74CFEBC9E12​7BECC74CFEBC9E127BECC74CFEBC9E​127BECC74CFEBC9E127BECC74CFEBC​9E127BECC74CA6A0AC4980AC7933A6​A0AC4980AC7933C038D530D6EB3452​C038D530D6EB34526BBC6725A376FC​F1258594B87C8CD0D11DD9EAC80665​680B2B5510E0A6422D67DA15050F86​2AFCE5ED9A5DB69F462C31F4938AB1​D97E97E3F4DA373FBCF0492A1CDA30​45A83A29A00CBD61E0AC05C094AE5F​DDC65DEE0C069A257AF2CB3F5C070D​14FBACFA6C4D5C6DBC4DCFF4EAC4FC​E7FBC8F4E5D783578D831ADF4C6A4E​E790B7A1BBB63A1927075F70B093CF​4F3E469AD6418B8EA10E43B0787D77​E4E98B8CB2FB80D65322E5D0DDC244​63BFDF00F2E0B53FAC1BEA38B6631C​D54BD25F02ECE38B9A19995FCCC465​DBE083F956BD9A69379AE9B84B3763​BFB0098A8D41B29F9FF2BE02A32F68​6316F770D971F9476DC24F91285A11​BE4D63044AB9A388D6972FFBB4D7BC​4F173087F76D0ECEF2C0206E1B7510​A16D58785A0BE025568E7B4B4C9159​2662E58A343F61EB8B6BCEA16BE256​2E106A7860EE2AD9A8D91B9304B5A9​C31CBB48FACBF8BC5C90835A7E360C​89E334D83EAB883EC9AC8F2A1BBB24​55E8C6812C53FB3310EFB79369DB57​1E43404A17DEDFE554F822E39A2BB4​0D672CA3F1A2CD1FB7710C3E62C275​6914CB54D8B1F85C42681DB395005F​B878742BC165C0AA3DFAE388840172​00A42D5289081B68104D0FDA100973​A90A70ACBF219FADD35B5967184F94​841F40B58811F02DBFE0A5F3A1472D​1504A95935CA24CD5671EF86449CCF​6F5D8AC78C2D0CB7F291F3B11AD58C​9BC9FA0471A1AA00B78D7618FA96E5​846D6902C7EB8154028ED18BDB13DD​3A91AB8D5F2113C8BDAD750C18FD02​0768BDB40FA9652FD236E5C328730C​64772F2BABF6ECFDC3CA1B6A3E4BD5​F2B5E8BC1B4D08807F5DC223E569DE​A68E26020605B7D551B2E0B7B47ED4​224D3B69DF152244CEB52861AC3065​F238846280AAD4004E4F3DC868B1C1​E7E039A28E1324680F0AB17D644CFB​B37CBBC571F83B35F231CFDBE5C17C​F03C57EC8F7A995181F0CD72538E2D​D3B4CB77FE6F57B744F5FE60854887​0EE43F6134E875817B63D8AF04B6AA​A56F5069D7D4E0F223F9AED8D98918​365C168CFCB417A891E5482C9E6785​7203828C3EC4"
 .
 --------------------- DLLs chargées dans les processus actifs ---------------------

