Depuis qqs temps , de nombreuses de pages de pub s'ouvrent avec le symbole ~ avant le nom du site (dans la barre bleu), stop pub, anti virus, anti spm rien ne contre ces pages indésirables. Avez-vous une solution ? D'avance merc

ok, tu va faire se si maintenant



# Etape 1/ Télécharge :

- Navilog1 http://pagesperso-orange.fr/il.mafioso/Navifix/Navilog1.exe (IL-MAFIOSO) sur ton Bureau.
Double clique sur navilog1.exe pour lancer l'installation. Une fois l'installation terminée, le fix s'exécutera automatiquement
(si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau). Laisse-toi guider. Au menu principal, choisis 1 et valide.
Patiente jusqu'au message " Analyse Termine le .....". Appuie sur une touche comme demandé, le blocnote va s'ouvrir, poste-le maintenant et passe à la suite.

à tous les deux

http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/vi(...)

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 2400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Frédéric ( Administrator )
BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)


A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:38 Go (Free:9 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - CDFS - Total:2 Go (Free:0 Go)


Recherche executé en mode normal

*** Recherche Programmes installés ***

Favorit

*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudÉ~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudÉ~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\arnaud\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\arnaud\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\menud+~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\arnaud\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !

*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bfzvjmbf"="\"c:\\documents and settings\\fr‚d‚ric.fffff-cc0edbb9f\\local settings\\application data\\bfzvjmbf.exe\" bfzvjmbf"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ymiqy"="\"c:\\documents and settings\\fr‚d‚ric.fffff-cc0edbb9f\\local settings\\application data\\ymiqy.exe\" ymiqy"


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

hdwqmnidwr.dat trouvé !

* Dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\locals~1\applic~1" :

ymiqy.exe trouvé !
ymiqy.dat trouvé !
ymiqy_nav.dat trouvé !
ymiqy_navps.dat trouvé !

* Dans "C:\DOCUME~1\arnaud\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 11/01/2009 à 18:50:50,31 ***

re,bon, tu est bien infecter navipromo

relance navilog1 option 2

ensuite poste moi un raport hijacthis http://www.pcentraide.com/index.php?showtopic=796

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 2400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Frédéric ( Administrator )
BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)


A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:38 Go (Free:9 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - CDFS - Total:2 Go (Free:0 Go)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\locals~1\applic~1" *


* Suppression dans "C:\DOCUME~1\arnaud\locals~1\applic~1" *


*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudÉ~1\progra~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudÉ~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\arnaud\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\arnaud\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\menud+~1\progra~1" ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


C:\WINDOWS\prefetch\bfzvjmbf*.pf trouvé !
Copie C:\WINDOWS\prefetch\bfzvjmbf*.pf réalisée avec succès !
C:\WINDOWS\prefetch\bfzvjmbf*.pf supprimé !

hdwqmnidwr.dat trouvé !
Copie hdwqmnidwr.dat réalisée avec succès !
hdwqmnidwr.dat supprimé !

C:\WINDOWS\prefetch\ymiqy*.pf trouvé !
Copie C:\WINDOWS\prefetch\ymiqy*.pf réalisée avec succès !
C:\WINDOWS\prefetch\ymiqy*.pf supprimé !


* Dans "C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\locals~1\applic~1" *


ymiqy.exe trouvé !
Copie ymiqy.exe réalisée avec succès !
ymiqy.exe supprimé !

ymiqy.dat trouvé !
Copie ymiqy.dat réalisée avec succès !
ymiqy.dat supprimé !

ymiqy_nav.dat trouvé !
Copie ymiqy_nav.dat réalisée avec succès !
ymiqy_nav.dat supprimé !

ymiqy_navps.dat trouvé !
Copie ymiqy_navps.dat réalisée avec succès !
ymiqy_navps.dat supprimé !


* Dans "C:\DOCUME~1\arnaud\locals~1\applic~1" *



*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***



*** Nettoyage terminé le 11/01/2009 à 19:14:00,90 ***

ok,peux tu me fair un hijacthis svp

lien http://www.pcentraide.com/index.php?showtopic=796

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:30, on 11/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\msvmsvcv.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ManyCam 2.3\ManyCam.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {04079851-5845-4dea-848C-3ECD647AA554} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [msvmsvcv] C:\WINDOWS\system32\msvmsvcv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.3\ManyCam.exe"
O4 - HKCU\..\Run: [msvmsvcv] C:\WINDOWS\system32\msvmsvcv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageupload(...)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housec(...)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://arnaudlengletfrance.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O24 - Desktop Component 0: (no name) - file:///C:/Documents%20and%20Settings/Fr%E9d%E9ric.FFFFF-CC0EDBB9F/Mes%20docu(...)
O24 - Desktop Component 1: (no name) - http://www.autorevue.cz/Obrazky/2005/09zari/407coupe/66.jpg
O24 - Desktop Component 2: (no name) - file:///C:/Documents%20and%20Settings/Fr%E9d%E9ric.FFFFF-CC0EDBB9F/Local%20Se(...)

