trojan tenace

je suis pollué par un anti programme "trojan-gameThief.win32.OnlineGames.dzm" je ne parviens pas nettoyer
qui peut m'aider merci

Bonsoir à toi aussi,

Pour rappel :
.

Télécharge HiJackThis de Merijn sur ton bureau.

- Double-clic sur HijackThis.
- Génère un rapport en suivant ces indications :
- Exécute le et clique sur Do a scan and save log file.
- Le rapport s'ouvre sur le Bloc-Note.

- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller

Aide : N'hésite pas à consulter l'aide HiJackThis.


Cordialement.

bonsoir curson
toute mes excuses pour mon manque de civilité,je suis un peu sur les nerfs mon micro rame a mort des applications s'ouvrent en multiples exemplaire çà bloque c'est l'enfer et je n'osais pas espérer qu'un ange vienne aussi vite à mon secours un grand merci quoi qu'il arrive
voici le rapport ce virus se trouve en C:\windows\System32\KB1SS1P.OLL
...........
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:42:24, on 02/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
C:\Program Files\Pack Securite\ORSP Client\fsorsp.exe
C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\SPMSMON.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\LOUISE\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Pack Securite\FSAUA\program\fsus.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pack Securite\FSGUI\scanwizard.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr8l.hpwis.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ChangeICON] C:\WINDOWS\SPMSMON.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO
O4 - HKLM\..\Run: [Microsoft Messenger XP] MSMSN32.exe
O4 - HKLM\..\Run: [MSN Messenger] msnmsgr.exe
O4 - HKLM\..\Run: [Microsoft AOL Instant Messenger] MSAOL32.exe
O4 - HKLM\..\Run: [Microsoft Client/Server Runtime Server Subsystem] csrs.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\LOUISE\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunServices: [Microsoft Messenger XP] MSMSN32.exe
O4 - HKLM\..\RunServices: [MSN Messenger] msnmsgr.exe
O4 - HKLM\..\RunServices: [Microsoft AOL Instant Messenger] MSAOL32.exe
O4 - HKLM\..\RunServices: [Microsoft Client/Server Runtime Server Subsystem] csrs.exe
O4 - HKCU\..\Run: [BackupNotify] C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [SpyBrowser] "C:\Program Files\SpyBro\SpyBro.exe" /autostart
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Securitoo\Av_Fw\Anti-Spyware\Ad-Monitor.exe"
O4 - HKCU\..\Run: [Microsoft Messenger XP] MSMSN32.exe
O4 - HKCU\..\Run: [MSN Messenger] msnmsgr.exe
O4 - HKCU\..\Run: [Microsoft AOL Instant Messenger] MSAOL32.exe
O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\Livecom\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunServices: [MSN Messenger] msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MSN Messenger] msnmsgr.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Microsoft AOL Instant Messenger] MSAOL32.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [MSN Messenger] msnmsgr.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [MSN Messenger] msnmsgr.exe (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://opignons.spaces.live.com/PhotoUpload/MsnPUpld.cab?10,0,912,0
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb(...)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://opignons.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} (MCLPhoto_Upload.PhotoUpload) - http://auchan.fujifilmnet.com/MCLPhoto.CAB
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Pack Securite\ORSP Client\fsorsp.exe
O23 - Service: Google Desktop Manager 5.8.811.4345 (GoogleDesktopManager-110408-113106) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9e38c3cd11312) (gupdate1c9e38c3cd11312) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

--
End of file - 14686 bytes

Bonsoir,


Je comprends.

Ton système est très infecté.
Désactive tous tes logiciels de sécurité durant la procédure.

Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

Déconnecte-toi et ferme toutes applications en cours

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).

Double-clique sur l'icône AD-Remover située sur ton Bureau.

Au menu principal, choisis l'option L.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Cordialement.

bonsoir
ce n'est décidément pas mon jour
je suis bloqué losque je double clique sur l'icone Ad-remover
une fenetre s'ouvre me proposant de choisir la langue et je ne peux pas en sortir.
je ferme tout pour aujourd'hui je te souhaite une bonne nuit

Bonsoir,

Pour choisir la langue, tape F et appuie sur la touche ENTER.
Si cela ne fonctionne pas, nous feront autrement.

Voici d’ores et déjà la suite de la procédure :

1) Désinstalle les applications suivantes (si présentes) via ajout/suppression de programmes :

EoRezo (ainsi que tous les logiciels affiliés)
Boonty
SpyBrowser
Anti Trojan Elite
Spyware Doctor

A propos de Spyware Doctor : en plus de ne être que peu efficace, sa diffusion repose sur des méthodes vraiment peu scrupuleuses. Plus d'informations.


2) Télécharge OTViewIt de OldTimer sur ton bureau.

- Ferme toutes les fenêtres et applications.
- Double clique sur OTViewIt.exe pour le lancer.
- Dans la liste déroulante "File Age" choisis : 30 days (ou selon votre choix).
- Sélectionne l'option "All User"
- Clique sur le bouton "Run Scan".
- Patiente quelques minutes.
- le bloc note va s'ouvrir, poste les deux rapports obtenus dans ta prochaine réponse.


Cordialement.

.bonjour curson, moi c'est robert
c'etait trop simple pour que j'y pense
je vais tenter d'executer la suite de la procedure
avec mes modestes connaissances à bientot
cordialement

======= RAPPORT D'AD-REMOVER 1.1.4.5_C | UNIQUEMENT XP/VISTA =======
.
Mit à jour part C_XX le 02/06/2009 à 8:00 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 6:15:43, 03/06/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: CAMION | Utilisateur actuel: LOUISE
.
Administrateur: Administrateur
N'est pas administrateur: ASPNET
N'est pas administrateur: HelpAssistant *Desactive*
N'est pas administrateur: Invité *Desactive*
Administrateur: LOUISE
N'est pas administrateur: SUPPORT_0cbdf702 *Desactive*
N'est pas administrateur: SUPPORT_388945a0 *Desactive*
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKCR\AppID\EoRezoBHO.DLL
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Softwarehelper
.
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\cmhost.cyp
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\ConfMedia.cyp
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\db
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\eoDesktop
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\eoStats
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\host.cyp
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\user.cyp
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\db\cat.cyp
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\eoDesktop\config.xml
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\eoDesktop\eoDesktop.html
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\eoDesktop\userConfig.xml
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\eoStats\eoStats.txt
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\Download
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\Software
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\unins000.dat
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\unins000.exe
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\user_config.cyp
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\user_profil.cyp
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\Software\eoengine
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo\SoftwareUpdate\Software\eoengine\9.1.0.0
C:\DOCUME~1\LOUISE\APPLIC~1\EoRezo
C:\Program Files\EoRezo\ConfMedia.cyp
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\EoRezo\eoEngine.url
C:\Program Files\EoRezo\EoMultiLanguage.dll
C:\Program Files\EoRezo\EoRezoComm.dll
C:\Program Files\EoRezo\EoRezoImg_17.dll
C:\Program Files\EoRezo\EoRezoImg_19.dll
C:\Program Files\EoRezo\EoRezoImg_20.dll
C:\Program Files\EoRezo\EoRezoImg_21.dll
C:\Program Files\EoRezo\EoRezoImg_22.dll
C:\Program Files\EoRezo\EoRezoImg_23.dll
C:\Program Files\EoRezo\EoRezoTools_16.dll
C:\Program Files\EoRezo\EoRezoTools_17.dll
C:\Program Files\EoRezo\EoRezoTools_18.dll
C:\Program Files\EoRezo\EoRezoTools_20.dll
C:\Program Files\EoRezo\EoRezoTools_21.dll
C:\Program Files\EoRezo\EoRezoTools_26.dll
C:\Program Files\EoRezo\EoRezoTools_27.dll
C:\Program Files\EoRezo\EoRezoTools_28.dll
C:\Program Files\EoRezo\EoRezoTools_29.dll
C:\Program Files\EoRezo\EoRezoTools_30.dll
C:\Program Files\EoRezo\FreeImage.dll
C:\Program Files\EoRezo\Host.cyp
C:\Program Files\EoRezo\lang
C:\Program Files\EoRezo\MngInstaller.dll
C:\Program Files\EoRezo\unins000.dat
C:\Program Files\EoRezo\unins000.exe
C:\Program Files\EoRezo\user.cyp
C:\Program Files\EoRezo\EoAdv\atl90.dll
C:\Program Files\EoRezo\EoAdv\EoAdv.dll
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
C:\Program Files\EoRezo\EoAdv\mfc90.dll
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.ATL.manifest
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.CRT.manifest
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.MFC.manifest
C:\Program Files\EoRezo\EoAdv\msvcr90.dll
C:\Program Files\EoRezo\lang\ihm_eoclock.xml
C:\Program Files\EoRezo\lang\ihm_eoengine.xml
C:\Program Files\EoRezo\lang\ihm_eonet.xml
C:\Program Files\EoRezo\lang\ihm_eorezotools.xml
C:\Program Files\EoRezo\lang\ihm_eosudoku.xml
C:\Program Files\EoRezo\lang\ihm_eoweather.xml
C:\Program Files\EoRezo\lang\lang_en.xml
C:\Program Files\EoRezo\lang\lang_es.xml
C:\Program Files\EoRezo\lang\lang_fr.xml
C:\Program Files\EoRezo\lang\lang_it.xml
C:\Program Files\EoRezo
C:\DOCUME~1\LOUISE\Cookies\louise@ads.eorezo[2].txt
C:\DOCUME~1\LOUISE\Cookies\louise@eorezo[1].txt
C:\DOCUME~1\LOUISE\Cookies\louise@soft.eorezo[1].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
.

* Internet Explorer Version 8.0.6001.18702 *

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

============== Suspect (Cracks, Serials ... ) ==============

.

+---------------------------------------------------------------------------+

6333 Octet(s) - C:\Ad-Report-CLEAN.log

17 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
63 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE

Fin à: 6:31:52 | 03/06/2009
.
============== E.O.F ==============
.

meme en anglais pour moi tout çà c'est du latin
a plus tard cordialement

OTViewIt logfile created on: 03/06/2009 07:18:00 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\LOUISE\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

510,98 Mb Total Physical Memory | 293,44 Mb Available Physical Memory | 57,43% Memory free
1,22 Gb Paging File | 0,91 Gb Available in Paging File | 74,84% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 15,56 Gb Free Space | 41,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CAMION
Current User Name: LOUISE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2009/06/02 16:06:15 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[2009/04/01 13:12:02 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
[2008/09/23 15:37:18 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FSMA32.EXE
[2009/05/30 12:42:50 | 00,461,952 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Anti-Virus\fsgk32.exe
[2008/09/23 15:37:20 | 00,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FSMB32.EXE
[2003/06/24 20:32:00 | 00,073,728 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[2005/01/14 09:32:38 | 00,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
[2008/09/23 15:37:18 | 00,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FCH32.EXE
[2005/08/29 16:33:00 | 01,466,368 | ---- | M] (Inventel) -- C:\Program Files\Inventel\Gateway\WLANCFG.EXE
[2008/09/23 15:37:18 | 00,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FAMEH32.EXE
[2008/09/23 15:35:14 | 00,043,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe
[2008/09/23 15:37:28 | 00,686,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSPC\fspc.exe
[2008/09/23 15:34:32 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
[2009/05/30 12:42:53 | 00,575,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
[2008/09/23 15:37:54 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\ORSP Client\fsorsp.exe
[2008/09/23 15:35:40 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FWES\program\fsdfwd.exe
[2003/05/22 19:56:42 | 00,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
[2009/03/30 22:47:44 | 00,174,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSAUA\program\fsus.exe
[2003/05/22 23:10:00 | 00,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[2003/05/23 00:06:00 | 00,610,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2002/10/07 01:23:20 | 00,090,112 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Unload\HpqCmon.exe
[2002/04/17 11:42:56 | 00,069,632 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
[2003/02/11 11:30:30 | 00,061,440 | ---- | M] () -- C:\WINDOWS\SPMSMON.EXE
[2004/09/13 16:49:00 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[2002/04/17 11:49:16 | 00,077,824 | ---- | M] () -- C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
[2008/09/23 15:37:18 | 00,182,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FSM32.EXE
[2009/06/02 15:55:29 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
[2008/09/23 15:36:54 | 00,604,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
[2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2008/09/26 15:50:46 | 00,206,184 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\HOMERunner.exe
[2008/10/07 16:49:59 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2003/06/12 21:08:16 | 00,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[2003/07/23 10:43:10 | 00,024,651 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
[2009/04/01 13:12:01 | 00,347,744 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
[2007/05/11 03:06:38 | 00,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
[2009/04/05 20:50:09 | 02,356,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
[2009/06/03 07:14:37 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LOUISE\Bureau\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/06/21 14:52:24 | 00,069,120 | ---- | M] (BOONTY) -- C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe -- (Boonty Games [On_Demand | Stopped])
[2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2009/04/01 13:12:02 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running])
[2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2008/09/23 15:34:32 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running])
[2008/09/23 15:35:40 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\FWES\program\fsdfwd.exe -- (FSDFWD [On_Demand | Running])
[2008/09/23 15:37:18 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\Common\FSMA32.EXE -- (FSMA [Auto | Running])
[2008/09/23 15:37:54 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\ORSP Client\fsorsp.exe -- (FSORSPClient [On_Demand | Running])
[2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
[2009/06/02 15:55:29 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110408-113106 [On_Demand | Stopped])
[2009/06/02 16:06:15 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9e38c3cd11312 [Auto | Stopped])
[2009/06/02 15:25:53 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2002/08/30 03:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC [On_Demand | Stopped])
[2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2003/06/24 20:32:00 | 00,073,728 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
[2005/01/14 09:32:38 | 00,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator [Auto | Running])
[2005/08/29 16:33:00 | 01,466,368 | ---- | M] (Inventel) -- C:\Program Files\Inventel\Gateway\WLANCFG.EXE -- (Wlancfg [Auto | Running])
[2006/11/03 10:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services ==========