 - - - - - - - > 'explorer.exe'(8180)
 c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcI​nj.dll
 c:\windows\system32\MSNCHATHOO​K.DLL
 c:\windows\system32\sysenv.dll
 c:\windows\system32\CryptoAPI.​dll
 c:\windows\system32\MFC71U.DLL
 c:\windows\system32\msls31.dll
 c:\windows\system32\WPDShServi​ceObj.dll
 c:\windows\system32\PortableDe​viceTypes.dll
 c:\windows\system32\PortableDe​viceApi.dll
 .
 ------------------------ Autres processus actifs ------------------------
 .
 c:\program files\Intel\Wireless\Bin\EvtEn​g.exe
 c:\program files\Intel\Wireless\Bin\S24Ev​Mon.exe
 c:\program files\Alwil Software\Avast4\aswUpdSv.exe
 c:\program files\Alwil Software\Avast4\ashServ.exe
 c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 c:\acer\Empowering Technology\ePerformance\MemChe​ck.exe
 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 c:\program files\Bonjour\mDNSResponder.ex​e
 c:\program files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
 c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\C​LMLServer.exe
 c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\C​LMLService.exe
 c:\program files\Java\jre6\bin\jqs.exe
 c:\windows\RTHDCPL.EXE
 c:\windows\AGRSMMSG.exe
 c:\windows\system32\nvsvc32.ex​e
 c:\acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 c:\windows\system32\oodag.exe
 c:\program files\Fichiers communs\Real\Update_OB\realsch​ed.exe
 c:\program files\Raxco\PerfectDisk\PDAgen​t.exe
 c:\windows\System32\spool\DRIV​ERS\W32X86\3\HP1006MC.EXE
 c:\program files\Intel\Wireless\Bin\RegSr​vc.exe
 c:\program files\CyberLink\Shared Files\RichVideo.exe
 c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
 c:\program files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
 c:\program files\Alwil Software\Avast4\ashMaiSv.exe
 c:\program files\Alwil Software\Avast4\ashWebSv.exe
 c:\program files\Skype\Plugin Manager\skypePM.exe
 c:\windows\system32\wbem\wmiap​srv.exe
 c:\program files\Raxco\PerfectDisk\PDEngi​ne.exe
 c:\program files\iPod\bin\iPodService.exe
 c:\windows\system32\wbem\unsec​app.exe
 .
 ******************************​******************************​**************
 .
 Heure de fin: 2009-12-10  11:43:58 - La machine a redémarré
 ComboFix-quarantined-files.txt  2009-12-10 11:43

 Avant-CF: 25 399 132 160 octets libres
 Après-CF: 26 483 556 352 octets libres

 WindowsXP-KB310994-SP2-Home-Bo​otDisk-FRA.exe
 [boot loader]
 timeout=2
 default=multi(0)disk(0)rdisk(0​)partition(2)\WINDOWS
 [operating systems]
 c:\cmdcons\BOOTSECT.DAT="Micro​soft Windows Recovery Console" /cmdcons
 multi(0)disk(0)rdisk(0)partiti​on(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

 - - End Of File - - 4F44AB44BD7E11DA7AED10280827A4​62

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 11/12/2009 à 19:53:19  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Télécharge FindyKill (de Chiquitine29) sur ton bureau :
 http://www.commentcamarche.net [...] -findykill

 ! Déconnecte-toi et ferme toutes applications en court !

 Double-clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.

 Branche tes sources de données externes au PC (clé USB, disque dur externe, etc ...).

 Pour lancer l' outil, double-clique sur le raccourci FindyKill qui est sur ton bureau.

 Au menu principal, choisis l'option F pour français et tape sur [entrée].

 Au second menu, choisis l'option 1 (recherche) et tape sur [entrée].

 Laisse l' outil travailler et ... ne touche à rien !

 -> Au final, un rapport apparaît ; poste-le.

 PS : le rapport est conservé sous C:\FindyKill.txt)

 (CTRL+A pour tout selectionner, CTRL+C pour copier et CTRL+V pour coller  

 Aides en images : http://pagesperso-orange.fr/No [...] ykill.html

 ---
 Relance Malwarebytes pour un scan et poste le rapport.

(Publicité)
 Page :
1

Aller à :
 

Sujets relatifs
disque dur infecté par un virus pc infecte par un virus que je n'arrive pas a supprimer
SVP DE L'AIDE!!! infecté par CHEVAL DE TROIE Infecté par un trojan Win32:Agent-ISI[trj]
Infecté par grosse quantité de trojan Help pliz 18 "trojans" & "spyware" + lag
Plus de sujets relatifs à : infecté par trojans

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
infection winspykiller 15
pc bloqué au démarage aprés serious sam hd 0
G problème avec lo.st en page d'acceuil .Comment l'éliminer? 1
john sina 1
mon pc infesté de virus 16