--
End of file - 10415 bytes

re,ensuite fais de si

fais ceci: Télécharge et installe MalwareBytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour en cliquant sur onglet mise à jour

redémarre ton PC en mode sans échec,tapote sur la touche F8 avant apparition du logo Microsoft, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur


tu fais Double clique sur le raccourci de MalwareBytes qui est sur le bureau.
Clique sur onglet recherche et dans la nouvelle fenêtre coche « Examen complet »
et clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareBytes n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareBytes a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste moi ensuite ce rapport.

Si MalwareByte a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareBytes ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php
Tu est en plus infecté dans ton système de restauration ,donc apres
MalwareBytes,on fera une manip sut ta restauration

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1643
Windows 5.1.2600 Service Pack 3

11/01/2009 20:52:02
mbam-log-2009-01-11 (20-51-53).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 148794
Temps écoulé: 1 hour(s), 2 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

ok,relance malwaire et va dans la quarantaine et suprime la selection
copie et colle le raport dans ta prochaine reponse

Il est supprimé , il n'y plus rien dans quarantaine.


alwarebytes' Anti-Malware 1.32
Version de la base de données: 1643
Windows 5.1.2600 Service Pack 3

11/01/2009 21:22:30
mbam-log-2009-01-11 (21-22-30).txt

Type de recherche: Examen rapide
Eléments examinés: 79616
Temps écoulé: 8 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

ok,pourrait tu faire se si maintenant

http://commentcestfait.forumactif.net/tutos-securite-f31/tutorielad-remover-t(...)

merci pour tout le temps que tu passes avec moi.
log ad remover

------- Logfile of AD-Remover 1.0.8.9 by C_XX | ONLY XP/VISTA -------

# START AT: 21:35:44 | Dim 11/01/2009 | Microsoft® Windows XP™ SP3 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: FRED | USER: Fr‚d‚ric ( Current user is an administrator)
# DRIVE(S):
# System Drive: C:\
# Windows Directory: C:\WINDOWS\
# System Directory: C:\WINDOWS\system32\

--- RUNNING PROCESSES: 31

+--------------------| Boonty/Boonty Games Elements found :

.
.

+--------------------| Eorezo Elements found :

.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\user.cyp
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\host.cyp
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather.cfg
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoClockVal.cfg
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoClockVal_2AAB2F6.cfg
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoClock.cfg
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\towns.cfg
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\16.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\17.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\11.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\8.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\9.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\1.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\10.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\2.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\5.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\18.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\12.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\6.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\19.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\7.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\4.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\13.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\3.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\33.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\14.txt
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\db\cat.nfo
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\EoWeather.cfg
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\69_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\69_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\78_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\78_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\82_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\82_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\83_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\83_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\84_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\84_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\85_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\85_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\89_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\89_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\back.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\background_2days.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\background_7days.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\backPressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\close.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\closePressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\fonds_‚cran.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\help.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\helpPressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\minimise.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\minimisePressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\next.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\nextPressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\option.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\optionPressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\earth.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\Thumbs.db
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\background_1days.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\background.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\background_1.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\67_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\67_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\70_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\70_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\txt_14x13.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_station_meteo\about.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\back.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\background_2days.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\background_7days.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\backPressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\close.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\closePressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionClose.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\fonds_‚cran.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\help.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\helpPressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\minimise.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\minimisePressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\next.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\nextPressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\option.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\optionPressed.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\reflet_ecran.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\earth.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\Thumbs.db
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\background_1days.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\background_1.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\background.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\small_background.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\85_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\67_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\69_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\69_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\67_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\70_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\70_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\82_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\82_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\78_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\78_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\84_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\84_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\83_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\83_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\85_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\89_day.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\89_night.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\band.png
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo\EoWeather\images_classic\band_small.png

+--------------------| Everest Casino/Everest Poker Elements found :

.
.