[2001/08/17 15:20:04 | 00,096,256 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc [On_Demand | Stopped])
[1997/06/17 04:00:00 | 00,004,064 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\drivers\ATMHELPR.SYS -- (ATMhelpr [System | Running])
[2003/07/31 10:25:46 | 00,254,208 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX [On_Demand | Stopped])
[2003/06/12 15:44:00 | 00,291,712 | R--- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD [On_Demand | Running])
[2003/06/12 15:46:00 | 00,272,896 | R--- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA [On_Demand | Running])
[2003/01/10 11:56:34 | 00,030,921 | ---- | M] (Service & Quality Technology.) -- C:\WINDOWS\system32\drivers\SQCaptur.sys -- (DCamUSBSQTECH [On_Demand | Stopped])
[2001/08/23 12:12:50 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B [On_Demand | Stopped])
[2003/08/15 20:10:00 | 00,068,480 | R--- | M] (ENE Technology Inc.) -- C:\WINDOWS\system32\drivers\EMCR7SK.sys -- (EMCR [On_Demand | Running])
[2003/04/02 15:02:26 | 00,007,040 | R--- | M] (EnE Technology Inc.) -- C:\WINDOWS\System32\drivers\ENECBPTH.sys -- (ENECBPTH [Boot | Running])
[2008/09/23 15:35:18 | 00,039,776 | ---- | M] () -- C:\Program Files\Pack Securite\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter [Disabled | Stopped])
[2009/05/30 12:47:02 | 00,086,648 | ---- | M] () -- C:\Program Files\Pack Securite\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper [On_Demand | Running])
[2008/09/23 15:37:06 | 00,066,720 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Pack Securite\HIPS\drivers\fshs.sys -- (F-Secure HIPS [System | Running])
[2008/09/23 15:35:18 | 00,025,184 | ---- | M] () -- C:\Program Files\Pack Securite\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer [Disabled | Stopped])
[2009/04/02 22:52:26 | 00,033,408 | ---- | M] () -- C:\WINDOWS\system32\drivers\fsbts.sys -- (fsbts [Boot | Running])
[2008/09/23 15:35:38 | 00,079,904 | ---- | M] (F-Secure Corporation) -- C:\WINDOWS\system32\drivers\fsdfw.sys -- (FSFW [Boot | Running])
[2009/02/06 18:08:42 | 00,055,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
[2003/05/01 16:40:00 | 00,165,504 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])
[2003/05/01 16:37:00 | 01,107,200 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
[2004/08/04 07:29:36 | 00,161,020 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x [On_Demand | Stopped])
[2004/08/04 07:29:37 | 00,012,415 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0 [On_Demand | Stopped])
[2004/08/04 07:29:37 | 00,012,127 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1 [On_Demand | Stopped])
[2004/08/04 07:29:37 | 00,011,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2 [On_Demand | Stopped])
[2004/08/04 07:29:47 | 00,012,063 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3 [On_Demand | Stopped])
[2004/08/04 07:29:49 | 00,019,455 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4 [On_Demand | Stopped])
[2004/08/04 07:29:41 | 00,029,311 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0 [On_Demand | Stopped])
[2004/08/04 07:29:42 | 00,019,551 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1 [On_Demand | Stopped])
[2004/08/04 07:29:43 | 00,033,599 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3 [On_Demand | Stopped])
[2004/08/04 07:29:45 | 00,023,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4 [On_Demand | Stopped])
[2005/01/31 12:12:46 | 00,022,016 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
[2002/12/11 12:22:00 | 00,011,044 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2008/04/13 20:54:36 | 00,028,672 | ---- | M] (National Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA [On_Demand | Running])
[2003/06/24 20:32:00 | 01,326,203 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2005/06/27 18:09:24 | 00,140,800 | ---- | M] (PixArt Imaging Inc.) -- C:\WINDOWS\system32\drivers\PA707UCM.SYS -- (PAC7311 [On_Demand | Running])
[2003/09/23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5 [On_Demand | Stopped])
[2007/10/19 20:26:48 | 00,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5 [On_Demand | Stopped])
[2005/11/19 03:13:18 | 00,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50 [On_Demand | Stopped])
[2003/01/22 04:37:00 | 00,009,856 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2005/01/31 12:20:03 | 00,211,712 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928 [On_Demand | Stopped])
[2002/08/30 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2002/10/04 12:04:10 | 00,046,976 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139 [On_Demand | Running])
[2007/11/13 12:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2003/05/01 16:42:00 | 00,030,592 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher [Auto | Running])
[2001/08/17 16:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810 [Boot | Running])
[2001/08/17 16:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx [Boot | Running])
[2001/08/17 16:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi [Boot | Running])
[2001/08/17 16:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3 [Boot | Running])
[2003/05/22 22:36:00 | 00,273,072 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2008/04/13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
[2003/05/01 16:38:00 | 00,622,848 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
[2008/04/13 20:36:38 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi [System | Running])
[2002/08/30 03:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://fr.msn.com/
"Update_Check_Page"=http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_search_url"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Page_Transitions"=
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
"Secondary Start Pages"=
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"AutoSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_search_url"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Page_Transitions"=
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
"Secondary Start Pages"=
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Internet Explorer\Search]
"AutoSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (242797 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.139mm.com
8505 more lines...

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found
{5C255C8A-E604-49b4-9D64-90988571CECB} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (HKLM) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (HKLM) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5}" (HKLM) -- C:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5}" (HKLM) -- C:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5}" (HKLM) -- C:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5}" (HKLM) -- C:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"Anti Trojan Elite"=C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO File not found
"AutoLogon"= File not found
"CamMonitor"=C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe ()
"ChangeICON"=C:\WINDOWS\SPMSMON.EXE ()
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe ()
"F-Secure Manager"="C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash (F-Secure Corporation)
"F-Secure TNB"="C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW (F-Secure Corporation)
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup (Google)
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" (Hewlett-Packard Company)
"HPHmon05"=C:\WINDOWS\System32\hphmon05.exe (Hewlett-Packard)
"HPHUPD05"=c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe File not found
"Microsoft AOL Instant Messenger"=MSAOL32.exe File not found
"Microsoft Client/Server Runtime Server Subsystem"=csrs.exe File not found
"Microsoft Messenger XP"=MSMSN32.exe File not found
"Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe File not found
"MSN Messenger"=msnmsgr.exe File not found
"News Service"="C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe" File not found
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"nwiz"=nwiz.exe /installquiet (NVIDIA Corporation)
"Share-to-Web Namespace Daemon"=C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
"srmclean"=C:\Cpqs\Scom\srmclean.exe ()
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
"WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AWMON"="C:\Program Files\Securitoo\Av_Fw\Anti-Spyware\Ad-Monitor.exe" File not found
"BackupNotify"=C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe ( )
"Livecom"="C:\PROGRA~1\Livecom\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen File not found
"Microsoft AOL Instant Messenger"=MSAOL32.exe File not found
"Microsoft Messenger XP"=MSMSN32.exe File not found
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
"MSN Messenger"=msnmsgr.exe File not found
"SpyBrowser"="C:\Program Files\SpyBro\SpyBro.exe" /autostart File not found
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" (TomTom)
"WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= File not found

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
"Microsoft AOL Instant Messenger"=MSAOL32.exe File not found
"Microsoft Messenger XP"=MSMSN32.exe File not found
"MSN Messenger"=msnmsgr.exe File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
"Microsoft AOL Instant Messenger"=MSAOL32.exe File not found
"Microsoft Messenger XP"=MSMSN32.exe File not found
"MSN Messenger"=msnmsgr.exe File not found

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AWMON"="C:\Program Files\Securitoo\Av_Fw\Anti-Spyware\Ad-Monitor.exe" File not found
"BackupNotify"=C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe ( )
"Livecom"="C:\PROGRA~1\Livecom\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen File not found
"Microsoft AOL Instant Messenger"=MSAOL32.exe File not found
"Microsoft Messenger XP"=MSMSN32.exe File not found
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
"MSN Messenger"=msnmsgr.exe File not found
"SpyBrowser"="C:\Program Files\SpyBro\SpyBro.exe" /autostart File not found
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" (TomTom)
"WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= File not found

========== (O4) RunServices Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Microsoft AOL Instant Messenger"=MSAOL32.exe File not found
"Microsoft Client/Server Runtime Server Subsystem"=csrs.exe File not found
"Microsoft Messenger XP"=MSMSN32.exe File not found
"MSN Messenger"=msnmsgr.exe File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSN Messenger"=msnmsgr.exe File not found

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSN Messenger"=msnmsgr.exe File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSN Messenger"=msnmsgr.exe File not found

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSN Messenger"=msnmsgr.exe File not found

========== (O4) Startup Folders ==========

[2003/06/12 21:08:16 | 00,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[2001/02/13 10:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
[2003/07/23 10:43:10 | 00,024,651 | ---- | M] (Microsoft® Corporation) -- C:\Documents and Settings\LOUISE\Menu Démarrer\Programmes\Démarrage\WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: File not found

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: File not found

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: File not found

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Console Java (Sun) -- %SystemRoot%\system32\msjava.dll [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
{200DB664-75B5-47c0-8B45-A44ACCF73C00}: Button: Parental... -- %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
{200DB664-75B5-47c0-8B45-A44ACCF73F01}: Menu: Parental... -- %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Ajout Direct -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Ajout Direct dans Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{1462651F-F4BA-4C76-A001-C4284D0FE16E} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{200DB664-75B5-47c0-8B45-A44ACCF73C00} [HKLM] -> %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [Parental...] -> [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
CmdMapping\\{200DB664-75B5-47c0-8B45-A44ACCF73F01} [HKLM] -> %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [Parental...] -> [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{200DB664-75B5-47c0-8B45-A44ACCF73C00} [HKLM] -> %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [Parental...] -> [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
CmdMapping\\{200DB664-75B5-47c0-8B45-A44ACCF73F01} [HKLM] -> %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [Parental...] -> [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{200DB664-75B5-47c0-8B45-A44ACCF73C00} [HKLM] -> %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [Parental...] -> [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
CmdMapping\\{200DB664-75B5-47c0-8B45-A44ACCF73F01} [HKLM] -> %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [Parental...] -> [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{1462651F-F4BA-4C76-A001-C4284D0FE16E} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{200DB664-75B5-47c0-8B45-A44ACCF73C00} [HKLM] -> %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [Parental...] -> [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
CmdMapping\\{200DB664-75B5-47c0-8B45-A44ACCF73F01} [HKLM] -> %ProgramFiles%\Pack Securite\FSPC\fspcmsie.dll [Parental...] -> [2008/09/23 15:37:28 | 00,150,112 | ---- | M] (F-Secure Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
36 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
: msn in My Computer
35 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
35 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
35 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
: msn in My Computer
35 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}: http://opignons.spaces.live.com/PhotoUpload/MsnPUpld.cab?10,0,912,0 -- MSN Photo Upload Tool
{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}: http://express.foto.com/ImageUploader5.cab -- Image Uploader Control
{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb(...) -- WUWebControl Class
{7FC1B346-83E6-4774-8D20-1A6B09B0E737}: http://opignons.spaces.live.com/PhotoUpload/MsnPUpld.cab -- Windows Live Photo Upload Control
{9D190AE6-C81E-4039-8061-978EBAD10073}: http://securite.neuf.fr/Ols/fscax.cab -- F-Secure Online Scanner 3.0
{AD7A67A5-5461-4B6B-A9C5-09DD071527F5}: http://auchan.fujifilmnet.com/MCLPhoto.CAB -- MCLPhoto_Upload.PhotoUpload
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object
Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{70EA6B11-8AD8-443E-8456-614BDD5F5222} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{AF7FA1DC-54DF-4088-B5F9-0079C6B24C14} (Servers: | Description: )
{C6CB8751-9889-4AFE-B176-568B450E11FB} (Servers: | Description: Carte réseau 1394)

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
>[2009/06/02 15:56:32 | 00,119,296 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{ED0ACB58-556F-21DA-DDFE-6D20F3F611BB}" (HKLM) -- Reg Error: Value does not exist or could not be read. File not found

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ee6c9ad-3b13-11dd-be14-00c09f2fe1a6}\Shell\AutoRun\command]
""=F:\InstallTomTomHOME.exe -- File not found


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0fe705-5864-11db-bbae-00032f46ed9f}\Shell\AutoRun\command]
""=E:\InstallTomTomHOME.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2009/06/03 07:14:35 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\LOUISE\Bureau\OTViewIt.exe
[2009/06/02 22:58:37 | 00,001,561 | ---- | C] () -- C:\Documents and Settings\LOUISE\Bureau\Ad-remover.lnk
[2009/06/02 22:58:35 | 00,000,000 | ---D | C] -- C:\Program Files\Ad-remover
[2009/06/02 22:01:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\LOUISE\Mes documents\rapports hijackthis
[2009/06/02 21:38:36 | 00,001,747 | ---- | C] () -- C:\Documents and Settings\LOUISE\Bureau\HijackThis.lnk
[2009/06/02 21:38:15 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/02 21:36:43 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\LOUISE\Bureau\HJTInstall.exe
[2009/06/02 20:05:25 | 00,003,418 | ---- | C] () -- C:\eabusb.reg
[2009/06/02 20:05:25 | 00,000,026 | ---- | C] () -- C:\eabiiupgrade.upg
[2009/06/02 20:04:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2009/06/02 19:34:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\_ISTMP1.DIR
[2009/06/02 19:17:40 | 00,071,018 | ---- | C] () -- C:\WINDOWS\Fractal Blue.jpg
[2009/06/02 19:01:17 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009/06/02 18:59:47 | 00,006,006 | R--- | C] () -- C:\WINDOWS\ESM_off.ico
[2009/06/02 18:59:47 | 00,006,006 | R--- | C] () -- C:\WINDOWS\ESD_off.ico
[2009/06/02 18:59:47 | 00,006,006 | R--- | C] () -- C:\WINDOWS\EMS_off.ico
[2009/06/02 18:59:47 | 00,006,006 | R--- | C] () -- C:\WINDOWS\ECB_off.ico
[2009/06/02 18:59:47 | 00,002,238 | R--- | C] () -- C:\WINDOWS\ESM_on.ico
[2009/06/02 18:59:47 | 00,002,238 | R--- | C] () -- C:\WINDOWS\ESD_on.ico
[2009/06/02 18:59:47 | 00,002,238 | R--- | C] () -- C:\WINDOWS\EMS_on.ico
[2009/06/02 18:57:24 | 00,007,040 | R--- | C] (EnE Technology Inc.) -- C:\WINDOWS\System32\drivers\ENECBPTH.sys
[2009/06/02 17:39:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IOSUBSYS
[2009/06/02 14:02:36 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\PC Tools
[2009/06/02 07:12:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2009/06/02 07:12:33 | 00,000,000 | ---D | C] -- C:\Program Files\Fighters
[2009/05/30 13:13:45 | 00,000,434 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{739DC270-2AA5-48DF-92C6-90A6B8BC9D18}.job
[2009/05/22 23:06:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\LOUISE\Bureau\egypte1
[2009/05/12 07:30:40 | 01,089,883 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/05/11 19:08:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/05/11 19:07:35 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/05/11 19:03:50 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/05/11 18:35:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/05/11 18:35:38 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/05/11 18:35:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/05/11 18:34:55 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/05/11 18:32:52 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/05/11 18:32:52 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/05/11 18:32:51 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/05/11 18:32:51 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/05/11 18:32:51 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/05/11 18:32:50 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/05/11 18:32:50 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/05/11 18:32:49 | 00,000,000 | ---D | C] -- C:\a229c75b8df11efac14757
[2009/05/11 08:40:51 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/05/11 08:26:29 | 00,000,000 | ---D | C] -- C:\6f12ceb6d84263fb8c0096426f4eb07c
[2009/05/11 08:23:40 | 00,000,000 | ---D | C] -- C:\c8eddde810f61b515d

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2009/06/03 07:16:00 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/06/03 07:14:37 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LOUISE\Bureau\OTViewIt.exe
[2009/06/03 06:13:17 | 00,071,018 | ---- | M] () -- C:\WINDOWS\Fractal Blue.jpg
[2009/06/03 06:10:04 | 00,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{739DC270-2AA5-48DF-92C6-90A6B8BC9D18}.job
[2009/06/03 06:09:56 | 00,001,561 | ---- | M] () -- C:\Documents and Settings\LOUISE\Bureau\Ad-remover.lnk
[2009/06/03 06:09:16 | 00,000,516 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2009/06/03 06:06:17 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/03 06:06:02 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/03 06:05:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/03 06:05:55 | 53,587,5584 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/02 21:39:54 | 00,001,747 | ---- | M] () -- C:\Documents and Settings\LOUISE\Bureau\HijackThis.lnk
[2009/06/02 21:36:44 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\LOUISE\Bureau\HJTInstall.exe
[2009/06/02 20:50:02 | 01,129,582 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/06/02 20:50:02 | 00,512,170 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/06/02 20:50:02 | 00,443,698 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/06/02 20:50:02 | 00,086,816 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/06/02 20:50:02 | 00,073,756 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/06/02 20:05:25 | 00,000,026 | ---- | M] () -- C:\eabiiupgrade.upg
[2009/06/02 19:56:20 | 00,004,507 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/06/02 17:45:17 | 00,041,506 | ---- | M] () -- C:\Documents and Settings\LOUISE\Application Data\wklnhst.dat
[2009/05/11 19:21:53 | 00,065,400 | ---- | M] () -- C:\Documents and Settings\LOUISE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/05/11 19:20:06 | 00,000,114 | -HS- | M] () -- C:\Documents and Settings\LOUISE\Mes documents\desktop.ini
[2009/05/11 19:19:50 | 00,383,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/07 09:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >

Bonsoir,

Désactive tous tes logiciels de sécurité durant la procédure.

1) Désinstalle totalement Norton.
Télécharge le Norton Removal Tool et sauvegarde-le sur ton bureau.

- Clique deux fois sur l'icône Norton Removal Tool.
- Suis les instructions. L'ordinateur pourra être redémarré plusieurs fois et tu seras peut-être invité à répéter certaines étapes.


2) Télécharge ATF-Cleaner by Atribune et enregistre-le sur ton bureau.

Ferme tes navigateurs et exécute le programme.

- Coche l'onglet "Select All".
- Clique sur "Empty Selected".


3) Télécharge Combofix de sUBs : combofix.exe

- Connecte tous tes supports amovibles (clés USB, disques, lecteurs MP3, etc.).


4) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


Si tu n'as plus accès à Internet après l'utilisation de ComboFix :
Suis cette procédure :

1. Cliquez sur le bouton Démarrer.
2. Cliquez sur l'option de menu Paramètres.
3. Cliquez sur l'option Panneau de configuration.
4. Après l'ouverture du Panneau de configuration, faites un double clic sur l'icône Connexions réseau. Si votre Panneau de configuration est paramétré pour un affichage en catégories, faites un double clic sur Connexions réseau et Internet puis cliquez sur Connexions réseau tout en bas.
5. Vous verrez alors une liste de toutes les connexions réseau disponibles. Repérez la connexion vers votre adaptateur Sans Fil ou Réseau local et faites un clic droit dessus.
6. Vous verrez alors un menu similaire à celui de l'image ci-dessous. Cliquez simplement sur l'option de menu Réparer.


7. Laissez le processus de réparation se dérouler, et lorsqu'il a terminé, votre connexion Internet devrait être de nouveau opérationnelle.

Sinon, si une icône de votre réseau apparaît aussi dans la barre des tâches Windows, vous pouvez la réparer en faisant un clic droit sur l'icône et en choisissant Réparer comme le montre l'image ci-dessous:



Comment se comporte le système ?


Cordialement.

bonjour
desolé pour ce temps mort je n'avais plus de fenetre pour répondre
je la retrouve aujourd'hui.
apres avoir- Coché l'onglet "Select All".
- Cliqué sur "Empty Selected".une fenetre "done clearing" s'est ouverte je n'ais pas eu de reponse après avoir cliqué sur ok
j'ai continué la procedure
msn s'ouvrait automatiquement au demarrage çà ne semble plus etre le cas
mon poste de travail s'ouvre toujours sans que je lui demande
j'ai gagné en rapidité
Cordialement.


voici le rapport

KILLALL::
Driver::
Boonty Games
SeaPort

Registry::
[-HKEY_CLASSES_ROOT\boontybox]
[-HKEY_CURRENT_USER\SOFTWARE\Boonty]
[-HKEY_LOCAL_MACHINE\Software\Boonty]
[-HKEY_LOCAL_MACHINE\Software\Classes\boontybox]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
""=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=-
[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"=-
[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=-
[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"=-
[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=-
[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Anti Trojan Elite"=-
"AutoLogon"=-
"Cpqset"=-
"Google Desktop Search"=-
"HP Software Update"=-
"HPHUPD05"=-
"Microsoft AOL Instant Messenger"=-
"Microsoft Client/Server Runtime Server Subsystem"=-
"Microsoft Messenger XP"=-
"Microsoft Works Update Detection"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft AOL Instant Messenger"=-
"Microsoft Messenger XP"=-
"MSN Messenger"=-
"SpyBrowser"="-
"swg"=-
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"=-
"Microsoft AOL Instant Messenger"=-
"Microsoft Messenger XP"=-
"MSN Messenger"=-
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"=-
"Microsoft AOL Instant Messenger"=-
"Microsoft Messenger XP"=-
"MSN Messenger"=-
[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft AOL Instant Messenger"=-
"Microsoft Messenger XP"=-
"MSN Messenger"=-
"SpyBrowser"="-
"swg"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Microsoft AOL Instant Messenger"=-
"Microsoft Client/Server Runtime Server Subsystem"=-
"Microsoft Messenger XP"=-
"MSN Messenger"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSN Messenger"=-
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSN Messenger"=-
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSN Messenger"=-
[HKEY_USERS\S-1-5-21-3059515214-125777844-1980164638-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSN Messenger"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{ED0ACB58-556F-21DA-DDFE-6D20F3F611BB}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0ACB58-556F-21DA-DDFE-6D20F3F611BB}]

File::
C:\windows\System32\kb1ss1p.dll
C:\eabusb.reg
C:\eabiiupgrade.upg
C:\WINDOWS\System32\perfh00C.dat
C:\WINDOWS\System32\perfh009.dat
C:\WINDOWS\System32\perfc00C.dat
C:\WINDOWS\System32\perfc009.dat
C:\Windows\System32\kb1ss1p.sys
C:\Windows\System32\rsbo.exe

Folder::
C:\WINDOWS\_ISTMP1.DIR
C:\a229c75b8df11efac14757
C:\6f12ceb6d84263fb8c0096426f4eb07c
C:\c8eddde810f61b515d
C:\Program Files\Microsoft\Search Enhancement Pack
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Anti Trojan Elite
C:\Program Files\SpyBro

Bonsoir,

Tu as posté le script de commandes. Le rapport se trouve ici > C:\ComboFix.txt.
Peux-tu le poster ?

Continue ensuite la procédure :
Désactive tes logiciels de sécurité durant la procédure.

1) Télécharge Malwarebytes Anti-Malware.

- Installe-le et fais les mises à jour.


2) Lance MBAM :

- Coche la case "Exécuter un examen complet" puis clique sur Rechercher.
- Sélectionne (coche) toutes tes partitions puis clique sur "Lancer l'examen".
- Lorsque le scan est terminé, un message te prévient. Clique alors sur le bouton "Montrer les résultats".
- Dans la fenêtre suivante clique sur "Supprimer la sélection". Si le programme te propose de redémarrer l'ordinateur, accepte!
- Le rapport de scan va s'afficher. Sauvegarde le puis poste son contenu.


3) Analyse ton système avec le Kaspersky Online Scanner. Tutorial.
Poste le résultat de l'analyse ici.


Comment se comporte ton système ?


Cordialement.

bonsoir,

j'espere que c'est le bon ,je ne trouve rien d'autre
mon curseur ne clignote plus il tremble
Cordialement.

ComboFix 09-06-04.04 - LOUISE 05/06/2009 0:00.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.292 [GMT 2:00]
Lancé depuis: c:\documents and settings\LOUISE\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\LOUISE\Bureau\CFScript.txt.txt
AV: Pack sécurité 8.00 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Pack sécurité 8.00 *disabled* {D4747503-0346-49EB-9262-997542F79BF4}

FILE ::
"C:\eabiiupgrade.upg"
"C:\eabusb.reg"
"c:\windows\System32\kb1ss1p.dll"
"c:\windows\System32\kb1ss1p.sys"
"c:\windows\System32\perfc009.dat"
"c:\windows\System32\perfc00C.dat"
"c:\windows\System32\perfh009.dat"
"c:\windows\System32\perfh00C.dat"
"c:\windows\System32\rsbo.exe"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\6f12ceb6d84263fb8c0096426f4eb07c
c:\6f12ceb6d84263fb8c0096426f4eb07c\baseline.dat
c:\6f12ceb6d84263fb8c0096426f4eb07c\deffactory.dat
c:\6f12ceb6d84263fb8c0096426f4eb07c\DeleteTemp.exe
c:\6f12ceb6d84263fb8c0096426f4eb07c\dlmgr.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\DW20.EXE
c:\6f12ceb6d84263fb8c0096426f4eb07c\DWINTL20.DLL
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1025.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1028.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1029.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1030.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1031.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1032.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1033.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1035.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1036.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1037.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1038.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1040.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1041.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1042.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1043.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1044.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1045.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1046.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1049.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1053.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1055.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.2052.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.2070.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.3082.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\gencomp.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\HtmlLite.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1025.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1028.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1029.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1030.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1031.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1032.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1035.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1036.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1037.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1038.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1040.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1041.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1042.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1043.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1044.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1045.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1046.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1049.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1053.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1055.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.2052.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.2070.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.3082.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\logo.bmp
c:\6f12ceb6d84263fb8c0096426f4eb07c\setup.exe
c:\6f12ceb6d84263fb8c0096426f4eb07c\setup.sdb
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1025.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1028.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1029.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1030.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1031.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1032.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1035.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1036.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1037.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1038.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1040.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1041.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1042.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1043.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1044.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1045.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1046.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1049.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1053.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1055.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.2052.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.2070.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.3082.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\SITSetup.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\vs_setup.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\vs_setup.MS_
c:\6f12ceb6d84263fb8c0096426f4eb07c\vs_setup.pdi
c:\6f12ceb6d84263fb8c0096426f4eb07c\vs70uimgr.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\vsbasereqs.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\vsscenario.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1025.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1028.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1029.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1030.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1031.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1032.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1035.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1036.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1037.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1038.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1040.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1041.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1042.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1043.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1044.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1045.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1046.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1049.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1053.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1055.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.2052.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.2070.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.3082.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapUI.dll
C:\a229c75b8df11efac14757
c:\a229c75b8df11efac14757\amd64\filterpipelineprintproc.dll
c:\a229c75b8df11efac14757\amd64\msxpsdrv.cat
c:\a229c75b8df11efac14757\amd64\msxpsdrv.inf
c:\a229c75b8df11efac14757\amd64\msxpsinc.gpd
c:\a229c75b8df11efac14757\amd64\msxpsinc.ppd
c:\a229c75b8df11efac14757\amd64\mxdwdrv.dll
c:\a229c75b8df11efac14757\amd64\xpssvcs.dll
c:\a229c75b8df11efac14757\i386\filterpipelineprintproc.dll
c:\a229c75b8df11efac14757\i386\msxpsdrv.cat
c:\a229c75b8df11efac14757\i386\msxpsdrv.inf
c:\a229c75b8df11efac14757\i386\msxpsinc.gpd
c:\a229c75b8df11efac14757\i386\msxpsinc.ppd
c:\a229c75b8df11efac14757\i386\mxdwdrv.dll
c:\a229c75b8df11efac14757\i386\xpssvcs.dll
C:\c8eddde810f61b515d
c:\c8eddde810f61b515d\$shtdwn$.req
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\ASPNET.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\ASPNET_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\clr.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\clr_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\crt.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\crt_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\dw.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\dw_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_CA.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_Core.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_Core_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_Other.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_Other_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\Netfx20a_x64.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\Netfx20a_x86.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\prexp.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\winforms.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\winforms_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\Netfx30a_x64.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\Netfx30a_x86.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\RGB9RAST_x64.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\RGB9RAST_x86.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WCF.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WCF_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WCS.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WCS_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WF.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WF_32.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WF_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WIC_x64_enu.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WIC_x86_enu.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF_Other.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF_Other_32.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF_Other_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF1.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF1_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF2.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF2_32.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF2_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\x64\msxml6.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\x86\msxml6.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\XPS.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\XPSEPSC-amd64-en-US.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\XPSEPSC-x86-en-US.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX35\ia64\netfx35_ia64.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX35\x64\netfx35_x64.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX35\x86\netfx35_x86.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFx35setup.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\ia64\NetFX2.0-KB948609-v6001-ia64.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\ia64\NetFX3.0-KB948610-v6001-ia64.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\NetFx_20_SP1_ENU_License.rtf
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\NetFx_30_SP1_ENU_License.rtf
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x64\NetFX2.0-KB936704-v6000-x64_RTM_en.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x64\NetFX2.0-KB948609-v6001-x64.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x64\NetFX3.0-KB936705-v6000-x64_RTM_en.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x64\NetFX3.0-KB948610-v6001-x64.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x86\NetFX2.0-KB936704-v6000-x86_RTM_en.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x86\NetFX2.0-KB948609-v6001-x86.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x86\NetFX3.0-KB936705-v6000-x86_RTM_en.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x86\NetFX3.0-KB948610-v6001-x86.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\Tools\clwireg.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\Tools\clwireg_ia64.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\Tools\clwireg_x64.exe
C:\eabiiupgrade.upg
C:\eabusb.reg
c:\program files\Anti Trojan Elite
c:\program files\Anti Trojan Elite\BackupDat.Dat
c:\program files\Anti Trojan Elite\regpage\reg_big5.htm
c:\program files\Anti Trojan Elite\TjEnder.ini
c:\program files\Fichiers communs\BOONTY Shared
c:\program files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
c:\program files\Internet Explorer\fxavx.ini
c:\program files\Microsoft\Search Enhancement Pack
c:\program files\Microsoft\Search Enhancement Pack\Choice Guard\CGuard.exe
c:\program files\Microsoft\Search Enhancement Pack\Choice Guard\ChoiceGuard.dll
c:\program files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll
c:\program files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
c:\program files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
c:\program files\SpyBro
c:\program files\SpyBro\TracksEraser.dat
c:\windows\_ISTMP1.DIR
c:\windows\_ISTMP1.DIR\_INS0432.INI
c:\windows\IE4 Error Log.txt
c:\windows\System32\perfc009.dat
c:\windows\System32\perfc00C.dat
c:\windows\System32\perfh009.dat
c:\windows\System32\perfh00C.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_MSDIRECTX
-------\Legacy_SEAPORT
-------\Legacy_WKSPATCH
-------\Service_SeaPort


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-04 au 2009-06-04 ))))))))))))))))))))))))))))))))))))
.

2009-06-04 04:48 . 2009-06-04 04:48 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-06-02 20:58 . 2009-06-03 04:31 -------- d-----w- c:\program files\Ad-remover
2009-06-02 19:38 . 2009-06-02 19:38 -------- d-----w- c:\program files\Trend Micro
2009-06-02 18:32 . 2009-06-02 18:32 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-06-02 18:13 . 2003-07-31 08:25 57344 ------w- c:\windows\system32\BCMWLD2K.EXE
2009-06-02 18:13 . 2003-07-31 08:25 143360 ------w- c:\windows\system32\BCMWLU00.EXE
2009-06-02 18:13 . 2003-07-31 08:25 254208 ------w- c:\windows\system32\drivers\BCMWL5.SYS
2009-06-02 18:04 . 2009-06-02 18:04 -------- d-----w- c:\windows\OPTIONS
2009-06-02 18:04 . 2009-06-02 18:04 -------- d-----w- c:\program files\CONEXANT
2009-06-02 18:03 . 2003-05-01 14:42 30592 ----a-w- c:\windows\system32\drivers\strmdisp.sys
2009-06-02 18:03 . 2003-04-14 18:53 27765 ----a-w- c:\windows\system32\HSFCI006.dll
2009-06-02 18:03 . 2002-12-11 10:22 11044 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-06-02 18:03 . 2002-12-11 08:49 69632 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-06-02 18:03 . 2003-05-01 14:40 165504 ----a-w- c:\windows\system32\drivers\HSFHWICH.sys
2009-06-02 18:03 . 2003-05-01 14:37 1107200 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2009-06-02 18:03 . 2003-05-01 14:38 622848 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2009-06-02 17:01 . 2009-06-02 17:01 -------- d-----w- c:\program files\Intel
2009-06-02 16:57 . 2003-04-02 13:02 7040 ----a-r- c:\windows\system32\drivers\ENECBPTH.sys
2009-06-02 15:39 . 2009-06-02 15:39 -------- d-----w- c:\windows\system32\IOSUBSYS
2009-06-02 12:02 . 2009-06-02 20:35 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-06-02 05:12 . 2009-06-02 05:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters
2009-06-02 05:12 . 2009-06-02 15:55 -------- d-----w- c:\program files\Fighters
2009-05-30 11:15 . 2009-05-30 11:15 -------- d-sh--w- c:\documents and settings\LOUISE\IECompatCache
2009-05-11 18:22 . 2009-05-11 18:22 -------- d-sh--w- c:\documents and settings\LOUISE\PrivacIE
2009-05-11 17:20 . 2009-05-11 17:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-05-11 17:20 . 2009-05-11 17:20 -------- d-sh--w- c:\documents and settings\LOUISE\IETldCache
2009-05-11 17:08 . 2009-05-11 17:08 -------- d-----w- c:\windows\ie8updates
2009-05-11 17:07 . 2009-04-25 05:30 102400 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-05-11 17:03 . 2009-05-11 17:07 -------- dc-h--w- c:\windows\ie8
2009-05-11 16:35 . 2009-05-11 16:35 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-11 16:35 . 2009-05-11 16:35 -------- d-----w- c:\program files\MSBuild
2009-05-11 16:34 . 2009-05-11 16:34 -------- d-----w- c:\program files\Reference Assemblies
2009-05-11 16:32 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-11 16:32 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-11 16:32 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-11 16:32 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-11 16:32 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-11 16:32 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-05-11 16:32 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-05-06 16:05 . 2009-05-06 16:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-04 22:01 . 2009-04-17 06:12 -------- d-----w- c:\program files\Microsoft
2009-06-04 20:49 . 2004-01-29 08:32 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-06-04 19:50 . 2007-11-19 21:52 -------- d-----w- c:\program files\Pack Securite
2009-06-03 05:08 . 2006-12-16 20:32 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-02 20:32 . 2007-02-17 16:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-02 18:08 . 2009-06-02 18:08 1979 --sha-r- c:\windows\system32\drivers\HP_Pavilion zd7000 (DR768E ABF)_YN_Pavi_QCNF348_E_4_I0880_SHP_V28.19_BF.05_T031107_W3_L40C_M512_J40_7Intel_8Pentium 4_92,66_1104C8026_N_P15241411_Z808624D6_K15240510_A808624D5_U808624D2_G10DE031A.MRK
2009-06-02 18:06 . 2003-07-31 22:31 -------- d-----w- c:\program files\HPQ
2009-06-02 18:04 . 2003-07-31 21:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-02 16:04 . 2008-09-23 12:27 -------- d-----w- c:\program files\Google
2009-06-02 15:45 . 2004-01-27 18:44 41506 ----a-w- c:\documents and settings\LOUISE\Application Data\wklnhst.dat
2009-05-11 17:21 . 2004-01-27 16:59 65400 ----a-w- c:\documents and settings\LOUISE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-21 11:02 . 2009-04-21 11:01 19165248 ----a-w- c:\documents and settings\LOUISE\Application Data\TomTom\HOME\Profiles\1z9tdcmu.default\Updates\v2_6_2_1586_win.exe
2009-04-20 13:57 . 2007-04-05 13:48 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-20 06:28 . 2009-04-17 06:27 -------- d-----w- c:\program files\Microsoft Silverlight
2009-04-17 06:26 . 2008-03-07 14:07 -------- d-----w- c:\program files\Windows Live
2009-04-17 06:18 . 2006-11-06 17:07 -------- d-----w- c:\program files\Windows Live Toolbar
2009-04-17 06:17 . 2009-04-17 06:17 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-04-17 06:15 . 2009-04-17 06:15 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-04-17 06:12 . 2009-04-17 06:12 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-04-11 19:00 . 2009-04-11 19:00 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-04-11 18:49 . 2008-03-28 10:17 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-04-11 18:47 . 2008-03-28 10:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-06 10:20 . 2009-04-06 10:20 19131752 ----a-w- c:\documents and settings\LOUISE\Application Data\TomTom\HOME\Profiles\1z9tdcmu.default\Updates\v2_6_1_1549_win.exe
2009-04-02 20:52 . 2009-04-02 20:52 33408 ----a-w- c:\windows\system32\drivers\fsbts.sys
2009-03-08 02:34 . 2006-04-28 13:08 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2002-08-30 01:00 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2002-08-30 01:00 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2002-08-30 01:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2002-08-30 01:00 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2002-08-30 01:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2002-08-30 01:00 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2002-08-30 01:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2002-08-30 01:00 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2002-08-30 01:00 156160 ----a-w- c:\windows\system32\msls31.dll
2006-10-08 18:28 . 2006-03-29 11:55 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupNotify"="c:\program files\HP\Digital Imaging\bin\backupnotify.exe" [2003-06-22 24576]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-09-26 206184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-06-24 4800512]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-05-22 483328]
"srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-05-22 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-05-22 610304]
"CamMonitor"="c:\program files\HP\Digital Imaging\Unload\hpqcmon.exe" [2002-10-06 90112]
"Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"ChangeICON"="c:\windows\SPMSMON.EXE" [2003-02-11 61440]
"F-Secure TNB"="c:\program files\Pack Securite\FSGUI\TNBUtil.exe" [2008-09-23 957024]
"F-Secure Manager"="c:\program files\Pack Securite\Common\FSM32.EXE" [2008-09-23 182936]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2003-06-24 323584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\LOUISE\Menu D‚marrer\Programmes\D‚marrage\
WKCALREM.LNK - c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2003-7-23 24651]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-6-12 233472]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [02/04/2009 22:52 33408]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [19/11/2007 23:55 79904]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [25/04/2004 08:39 4064]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Pack Securite\HIPS\drivers\fshs.sys [01/04/2009 12:54 66720]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17/04/2009 08:27 55152]
R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [09/07/2003 11:35 68480]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Pack Securite\Anti-Virus\minifilter\fsgk.sys [19/11/2007 23:52 86648]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Pack Securite\ORSP Client\fsorsp.exe [01/04/2009 12:54 55904]
R3 PAC7311;VGA SoC PC-Camera;c:\windows\system32\drivers\PA707UCM.SYS [27/06/2005 18:09 140800]
S2 gupdate1c9e38c3cd11312;Service Google Update (gupdate1c9e38c3cd11312);c:\program files\Google\Update\GoogleUpdate.exe [02/06/2009 16:12 133104]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [02/06/2009 15:55 30192]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys --> c:\windows\system32\DRIVERS\sis163u.sys [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Pack Securite\Anti-Virus\win2k\fsfilter.sys [19/11/2007 23:52 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Pack Securite\Anti-Virus\win2k\fsrec.sys [19/11/2007 23:52 25184]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-04 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-02 14:06]

2009-06-04 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\PACKSE~1\ANTI-V~1\fsav.exe [2007-11-19 13:35]

2009-06-04 c:\windows\Tasks\User_Feed_Synchronization-{739DC270-2AA5-48DF-92C6-90A6B8BC9D18}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-SpyBrowser - c:\program files\SpyBro\SpyBro.exe
HKCU-Run-AWMON - c:\program files\Securitoo\Av_Fw\Anti-Spyware\Ad-Monitor.exe
HKCU-Run-Livecom - c:\progra~1\Livecom\APPLIC~1\CommunicationAgent\CommunicationAgent.exe
HKCU-Run-WOOKIT - c:\progra~1\Wanadoo\Shell.exe
HKLM-Run-WOOTASKBARICON - c:\progra~1\Wanadoo\GestMaj.exe
HKLM-Run-News Service - c:\program files\Securitoo\Av_Fw\FSGUI\ispnews.exe
SafeBoot-procexp90.Sys


.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://home.free.fr/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
LSP: c:\program files\Pack Securite\FSPS\program\fslsp.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} - hxxp://auchan.fujifilmnet.com/MCLPhoto.CAB
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-05 00:07
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(628)
c:\program files\Pack Securite\FSPS\program\fslsp.dll

- - - - - - - > 'explorer.exe'(2168)
c:\windows\system32\SynTPFcs.dll
c:\windows\system32\ieframe.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Pack Securite\Anti-Virus\fsgk32st.exe
c:\program files\Pack Securite\Common\FSMA32.EXE
c:\program files\Pack Securite\Anti-Virus\fsgk32.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Pack Securite\Common\FSMB32.EXE
c:\windows\system32\PAStiSvc.exe
c:\program files\Inventel\Gateway\WLANCFG.EXE
c:\program files\Pack Securite\Common\FCH32.EXE
c:\program files\Pack Securite\Common\FAMEH32.EXE
c:\program files\Pack Securite\Anti-Virus\fsqh.exe
c:\program files\Pack Securite\FSPC\fspc.exe
c:\program files\Pack Securite\FSAUA\program\fsaua.exe
c:\program files\Pack Securite\Anti-Virus\fssm32.exe
c:\program files\Pack Securite\FWES\program\fsdfwd.exe
c:\windows\system32\wscntfy.exe
c:\program files\Pack Securite\FSAUA\program\fsus.exe
c:\program files\HP\HP Share-to-Web\hpgs2wnf.exe
c:\program files\Pack Securite\FSGUI\fsguidll.exe
c:\program files\Pack Securite\Anti-Virus\fsav32.exe
.
**************************************************************************
.
Heure de fin: 2009-06-04 0:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-04 22:17

Avant-CF: 16 416 174 080 octets libres
Après-CF: 16 316 854 272 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP �dition familiale" /fastdetect /NoExecute=OptIn

473 --- E O F --- 2009-05-26 18:46

bonsoir,

j'espere que c'est le bon ,je ne trouve rien d'autre
mon curseur ne clignote plus il tremble
Cordialement.

ComboFix 09-06-04.04 - LOUISE 05/06/2009 0:00.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.292 [GMT 2:00]
Lancé depuis: c:\documents and settings\LOUISE\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\LOUISE\Bureau\CFScript.txt.txt
AV: Pack sécurité 8.00 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Pack sécurité 8.00 *disabled* {D4747503-0346-49EB-9262-997542F79BF4}

FILE ::
"C:\eabiiupgrade.upg"
"C:\eabusb.reg"
"c:\windows\System32\kb1ss1p.dll"
"c:\windows\System32\kb1ss1p.sys"
"c:\windows\System32\perfc009.dat"
"c:\windows\System32\perfc00C.dat"
"c:\windows\System32\perfh009.dat"
"c:\windows\System32\perfh00C.dat"
"c:\windows\System32\rsbo.exe"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\6f12ceb6d84263fb8c0096426f4eb07c
c:\6f12ceb6d84263fb8c0096426f4eb07c\baseline.dat
c:\6f12ceb6d84263fb8c0096426f4eb07c\deffactory.dat
c:\6f12ceb6d84263fb8c0096426f4eb07c\DeleteTemp.exe
c:\6f12ceb6d84263fb8c0096426f4eb07c\dlmgr.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\DW20.EXE
c:\6f12ceb6d84263fb8c0096426f4eb07c\DWINTL20.DLL
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1025.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1028.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1029.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1030.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1031.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1032.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1033.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1035.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1036.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1037.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1038.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1040.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1041.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1042.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1043.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1044.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1045.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1046.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1049.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1053.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.1055.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.2052.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.2070.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\eula.3082.rtf
c:\6f12ceb6d84263fb8c0096426f4eb07c\gencomp.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\HtmlLite.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1025.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1028.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1029.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1030.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1031.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1032.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1035.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1036.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1037.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1038.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1040.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1041.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1042.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1043.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1044.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1045.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1046.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1049.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1053.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.1055.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.2052.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.2070.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.3082.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\locdata.ini
c:\6f12ceb6d84263fb8c0096426f4eb07c\logo.bmp
c:\6f12ceb6d84263fb8c0096426f4eb07c\setup.exe
c:\6f12ceb6d84263fb8c0096426f4eb07c\setup.sdb
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1025.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1028.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1029.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1030.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1031.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1032.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1035.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1036.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1037.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1038.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1040.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1041.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1042.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1043.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1044.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1045.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1046.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1049.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1053.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.1055.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.2052.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.2070.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.3082.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\setupres.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\SITSetup.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\vs_setup.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\vs_setup.MS_
c:\6f12ceb6d84263fb8c0096426f4eb07c\vs_setup.pdi
c:\6f12ceb6d84263fb8c0096426f4eb07c\vs70uimgr.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\vsbasereqs.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\vsscenario.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1025.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1028.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1029.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1030.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1031.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1032.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1035.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1036.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1037.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1038.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1040.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1041.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1042.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1043.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1044.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1045.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1046.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1049.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1053.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.1055.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.2052.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.2070.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.3082.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapRes.dll
c:\6f12ceb6d84263fb8c0096426f4eb07c\WapUI.dll
C:\a229c75b8df11efac14757
c:\a229c75b8df11efac14757\amd64\filterpipelineprintproc.dll
c:\a229c75b8df11efac14757\amd64\msxpsdrv.cat
c:\a229c75b8df11efac14757\amd64\msxpsdrv.inf
c:\a229c75b8df11efac14757\amd64\msxpsinc.gpd
c:\a229c75b8df11efac14757\amd64\msxpsinc.ppd
c:\a229c75b8df11efac14757\amd64\mxdwdrv.dll
c:\a229c75b8df11efac14757\amd64\xpssvcs.dll
c:\a229c75b8df11efac14757\i386\filterpipelineprintproc.dll
c:\a229c75b8df11efac14757\i386\msxpsdrv.cat
c:\a229c75b8df11efac14757\i386\msxpsdrv.inf
c:\a229c75b8df11efac14757\i386\msxpsinc.gpd
c:\a229c75b8df11efac14757\i386\msxpsinc.ppd
c:\a229c75b8df11efac14757\i386\mxdwdrv.dll
c:\a229c75b8df11efac14757\i386\xpssvcs.dll
C:\c8eddde810f61b515d
c:\c8eddde810f61b515d\$shtdwn$.req
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\ASPNET.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\ASPNET_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\clr.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\clr_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\crt.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\crt_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\dw.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\dw_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_CA.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_Core.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_Core_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_Other.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\NetFX_Other_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\Netfx20a_x64.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\Netfx20a_x86.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\prexp.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\winforms.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX20\winforms_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\Netfx30a_x64.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\Netfx30a_x86.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\RGB9RAST_x64.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\RGB9RAST_x86.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WCF.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WCF_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WCS.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WCS_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WF.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WF_32.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WF_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WIC_x64_enu.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WIC_x86_enu.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF_Other.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF_Other_32.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF_Other_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF1.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF1_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF2.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF2_32.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\WPF2_64.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\x64\msxml6.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\x86\msxml6.msi
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\XPS.msp
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\XPSEPSC-amd64-en-US.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX30\XPSEPSC-x86-en-US.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX35\ia64\netfx35_ia64.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX35\x64\netfx35_x64.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFX35\x86\netfx35_x86.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetFx35setup.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\ia64\NetFX2.0-KB948609-v6001-ia64.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\ia64\NetFX3.0-KB948610-v6001-ia64.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\NetFx_20_SP1_ENU_License.rtf
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\NetFx_30_SP1_ENU_License.rtf
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x64\NetFX2.0-KB936704-v6000-x64_RTM_en.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x64\NetFX2.0-KB948609-v6001-x64.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x64\NetFX3.0-KB936705-v6000-x64_RTM_en.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x64\NetFX3.0-KB948610-v6001-x64.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x86\NetFX2.0-KB936704-v6000-x86_RTM_en.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x86\NetFX2.0-KB948609-v6001-x86.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x86\NetFX3.0-KB936705-v6000-x86_RTM_en.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\dotNetMSP\x86\NetFX3.0-KB948610-v6001-x86.msu
c:\c8eddde810f61b515d\wcu\dotNetFramework\Tools\clwireg.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\Tools\clwireg_ia64.exe
c:\c8eddde810f61b515d\wcu\dotNetFramework\Tools\clwireg_x64.exe
C:\eabiiupgrade.upg
C:\eabusb.reg
c:\program files\Anti Trojan Elite
c:\program files\Anti Trojan Elite\BackupDat.Dat
c:\program files\Anti Trojan Elite\regpage\reg_big5.htm
c:\program files\Anti Trojan Elite\TjEnder.ini
c:\program files\Fichiers communs\BOONTY Shared
c:\program files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
c:\program files\Internet Explorer\fxavx.ini
c:\program files\Microsoft\Search Enhancement Pack
c:\program files\Microsoft\Search Enhancement Pack\Choice Guard\CGuard.exe
c:\program files\Microsoft\Search Enhancement Pack\Choice Guard\ChoiceGuard.dll
c:\program files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll
c:\program files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
c:\program files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
c:\program files\SpyBro
c:\program files\SpyBro\TracksEraser.dat
c:\windows\_ISTMP1.DIR
c:\windows\_ISTMP1.DIR\_INS0432.INI
c:\windows\IE4 Error Log.txt
c:\windows\System32\perfc009.dat
c:\windows\System32\perfc00C.dat
c:\windows\System32\perfh009.dat
c:\windows\System32\perfh00C.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_MSDIRECTX
-------\Legacy_SEAPORT
-------\Legacy_WKSPATCH
-------\Service_SeaPort


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-04 au 2009-06-04 ))))))))))))))))))))))))))))))))))))
.

2009-06-04 04:48 . 2009-06-04 04:48 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-06-02 20:58 . 2009-06-03 04:31 -------- d-----w- c:\program files\Ad-remover
2009-06-02 19:38 . 2009-06-02 19:38 -------- d-----w- c:\program files\Trend Micro
2009-06-02 18:32 . 2009-06-02 18:32 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-06-02 18:13 . 2003-07-31 08:25 57344 ------w- c:\windows\system32\BCMWLD2K.EXE
2009-06-02 18:13 . 2003-07-31 08:25 143360 ------w- c:\windows\system32\BCMWLU00.EXE
2009-06-02 18:13 . 2003-07-31 08:25 254208 ------w- c:\windows\system32\drivers\BCMWL5.SYS
2009-06-02 18:04 . 2009-06-02 18:04 -------- d-----w- c:\windows\OPTIONS
2009-06-02 18:04 . 2009-06-02 18:04 -------- d-----w- c:\program files\CONEXANT
2009-06-02 18:03 . 2003-05-01 14:42 30592 ----a-w- c:\windows\system32\drivers\strmdisp.sys
2009-06-02 18:03 . 2003-04-14 18:53 27765 ----a-w- c:\windows\system32\HSFCI006.dll
2009-06-02 18:03 . 2002-12-11 10:22 11044 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-06-02 18:03 . 2002-12-11 08:49 69632 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-06-02 18:03 . 2003-05-01 14:40 165504 ----a-w- c:\windows\system32\drivers\HSFHWICH.sys
2009-06-02 18:03 . 2003-05-01 14:37 1107200 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2009-06-02 18:03 . 2003-05-01 14:38 622848 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2009-06-02 17:01 . 2009-06-02 17:01 -------- d-----w- c:\program files\Intel
2009-06-02 16:57 . 2003-04-02 13:02 7040 ----a-r- c:\windows\system32\drivers\ENECBPTH.sys
2009-06-02 15:39 . 2009-06-02 15:39 -------- d-----w- c:\windows\system32\IOSUBSYS
2009-06-02 12:02 . 2009-06-02 20:35 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-06-02 05:12 . 2009-06-02 05:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters
2009-06-02 05:12 . 2009-06-02 15:55 -------- d-----w- c:\program files\Fighters
2009-05-30 11:15 . 2009-05-30 11:15 -------- d-sh--w- c:\documents and settings\LOUISE\IECompatCache
2009-05-11 18:22 . 2009-05-11 18:22 -------- d-sh--w- c:\documents and settings\LOUISE\PrivacIE
2009-05-11 17:20 . 2009-05-11 17:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-05-11 17:20 . 2009-05-11 17:20 -------- d-sh--w- c:\documents and settings\LOUISE\IETldCache
2009-05-11 17:08 . 2009-05-11 17:08 -------- d-----w- c:\windows\ie8updates
2009-05-11 17:07 . 2009-04-25 05:30 102400 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-05-11 17:03 . 2009-05-11 17:07 -------- dc-h--w- c:\windows\ie8
2009-05-11 16:35 . 2009-05-11 16:35 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-11 16:35 . 2009-05-11 16:35 -------- d-----w- c:\program files\MSBuild
2009-05-11 16:34 . 2009-05-11 16:34 -------- d-----w- c:\program files\Reference Assemblies
2009-05-11 16:32 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-11 16:32 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-11 16:32 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-11 16:32 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-11 16:32 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-11 16:32 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-05-11 16:32 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-05-06 16:05 . 2009-05-06 16:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-04 22:01 . 2009-04-17 06:12 -------- d-----w- c:\program files\Microsoft
2009-06-04 20:49 . 2004-01-29 08:32 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-06-04 19:50 . 2007-11-19 21:52 -------- d-----w- c:\program files\Pack Securite
2009-06-03 05:08 . 2006-12-16 20:32 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-02 20:32 . 2007-02-17 16:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-02 18:08 . 2009-06-02 18:08 1979 --sha-r- c:\windows\system32\drivers\HP_Pavilion zd7000 (DR768E ABF)_YN_Pavi_QCNF348_E_4_I0880_SHP_V28.19_BF.05_T031107_W3_L40C_M512_J40_7Intel_8Pentium 4_92,66_1104C8026_N_P15241411_Z808624D6_K15240510_A808624D5_U808624D2_G10DE031A.MRK
2009-06-02 18:06 . 2003-07-31 22:31 -------- d-----w- c:\program files\HPQ
2009-06-02 18:04 . 2003-07-31 21:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-02 16:04 . 2008-09-23 12:27 -------- d-----w- c:\program files\Google
2009-06-02 15:45 . 2004-01-27 18:44 41506 ----a-w- c:\documents and settings\LOUISE\Application Data\wklnhst.dat
2009-05-11 17:21 . 2004-01-27 16:59 65400 ----a-w- c:\documents and settings\LOUISE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-21 11:02 . 2009-04-21 11:01 19165248 ----a-w- c:\documents and settings\LOUISE\Application Data\TomTom\HOME\Profiles\1z9tdcmu.default\Updates\v2_6_2_1586_win.exe
2009-04-20 13:57 . 2007-04-05 13:48 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-20 06:28 . 2009-04-17 06:27 -------- d-----w- c:\program files\Microsoft Silverlight
2009-04-17 06:26 . 2008-03-07 14:07 -------- d-----w- c:\program files\Windows Live
2009-04-17 06:18 . 2006-11-06 17:07 -------- d-----w- c:\program files\Windows Live Toolbar
2009-04-17 06:17 . 2009-04-17 06:17 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-04-17 06:15 . 2009-04-17 06:15 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-04-17 06:12 . 2009-04-17 06:12 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-04-11 19:00 . 2009-04-11 19:00 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-04-11 18:49 . 2008-03-28 10:17 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-04-11 18:47 . 2008-03-28 10:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-06 10:20 . 2009-04-06 10:20 19131752 ----a-w- c:\documents and settings\LOUISE\Application Data\TomTom\HOME\Profiles\1z9tdcmu.default\Updates\v2_6_1_1549_win.exe
2009-04-02 20:52 . 2009-04-02 20:52 33408 ----a-w- c:\windows\system32\drivers\fsbts.sys
2009-03-08 02:34 . 2006-04-28 13:08 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2002-08-30 01:00 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2002-08-30 01:00 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2002-08-30 01:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2002-08-30 01:00 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2002-08-30 01:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2002-08-30 01:00 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2002-08-30 01:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2002-08-30 01:00 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2002-08-30 01:00 156160 ----a-w- c:\windows\system32\msls31.dll
2006-10-08 18:28 . 2006-03-29 11:55 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupNotify"="c:\program files\HP\Digital Imaging\bin\backupnotify.exe" [2003-06-22 24576]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-09-26 206184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-06-24 4800512]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-05-22 483328]
"srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-05-22 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-05-22 610304]
"CamMonitor"="c:\program files\HP\Digital Imaging\Unload\hpqcmon.exe" [2002-10-06 90112]
"Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"ChangeICON"="c:\windows\SPMSMON.EXE" [2003-02-11 61440]
"F-Secure TNB"="c:\program files\Pack Securite\FSGUI\TNBUtil.exe" [2008-09-23 957024]
"F-Secure Manager"="c:\program files\Pack Securite\Common\FSM32.EXE" [2008-09-23 182936]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2003-06-24 323584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\LOUISE\Menu D‚marrer\Programmes\D‚marrage\
WKCALREM.LNK - c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2003-7-23 24651]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-6-12 233472]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [02/04/2009 22:52 33408]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [19/11/2007 23:55 79904]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [25/04/2004 08:39 4064]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Pack Securite\HIPS\drivers\fshs.sys [01/04/2009 12:54 66720]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17/04/2009 08:27 55152]
R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [09/07/2003 11:35 68480]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Pack Securite\Anti-Virus\minifilter\fsgk.sys [19/11/2007 23:52 86648]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Pack Securite\ORSP Client\fsorsp.exe [01/04/2009 12:54 55904]
R3 PAC7311;VGA SoC PC-Camera;c:\windows\system32\drivers\PA707UCM.SYS [27/06/2005 18:09 140800]
S2 gupdate1c9e38c3cd11312;Service Google Update (gupdate1c9e38c3cd11312);c:\program files\Google\Update\GoogleUpdate.exe [02/06/2009 16:12 133104]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [02/06/2009 15:55 30192]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys --> c:\windows\system32\DRIVERS\sis163u.sys [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Pack Securite\Anti-Virus\win2k\fsfilter.sys [19/11/2007 23:52 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Pack Securite\Anti-Virus\win2k\fsrec.sys [19/11/2007 23:52 25184]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-04 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-02 14:06]

2009-06-04 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\PACKSE~1\ANTI-V~1\fsav.exe [2007-11-19 13:35]

2009-06-04 c:\windows\Tasks\User_Feed_Synchronization-{739DC270-2AA5-48DF-92C6-90A6B8BC9D18}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-SpyBrowser - c:\program files\SpyBro\SpyBro.exe
HKCU-Run-AWMON - c:\program files\Securitoo\Av_Fw\Anti-Spyware\Ad-Monitor.exe
HKCU-Run-Livecom - c:\progra~1\Livecom\APPLIC~1\CommunicationAgent\CommunicationAgent.exe
HKCU-Run-WOOKIT - c:\progra~1\Wanadoo\Shell.exe
HKLM-Run-WOOTASKBARICON - c:\progra~1\Wanadoo\GestMaj.exe
HKLM-Run-News Service - c:\program files\Securitoo\Av_Fw\FSGUI\ispnews.exe
SafeBoot-procexp90.Sys


.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://home.free.fr/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
LSP: c:\program files\Pack Securite\FSPS\program\fslsp.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} - hxxp://auchan.fujifilmnet.com/MCLPhoto.CAB
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-05 00:07
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(628)
c:\program files\Pack Securite\FSPS\program\fslsp.dll

- - - - - - - > 'explorer.exe'(2168)
c:\windows\system32\SynTPFcs.dll
c:\windows\system32\ieframe.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Pack Securite\Anti-Virus\fsgk32st.exe
c:\program files\Pack Securite\Common\FSMA32.EXE
c:\program files\Pack Securite\Anti-Virus\fsgk32.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Pack Securite\Common\FSMB32.EXE
c:\windows\system32\PAStiSvc.exe
c:\program files\Inventel\Gateway\WLANCFG.EXE
c:\program files\Pack Securite\Common\FCH32.EXE
c:\program files\Pack Securite\Common\FAMEH32.EXE
c:\program files\Pack Securite\Anti-Virus\fsqh.exe
c:\program files\Pack Securite\FSPC\fspc.exe
c:\program files\Pack Securite\FSAUA\program\fsaua.exe
c:\program files\Pack Securite\Anti-Virus\fssm32.exe
c:\program files\Pack Securite\FWES\program\fsdfwd.exe
c:\windows\system32\wscntfy.exe
c:\program files\Pack Securite\FSAUA\program\fsus.exe
c:\program files\HP\HP Share-to-Web\hpgs2wnf.exe
c:\program files\Pack Securite\FSGUI\fsguidll.exe
c:\program files\Pack Securite\Anti-Virus\fsav32.exe
.
**************************************************************************
.
Heure de fin: 2009-06-04 0:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-04 22:17

Avant-CF: 16 416 174 080 octets libres
Après-CF: 16 316 854 272 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP �dition familiale" /fastdetect /NoExecute=OptIn

473 --- E O F --- 2009-05-26 18:46

Bonsoir,

C'est bien le bon rapport.

Tu peux continuer la procédure.


Cordialement.

bonsoir

Lorsque le scan s'est terminé, je n'ai pas eu le message ,
- ce rapport s'est affiché directement .
est-ce bon quand même ?
cordialement

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2234
Windows 5.1.2600 Service Pack 3

05/06/2009 21:46:42
mbam-log-2009-06-05 (21-46-42).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 173259
Temps écoulé: 1 hour(s), 5 minute(s), 47 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

bonsoir
rdudu est dans le cirage je n'ai pas trouvé comment lancer l'analyse du systeme peux tu me preciser la demarche merci
Cordialement.

Bonsoir,

As-tu bien suivi les instructions du tutoriel ?

http://www.pcinfo-web.com/tutoriaux/61-1-1-%5Bguide%5D-kaspersky-online-scanner-nouvelle-version.php.

Peux-tu préciser exactement quelle est l'étape posant problème ?


Cordialement.

bonjour

je n'ai pas su quelle commande activer dans le tutoriel because mon anglais se resume a : i am sorry do not speak l'anglais
sur la page d'accueil kaspersky quand je clique "scan"un message me dit
you need to install java version 1.5 or later to run kaspersky Online scanner7.0" je clique ok- je reviens à la page d'accueil, dans la colonne info je retrouve le meme message en rouge et en bleu qui me propose un telechargement, j'y vais ?
il semble que je ne dispose pas de la version java recommandée

Cordialement.

Bonjour,

En effet, il est nécessaire de disposer de Java JRE pour faire le scan en ligne.

Télécharge et installe Java SE Runtime Environment.
Il est nécessaire de fermer tes navigateurs avant de lancer l'installation.

Tu seras ensuite en mesure de faire le scan en ligne.


Cordialement.

bonsoir
je tourne en rond,j'ai reussi a faire le scan mais je n'ai pas de rapport parceque d'apres le message "please turn off pop-up window bloker to wiew the kaspersky lab virus" je ne sais pas comment debloquer les pop-up.
cordialement

je cros que çà y est le scan est en route

Bonsoir,

C'est parfait.

bonsoir
desolé c'est a refaire je n'ai pas reussi a sortir le rapport
j'ai cliqué sur sauver le rapport ma fenetre "enregistrer" s'est ouverte
je le trouve pas il m'affichait un trojan-gamesThief.win32......
je relance pour un nouvel essais
cordialement

bonjour
c'est un miracle
aprés trois essais "windows ne peut ouvrir ce fichier"je l'ai glissé sur mon bureau pour te l'envoyer tel que il s'est ouvert
bon dimanche .
cordialement


Subscriptions | RSS Feeds | Discussions | Polls | Site Map






All Threats Viruses Hackers Spam
Whole site Viruses







Viruslist.com Search




The Virus Search only searches the virus database, which contains Kaspersky Lab malware names and all available aliases for each name. It does not search the entire site.

The Site Search searches the entire site, including the Virus Encyclopedia. It only searches for whole words, and not for strings, as the Virus Search does. Therefore a search conducted with Virus Search will give different results from those shown for a Site Search.





Home / Search
Search
All site search Virus search

Check this box to only search viruses which have a description
Check this box to search for Kaspersky Lab names only (no aliases included in search)


Phrase to find: "Trojan-GameThief.Win32.OnLineGames.dzm"
Found: 0






Copyright © 1996 - 2009
Kaspersky Lab
Industry-leading Antivirus Software
All rights reserved

Email: webmaster@viruslist.com

bonjour
danns la fenêtre SCAN report je lisais
file name : C:\windows\système32\KB1SS1P.OLL
Threat name : Trojan-GameThief.Win32.OnlineGames.dmz
Threat count : 1

tout semble fonctionner comme avant
cordialement

Bonsoir,

Désactive tes logiciels de sécurité durant la procédure.

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


Comment se comporte le système ?


Cordialement.

bonsoir
mes icones ont disparu pendant le scan
un redemarrage a eu lieu avant la preparation du compte rendu
mon poste de travail s'ouvre seul au redemarrage pendant la preparation du compte rendu c'était déjà le cas avant, l'ouverture de MSN, de internet sont encore lentes meme si çà s'est bien amelioré, j'ai du desinstaller google earth dont les images sont devenues illisibles, mon pack sécurité s'est ouvert en cours de scan et pendant la preparation du rapport pour me dire "danger, desactivé".
dans la soirée ,il était actif et m'a affiché un message trojan detecté comme idiqué dans mon dernier message
bonne nuit.
cordialemet

ComboFix 09-06-07.02 - LOUISE 07/06/2009 23:39.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.298 [GMT 2:00]
Lancé depuis: c:\documents and settings\LOUISE\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\LOUISE\Bureau\CFScript.txt
AV: Pack sécurité 8.00 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Pack sécurité 8.00 *disabled* {D4747503-0346-49EB-9262-997542F79BF4}

FILE ::
"c:\windows\système32\KB1SS1P.DLL"
"c:\windows\système32\KB1SS1P.OLL"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\NortonInstaller
c:\documents and settings\All Users\Application Data\NortonInstaller\Logs\06-04-2009-06h48m27s\SymNRT-06-04-2009-06h48m27s.log
c:\documents and settings\All Users\Application Data\NortonInstaller\Logs\06-04-2009-06h48m27s\SymNRT.1.mft.7z
c:\documents and settings\All Users\Application Data\NortonInstaller\Logs\06-04-2009-22h48m33s\SymNRT-06-04-2009-22h48m33s.log
c:\documents and settings\All Users\Application Data\NortonInstaller\Logs\06-04-2009-22h48m33s\SymNRT.1.mft.7z
c:\documents and settings\All Users\Application Data\NortonInstaller\Settings\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.7z
c:\program files\Fichiers communs\Symantec Shared
c:\program files\Fichiers communs\Symantec Shared\ccLgView.GID
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ATE_PROCMON
-------\Service_ATE_PROCMON


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-07 au 2009-06-07 ))))))))))))))))))))))))))))))))))))
.

2009-06-06 16:17 . 2009-06-06 16:17 -------- d-----w- c:\windows\Sun
2009-06-06 15:57 . 2009-06-06 15:57 -------- dc----w- C:\Sun
2009-06-06 15:43 . 2009-06-06 16:08 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-05 18:05 . 2009-06-05 18:05 -------- d-----w- c:\documents and settings\LOUISE\Application Data\Malwarebytes
2009-06-05 18:05 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-05 18:05 . 2009-06-05 18:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-05 18:05 . 2009-06-05 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-05 18:05 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-05 15:18 . 2009-06-05 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-06-02 20:58 . 2009-06-03 04:31 -------- d-----w- c:\program files\Ad-remover
2009-06-02 19:38 . 2009-06-02 19:38 -------- d-----w- c:\program files\Trend Micro
2009-06-02 18:32 . 2009-06-02 18:32 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-06-02 18:13 . 2003-07-31 08:25 57344 ------w- c:\windows\system32\BCMWLD2K.EXE
2009-06-02 18:13 . 2003-07-31 08:25 143360 ------w- c:\windows\system32\BCMWLU00.EXE
2009-06-02 18:13 . 2003-07-31 08:25 254208 ------w- c:\windows\system32\drivers\BCMWL5.SYS
2009-06-02 18:04 . 2009-06-02 18:04 -------- d-----w- c:\windows\OPTIONS
2009-06-02 18:04 . 2009-06-02 18:04 -------- d-----w- c:\program files\CONEXANT
2009-06-02 18:03 . 2003-05-01 14:42 30592 ----a-w- c:\windows\system32\drivers\strmdisp.sys
2009-06-02 18:03 . 2003-04-14 18:53 27765 ----a-w- c:\windows\system32\HSFCI006.dll
2009-06-02 18:03 . 2002-12-11 10:22 11044 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-06-02 18:03 . 2002-12-11 08:49 69632 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-06-02 18:03 . 2003-05-01 14:40 165504 ----a-w- c:\windows\system32\drivers\HSFHWICH.sys
2009-06-02 18:03 . 2003-05-01 14:37 1107200 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2009-06-02 18:03 . 2003-05-01 14:38 622848 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2009-06-02 17:01 . 2009-06-02 17:01 -------- d-----w- c:\program files\Intel
2009-06-02 16:57 . 2003-04-02 13:02 7040 ----a-r- c:\windows\system32\drivers\ENECBPTH.sys
2009-06-02 15:39 . 2009-06-02 15:39 -------- d-----w- c:\windows\system32\IOSUBSYS
2009-06-02 12:02 . 2009-06-02 20:35 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-06-02 05:12 . 2009-06-02 05:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters
2009-06-02 05:12 . 2009-06-02 15:55 -------- d-----w- c:\program files\Fighters
2009-05-30 11:15 . 2009-05-30 11:15 -------- d-sh--w- c:\documents and settings\LOUISE\IECompatCache
2009-05-11 18:22 . 2009-05-11 18:22 -------- d-sh--w- c:\documents and settings\LOUISE\PrivacIE
2009-05-11 17:20 . 2009-05-11 17:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-05-11 17:20 . 2009-05-11 17:20 -------- d-sh--w- c:\documents and settings\LOUISE\IETldCache
2009-05-11 17:08 . 2009-05-11 17:08 -------- d-----w- c:\windows\ie8updates
2009-05-11 17:07 . 2009-04-25 05:30 102400 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-05-11 17:03 . 2009-05-11 17:07 -------- dc-h--w- c:\windows\ie8
2009-05-11 16:35 . 2009-05-11 16:35 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-11 16:35 . 2009-05-11 16:35 -------- d-----w- c:\program files\MSBuild
2009-05-11 16:34 . 2009-05-11 16:34 -------- d-----w- c:\program files\Reference Assemblies
2009-05-11 16:32 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-11 16:32 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-11 16:32 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-11 16:32 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-11 16:32 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-11 16:32 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-05-11 16:32 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-07 21:33 . 2007-11-19 21:52 -------- d-----w- c:\program files\Pack Securite
2009-06-07 17:34 . 2008-09-23 12:27 -------- d-----w- c:\program files\Google
2009-06-06 16:52 . 2002-09-16 12:02 78104 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-06-06 16:08 . 2003-07-31 22:34 -------- d-----w- c:\program files\Java
2009-06-05 10:36 . 2004-01-27 18:44 41506 ----a-w- c:\documents and settings\LOUISE\Application Data\wklnhst.dat
2009-06-04 22:01 . 2009-04-17 06:12 -------- d-----w- c:\program files\Microsoft
2009-06-03 05:08 . 2006-12-16 20:32 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-02 20:32 . 2007-02-17 16:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-02 18:08 . 2009-06-02 18:08 1979 --sha-r- c:\windows\system32\drivers\HP_Pavilion zd7000 (DR768E ABF)_YN_Pavi_QCNF348_E_4_I0880_SHP_V28.19_BF.05_T031107_W3_L40C_M512_J40_7Intel_8Pentium 4_92,66_1104C8026_N_P15241411_Z808624D6_K15240510_A808624D5_U808624D2_G10DE031A.MRK
2009-06-02 18:06 . 2003-07-31 22:31 -------- d-----w- c:\program files\HPQ
2009-06-02 18:04 . 2003-07-31 21:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-11 17:21 . 2004-01-27 16:59 65400 ----a-w- c:\documents and settings\LOUISE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-21 11:02 . 2009-04-21 11:01 19165248 ----a-w- c:\documents and settings\LOUISE\Application Data\TomTom\HOME\Profiles\1z9tdcmu.default\Updates\v2_6_2_1586_win.exe
2009-04-20 13:57 . 2007-04-05 13:48 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-20 06:28 . 2009-04-17 06:27 -------- d-----w- c:\program files\Microsoft Silverlight
2009-04-17 06:26 . 2008-03-07 14:07 -------- d-----w- c:\program files\Windows Live
2009-04-17 06:18 . 2006-11-06 17:07 -------- d-----w- c:\program files\Windows Live Toolbar
2009-04-17 06:17 . 2009-04-17 06:17 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-04-17 06:15 . 2009-04-17 06:15 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-04-17 06:12 . 2009-04-17 06:12 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-04-11 19:00 . 2009-04-11 19:00 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-04-11 18:49 . 2008-03-28 10:17 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-04-11 18:47 . 2008-03-28 10:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-06 10:20 . 2009-04-06 10:20 19131752 ----a-w- c:\documents and settings\LOUISE\Application Data\TomTom\HOME\Profiles\1z9tdcmu.default\Updates\v2_6_1_1549_win.exe
2009-04-02 20:52 . 2009-04-02 20:52 33408 ----a-w- c:\windows\system32\drivers\fsbts.sys
2006-10-08 18:28 . 2006-03-29 11:55 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-06-04_22.08.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-07 21:45 . 2009-06-07 21:45 16384 c:\windows\temp\Perflib_Perfdata_e4.dat
+ 2009-06-06 16:09 . 2009-06-06 16:08 148888 c:\windows\system32\javaws.exe
+ 2009-06-06 16:09 . 2009-06-06 16:08 144792 c:\windows\system32\javaw.exe
+ 2009-06-06 16:09 . 2009-06-06 16:08 144792 c:\windows\system32\java.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupNotify"="c:\program files\HP\Digital Imaging\bin\backupnotify.exe" [2003-06-22 24576]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-09-26 206184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-07 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-06-24 4800512]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-05-22 483328]
"srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-05-22 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-05-22 610304]
"CamMonitor"="c:\program files\HP\Digital Imaging\Unload\hpqcmon.exe" [2002-10-06 90112]
"Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"ChangeICON"="c:\windows\SPMSMON.EXE" [2003-02-11 61440]
"F-Secure TNB"="c:\program files\Pack Securite\FSGUI\TNBUtil.exe" [2008-09-23 957024]
"F-Secure Manager"="c:\program files\Pack Securite\Common\FSM32.EXE" [2008-09-23 182936]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-06 148888]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2003-06-24 323584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\LOUISE\Menu D‚marrer\Programmes\D‚marrage\
WKCALREM.LNK - c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2003-7-23 24651]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-6-12 233472]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [02/04/2009 22:52 33408]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [19/11/2007 23:55 79904]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [25/04/2004 08:39 4064]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Pack Securite\HIPS\drivers\fshs.sys [01/04/2009 12:54 66720]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17/04/2009 08:27 55152]
R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [09/07/2003 11:35 68480]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Pack Securite\Anti-Virus\minifilter\fsgk.sys [19/11/2007 23:52 86648]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Pack Securite\ORSP Client\fsorsp.exe [01/04/2009 12:54 55904]
R3 PAC7311;VGA SoC PC-Camera;c:\windows\system32\drivers\PA707UCM.SYS [27/06/2005 18:09 140800]
S2 gupdate1c9e5f17fb505be;Service Google Update (gupdate1c9e5f17fb505be);c:\program files\Google\Update\GoogleUpdate.exe [05/06/2009 17:22 133104]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [02/06/2009 15:55 30192]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys --> c:\windows\system32\DRIVERS\sis163u.sys [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Pack Securite\Anti-Virus\win2k\fsfilter.sys [19/11/2007 23:52 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Pack Securite\Anti-Virus\win2k\fsrec.sys [19/11/2007 23:52 25184]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-23 13:25]

2009-06-07 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-05 15:22]

2009-06-07 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\PACKSE~1\ANTI-V~1\fsav.exe [2007-11-19 13:35]

2009-06-07 c:\windows\Tasks\User_Feed_Synchronization-{739DC270-2AA5-48DF-92C6-90A6B8BC9D18}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://home.free.fr/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
LSP: c:\program files\Pack Securite\FSPS\program\fslsp.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} - hxxp://auchan.fujifilmnet.com/MCLPhoto.CAB
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-07 23:45
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(560)
c:\program files\Pack Securite\FWES\Program\fsdc32.dll

- - - - - - - > 'lsass.exe'(616)
c:\program files\Pack Securite\FSPS\program\fslsp.dll
c:\program files\Pack Securite\FWES\Program\fsdc32.dll

- - - - - - - > 'explorer.exe'(3660)
c:\windows\system32\SynTPFcs.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll

- - - - - - - > 'csrss.exe'(532)
c:\program files\Pack Securite\FWES\Program\fsdc32.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Pack Securite\Anti-Virus\fsgk32st.exe
c:\program files\Pack Securite\Common\FSMA32.EXE
c:\program files\Pack Securite\Anti-Virus\fsgk32.exe
c:\program files\Pack Securite\Common\FSMB32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Pack Securite\Common\FCH32.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Pack Securite\Common\FAMEH32.EXE
c:\program files\Pack Securite\Anti-Virus\fsqh.exe
c:\program files\Pack Securite\FSPC\fspc.exe
c:\windows\system32\PAStiSvc.exe
c:\program files\Inventel\Gateway\WLANCFG.EXE
c:\windows\system32\wscntfy.exe
c:\program files\Pack Securite\FSAUA\program\fsaua.exe
c:\program files\Pack Securite\Anti-Virus\fssm32.exe
c:\program files\Pack Securite\FWES\program\fsdfwd.exe
c:\program files\HP\HP Share-to-Web\hpgs2wnf.exe
c:\program files\Pack Securite\FSGUI\fsguidll.exe
c:\program files\Pack Securite\Anti-Virus\fsav32.exe
.
**************************************************************************
.
Heure de fin: 2009-06-07 23:56 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-07 21:56
ComboFix2.txt 2009-06-04 22:17

Avant-CF: 16 153 292 800 octets libres
Après-CF: 16 232 816 640 octets libres

246 --- E O F --- 2009-05-26 18:46

Bonjour,

L'infection a été éradiquée.
Il est normal que les icônes du bureaux disparaissent durant le scan avec ComboFix. De même, les logiciels de sécurité sont temporairement désactivés afin de ne pas interagir avec l'outil.

L'ouverture du Poste de Travail est causé par un processus non-infectieux.
A ce propos, le nombre de processus se lançant au démarrage peuvent être responsables des ralentissements.

Aimerais-tu que nous optimisions ton système ?


Cordialement.

bonsoir
5 minutes pour revenir sur le forum
depuis la mise en route de ma machine
j'ai effectivement une masse de processus je ne pense pas que ce soit normal mais chaque fois qu'une application plante je fais "ctrl alt+" je vois ce nombre d'applications, mais bien sur je ne sais jamais lesquelles arreter,alors oui bien sur si ce n'est pas abuser je veux bien ,quand je vois mon ddr tourner plein pot 5 mn pour rien j'ai mal merci.
cordialement

Bonsoir,

Désactive tes logiciels de sécurité durant la procédure.

1) Désinstalle les applications suivantes (si présentes) via ajout/suppression de programmes :

Google Update
Google Desktop Search


2) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


Le système est-il plus rapide ?


Cordialement.

bonsoir
je ne sais plus si j'ai encore des soucis
je viens de reouvrir le forum en 25 secondes
voilà bien longtemps que çà n'avait été aussi rapide
mon anti virus est un pack securité f secur fourni par le neuf
as-tu mieux a me conseiller , merci.
cordialement.



ComboFix 09-06-07.02 - LOUISE 08/06/2009 19:57.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.256 [GMT 2:00]
Lancé depuis: c:\documents and settings\LOUISE\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\LOUISE\Bureau\CFScript.txt
AV: Pack sécurité 8.00 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Pack sécurité 8.00 *disabled* {D4747503-0346-49EB-9262-997542F79BF4}

FILE ::
"c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk"
"c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk"
"c:\documents and settings\LOUISE\Menu Démarrer\Programmes\Démarrage\WKCALREM.LNK"
"c:\windows\Tasks\Google Software Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachine.job"
"c:\windows\Tasks\Scheduled scanning task.job"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
c:\documents and settings\LOUISE\Menu Démarrer\Programmes\Démarrage\WKCALREM.LNK
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachine.job
c:\windows\Tasks\Scheduled scanning task.job

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GUSVC
-------\Service_gusvc


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-08 au 2009-06-08 ))))))))))))))))))))))))))))))))))))
.

2009-06-06 16:17 . 2009-06-06 16:17 -------- d-----w- c:\windows\Sun
2009-06-06 15:57 . 2009-06-06 15:57 -------- dc----w- C:\Sun
2009-06-06 15:43 . 2009-06-06 16:08 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-05 18:05 . 2009-06-05 18:05 -------- d-----w- c:\documents and settings\LOUISE\Application Data\Malwarebytes
2009-06-05 18:05 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-05 18:05 . 2009-06-05 18:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-05 18:05 . 2009-06-05 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-05 18:05 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-05 15:18 . 2009-06-05 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-06-02 20:58 . 2009-06-03 04:31 -------- d-----w- c:\program files\Ad-remover
2009-06-02 19:38 . 2009-06-02 19:38 -------- d-----w- c:\program files\Trend Micro
2009-06-02 18:32 . 2009-06-02 18:32 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-06-02 18:13 . 2003-07-31 08:25 57344 ------w- c:\windows\system32\BCMWLD2K.EXE
2009-06-02 18:13 . 2003-07-31 08:25 143360 ------w- c:\windows\system32\BCMWLU00.EXE
2009-06-02 18:13 . 2003-07-31 08:25 254208 ------w- c:\windows\system32\drivers\BCMWL5.SYS
2009-06-02 18:04 . 2009-06-02 18:04 -------- d-----w- c:\windows\OPTIONS
2009-06-02 18:04 . 2009-06-02 18:04 -------- d-----w- c:\program files\CONEXANT
2009-06-02 18:03 . 2003-05-01 14:42 30592 ----a-w- c:\windows\system32\drivers\strmdisp.sys
2009-06-02 18:03 . 2003-04-14 18:53 27765 ----a-w- c:\windows\system32\HSFCI006.dll
2009-06-02 18:03 . 2002-12-11 10:22 11044 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-06-02 18:03 . 2002-12-11 08:49 69632 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-06-02 18:03 . 2003-05-01 14:40 165504 ----a-w- c:\windows\system32\drivers\HSFHWICH.sys
2009-06-02 18:03 . 2003-05-01 14:37 1107200 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2009-06-02 18:03 . 2003-05-01 14:38 622848 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2009-06-02 17:01 . 2009-06-02 17:01 -------- d-----w- c:\program files\Intel
2009-06-02 16:57 . 2003-04-02 13:02 7040 ----a-r- c:\windows\system32\drivers\ENECBPTH.sys
2009-06-02 15:39 . 2009-06-02 15:39 -------- d-----w- c:\windows\system32\IOSUBSYS
2009-06-02 12:02 . 2009-06-02 20:35 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-06-02 05:12 . 2009-06-02 05:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters
2009-06-02 05:12 . 2009-06-02 15:55 -------- d-----w- c:\program files\Fighters
2009-05-30 11:15 . 2009-05-30 11:15 -------- d-sh--w- c:\documents and settings\LOUISE\IECompatCache
2009-05-11 18:22 . 2009-05-11 18:22 -------- d-sh--w- c:\documents and settings\LOUISE\PrivacIE
2009-05-11 17:20 . 2009-05-11 17:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-05-11 17:20 . 2009-05-11 17:20 -------- d-sh--w- c:\documents and settings\LOUISE\IETldCache
2009-05-11 17:08 . 2009-05-11 17:08 -------- d-----w- c:\windows\ie8updates
2009-05-11 17:07 . 2009-04-25 05:30 102400 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-05-11 17:03 . 2009-05-11 17:07 -------- dc-h--w- c:\windows\ie8
2009-05-11 16:35 . 2009-05-11 16:35 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-11 16:35 . 2009-05-11 16:35 -------- d-----w- c:\program files\MSBuild
2009-05-11 16:34 . 2009-05-11 16:34 -------- d-----w- c:\program files\Reference Assemblies
2009-05-11 16:32 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-11 16:32 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-11 16:32 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-11 16:32 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-11 16:32 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-11 16:32 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-05-11 16:32 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-08 18:02 . 2008-09-23 12:27 -------- d-----w- c:\program files\Google
2009-06-08 16:15 . 2007-11-19 21:52 -------- d-----w- c:\program files\Pack Securite
2009-06-06 16:52 . 2002-09-16 12:02 78104 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-06-06 16:08 . 2003-07-31 22:34 -------- d-----w- c:\program files\Java
2009-06-05 10:36 . 2004-01-27 18:44 41506 ----a-w- c:\documents and settings\LOUISE\Application Data\wklnhst.dat
2009-06-04 22:01 . 2009-04-17 06:12 -------- d-----w- c:\program files\Microsoft
2009-06-03 05:08 . 2006-12-16 20:32 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-02 20:32 . 2007-02-17 16:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-02 18:08 . 2009-06-02 18:08 1979 --sha-r- c:\windows\system32\drivers\HP_Pavilion zd7000 (DR768E ABF)_YN_Pavi_QCNF348_E_4_I0880_SHP_V28.19_BF.05_T031107_W3_L40C_M512_J40_7Intel_8Pentium 4_92,66_1104C8026_N_P15241411_Z808624D6_K15240510_A808624D5_U808624D2_G10DE031A.MRK
2009-06-02 18:06 . 2003-07-31 22:31 -------- d-----w- c:\program files\HPQ
2009-06-02 18:04 . 2003-07-31 21:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-11 17:21 . 2004-01-27 16:59 65400 ----a-w- c:\documents and settings\LOUISE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-21 11:02 . 2009-04-21 11:01 19165248 ----a-w- c:\documents and settings\LOUISE\Application Data\TomTom\HOME\Profiles\1z9tdcmu.default\Updates\v2_6_2_1586_win.exe
2009-04-20 13:57 . 2007-04-05 13:48 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-20 06:28 . 2009-04-17 06:27 -------- d-----w- c:\program files\Microsoft Silverlight
2009-04-17 06:26 . 2008-03-07 14:07 -------- d-----w- c:\program files\Windows Live
2009-04-17 06:18 . 2006-11-06 17:07 -------- d-----w- c:\program files\Windows Live Toolbar
2009-04-17 06:17 . 2009-04-17 06:17 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-04-17 06:15 . 2009-04-17 06:15 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-04-17 06:12 . 2009-04-17 06:12 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-04-11 19:00 . 2009-04-11 19:00 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-04-11 18:49 . 2008-03-28 10:17 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-04-11 18:47 . 2008-03-28 10:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-06 10:20 . 2009-04-06 10:20 19131752 ----a-w- c:\documents and settings\LOUISE\Application Data\TomTom\HOME\Profiles\1z9tdcmu.default\Updates\v2_6_1_1549_win.exe
2009-04-02 20:52 . 2009-04-02 20:52 33408 ----a-w- c:\windows\system32\drivers\fsbts.sys
2006-10-08 18:28 . 2006-03-29 11:55 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-06-04_22.08.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-08 18:03 . 2009-06-08 18:03 16384 c:\windows\temp\Perflib_Perfdata_47c.dat
+ 2009-06-06 16:09 . 2009-06-06 16:08 148888 c:\windows\system32\javaws.exe
+ 2009-06-06 16:09 . 2009-06-06 16:08 144792 c:\windows\system32\javaw.exe
+ 2009-06-06 16:09 . 2009-06-06 16:08 144792 c:\windows\system32\java.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-05-22 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-05-22 610304]
"F-Secure TNB"="c:\program files\Pack Securite\FSGUI\TNBUtil.exe" [2008-09-23 957024]
"F-Secure Manager"="c:\program files\Pack Securite\Common\FSM32.EXE" [2008-09-23 182936]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-06 148888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [02/04/2009 22:52 33408]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [19/11/2007 23:55 79904]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [25/04/2004 08:39 4064]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Pack Securite\HIPS\drivers\fshs.sys [01/04/2009 12:54 66720]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17/04/2009 08:27 55152]
R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [09/07/2003 11:35 68480]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Pack Securite\Anti-Virus\minifilter\fsgk.sys [19/11/2007 23:52 86648]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Pack Securite\ORSP Client\fsorsp.exe [01/04/2009 12:54 55904]
R3 PAC7311;VGA SoC PC-Camera;c:\windows\system32\drivers\PA707UCM.SYS [27/06/2005 18:09 140800]
S2 gupdate1c9e5f17fb505be;Service Google Update (gupdate1c9e5f17fb505be);c:\program files\Google\Update\GoogleUpdate.exe [05/06/2009 17:22 133104]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys --> c:\windows\system32\DRIVERS\sis163u.sys [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Pack Securite\Anti-Virus\win2k\fsfilter.sys [19/11/2007 23:52 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Pack Securite\Anti-Virus\win2k\fsrec.sys [19/11/2007 23:52 25184]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-08 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\PACKSE~1\ANTI-V~1\fsav.exe [2007-11-19 13:35]

2009-06-08 c:\windows\Tasks\User_Feed_Synchronization-{739DC270-2AA5-48DF-92C6-90A6B8BC9D18}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://home.free.fr/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
LSP: c:\program files\Pack Securite\FSPS\program\fslsp.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} - hxxp://auchan.fujifilmnet.com/MCLPhoto.CAB
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 20:03
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(560)
c:\program files\Pack Securite\FWES\Program\fsdc32.dll

- - - - - - - > 'lsass.exe'(616)
c:\program files\Pack Securite\FSPS\program\fslsp.dll
c:\program files\Pack Securite\FWES\Program\fsdc32.dll

- - - - - - - > 'explorer.exe'(2232)
c:\windows\system32\SynTPFcs.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\eappprxy.dll

- - - - - - - > 'csrss.exe'(532)
c:\program files\Pack Securite\FWES\Program\fsdc32.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Pack Securite\Anti-Virus\fsgk32st.exe
c:\program files\Pack Securite\Common\FSMA32.EXE
c:\program files\Pack Securite\Anti-Virus\fsgk32.exe
c:\program files\Pack Securite\Common\FSMB32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Pack Securite\Common\FCH32.EXE
c:\program files\Pack Securite\Common\FAMEH32.EXE
c:\program files\Pack Securite\Anti-Virus\fsqh.exe
c:\program files\Pack Securite\FSPC\fspc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PAStiSvc.exe
c:\program files\Inventel\Gateway\WLANCFG.EXE
c:\program files\Pack Securite\FSGUI\fsguidll.exe
c:\program files\Pack Securite\FSAUA\program\fsaua.exe
c:\program files\Pack Securite\Anti-Virus\fssm32.exe
c:\program files\Pack Securite\FWES\program\fsdfwd.exe
c:\program files\Pack Securite\FSAUA\program\fsus.exe
c:\program files\Pack Securite\Anti-Virus\fsav32.exe
.
**************************************************************************
.
Heure de fin: 2009-06-08 20:14 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-08 18:14
ComboFix2.txt 2009-06-07 21:56
ComboFix3.txt 2009-06-04 22:17

Avant-CF: 19 098 841 088 octets libres
Après-CF: 19 091 931 136 octets libres

227 --- E O F --- 2009-05-26 18:46

bonsoir
en fait je viens d'etteindre et de ralumer mon ordi ,le demarrage en manuel met bien plus de temps a se faire que le redemarrage auto
c'est une fausse joie,excuses.
cordialement .

Bonsoir,

F-Secure est un antivirus plutôt exigeant en ressources et ses capacités sont moyennes.

Si tu désires changer d'AV, je ne peux que te conseiller AntiVir.

Ce logiciel est très léger en mémoire et ses capacités antivirales ne sont plus à démontrer.


Suppression des outils

1) Télécharge ToolsCleaner2 de A.Rothstein et enregistre-le sur ton bureau.


2) Double-clique sur ToolsCleaner2.exe pour lancer l'outil.

- Clique sur le bouton Recherche.
- Une fois la recherche terminée, clique sur le bouton Suppression.

- Copie/colle le rapport et poste-le dans ta prochaine réponse.

Tu peux ensuite supprimer ToolsCleaner.


Sécurisation de l'ordinateur

Ta version d'Adobe Reader n'est pas à jour. Des failles de sécurité peuvent permettre l'infection de ton ordinateur. Plus d'informations.

- Désinstalle ta version actuelle.
- Télécharge et installe Adobe Reader 9.1.


Cordialement.

bonjour
j'ai desinstallé f-secure je ne peux pas faire l'inscription a AVIRA
une connection SSL est requise pour l'activation et n'a pas pu être réalisée "fact.exe"serait bloqué par un pare feu ?
le rapport ci dessous est partiel j'avais mis un premier rapport mais internet s'est fermé avant que je n'ai envoyé
cordialement.

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Documents and Settings\LOUISE\Bureau\ComboFix.exe: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\LOUISE\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!

Bonjour,

As-tu téléchargé AntiVir depuis le lien indiqué dans mon précédent message ?

Supprime ComboFix de ton bureau.


Cordialement.

bonsoir
oui comme chaque fois que tu me propose un lien,j'ai reinstallé f secure pour ne pas rester sans couverture il pese + de 760 M j'en ai moins de 600 de disponible çà explique bien des chose et je m'en doutais un peu,bon et bien je te dois un grand merci pour l'aide que tu m'as apportée tout au long de cette semaine çà rame beaucoup moins et ç'est propre .encore merci.
cordialement.

Bonsoir,

Si AntiVir ne s'est pas installé correctement, suis les instructions ci-dessous :

1) Désinstalle AntiVir.

2) Télécharge puis décompacte F-Secure Uninstallation Tool.

- Lance l'outil et laisse-le travailler.


3) Réinstalle AntiVir.


Cordialement

bonjour
genial, tu es le meilleur çà marche antivir est actif
voilà son premier rapport et tellement plus rapide
encore un grand merci
cordialement


Avira AntiVir Personal
Date de création du fichier de rapport : mercredi 10 juin 2009 09:02

La recherche porte sur 1284893 souches de virus.

Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : LOUISE
Nom de l'ordinateur : CAMION

Informations de version :
BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 12:20:54
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 06:41:14
ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 13:58:20
Version du moteur : 8.2.0.100
AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 16:36:42
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 19:01:56
AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 10:44:25
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 12:06:10
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:56
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 14:49:16
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:56
AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 12:06:10
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 13:22:44
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:26
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 12:49:32
RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05

Configuration pour la recherche actuelle :
Nom de la tâche...............................: Bref contrôle système après installation
Fichier de configuration......................: c:\program files\avira\antivir desktop\setupprf.dat
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: arrêt
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Sélection de fichiers intelligente
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+SPR,

Début de la recherche : mercredi 10 juin 2009 09:02

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avconfig.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'setup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'presetup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avira_antivir_personal_fr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wltuser.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WLANCFG.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PAStiSvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleUpdate.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SynTPLpr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'37' processus ont été contrôlés avec '37' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :

La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '55' fichiers).



Fin de la recherche : mercredi 10 juin 2009 09:02
Temps nécessaire: 00:15 Minute(s)

La recherche a été effectuée intégralement

0 Les répertoires ont été contrôlés
457 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
0 Impossible de contrôler des fichiers
457 Fichiers non infectés
3 Les archives ont été contrôlées
0 Avertissements
0 Consignes

Bonsoir,

Antivir a effectué ici un scan de contrôle.

Configure AntiVir selon les instructions données par cette vidéo.

- Fais un scan complet de tous tes disques durs.
- Poste le rapport de scan dans ta prochaine réponse.


Cordialement.

bonsoir
je suis mal ce soir j'ai beau cliquer sur tout ce qui me parle de configuacion, configurando ,como configurar Avira 9, quoi que je fasse je ne quitte pas la 1ere page "you tube" j'ai telechargé et installé la derniere version flash player.je n'ai pas su aller plus loin

cordialement.