+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :

.
HKLM\SOFTWARE\Classes\Interface\{04079853-5845-4DEA-848C-3ECD647AA554}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWaySearchAssistant
HKLM\SOFTWARE\Classes\MyWaySearchAssistant.Auxiliary
HKLM\SOFTWARE\Classes\MyWaySearchAssistant.Auxiliary.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04079851-5845-4dea-848C-3ECD647AA554}
.

+--------------------| It's TV Elements found :

HKCU\SOFTWARE\ItsLabel
HKLM\SOFTWARE\ItsLabel
.
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\ItsLabel
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\ItsLabel\ItsTV
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\ItsLabel\ItsTV\itsTV.xml

+--------------------| Sweetim Elements found :

.
.

+--------------------| ADDED SCAN :


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\o10xvmvu.default\prefs.js :

~~~~ Mozilla FireFox version 2.0.0.17 ~~~~

* Browser Startup HomePage: "http://lo.st"

.
FOUND - user_pref("browser.startup.homepage", "http://lo.st");

+---------------------------------------------------------------------------+


~~~~ Internet Explorer version 7.0.5730.13 ~~~~

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.neufportail.fr/

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://go.microsoft.com/fwlink/?LinkId=69157

+---------------------------------------------------------------------------+

[~16663 bytes] - "C:\AD-report-Scan-11.01.2009.log"

# END at: 21:36:37 | 11/01/2009 - Time elapsed: 52.3 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 187 lines ]
+---------------------------------------------------------------------------+

est ce que je lance le nettoyage et supprime tout ce qu'il me propose ?

ok relance ad remover qu an il te demandera se qui faut suprime fait se si

eorezo 2
MyWaySearchAssistant. 4

et ensuite s pour la selection coches (suprime)

c'est fait, voici le log

------- Logfile of AD-Remover 1.0.8.9 by C_XX | ONLY XP/VISTA -------

*** Limited to ***

Eorezo
Funwebproduct/MyWay/MyWebsearch

******************

# START AT: 21:51:55 | Dim 11/01/2009 | Microsoft® Windows XP™ SP3 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: FRED | USER: Fr‚d‚ric ( Current user is an administrator)
# DRIVE(S):
# System Drive: C:\
# Windows Directory: C:\WINDOWS\
# System Directory: C:\WINDOWS\system32\

--- RUNNING PROCESSES: 32

(!) ---- IE start pages reset

+--------------------| Eorezo Elements Deleted :

.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Fr‚d‚ric.FFFFF-CC0EDBB9F\Application Data\EoRezo

+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

.
HKLM\SOFTWARE\Classes\Interface\{04079853-5845-4DEA-848C-3ECD647AA554}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWaySearchAssistant
HKLM\SOFTWARE\Classes\MyWaySearchAssistant.Auxiliary
HKLM\SOFTWARE\Classes\MyWaySearchAssistant.Auxiliary.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04079851-5845-4dea-848C-3ECD647AA554}
.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+--------------------| ADDED SCAN :


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\o10xvmvu.default\prefs.js :

~~~~ Mozilla FireFox version 2.0.0.17 ~~~~

* Browser Startup HomePage: "http://lo.st"

.
REMOVED - user_pref("browser.startup.homepage", "http://lo.st");

+---------------------------------------------------------------------------+


~~~~ Internet Explorer version 7.0.5730.13 ~~~~

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

[~16999 bytes] - "C:\AD-report-Scan-11.01.2009.log"
[~2435 bytes] - "C:\AD-report-Clean-11.01.2009.log"

# END at: 21:52:47 | 11/01/2009 - Time elapsed: 51.2 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 50 lines ]
+---------------------------------------------------------------------------+

J'ai relance ad remover et le nttoyage mais les lignes 2 et 4 sont tjrs là

ok,bon dans un premier temp comment se porte le pc !!

ensuite fait se si http://www.pcentraide.com/index.php?showtopic=15045

Je ne vois pas bcp de chgt au niveau du pc, le programme Smitfraudfix.cmd ne fonctionne pas. il s'ouvre et lorsque il me demande d'appuyer sur une touche la fenètre disparait

re,ok peut tu le refaire en mode sans echec svp

tuto mode sans eschec http://www.pcloisirs.eu/mode_sans_echec.htm

c'est identique en mode sans echec la fenetre se ferme lorsque j'appuie sur une touche

re,essaye se si

http://forum.telecharger.01net.com/microhebdo/questions-techniques-diverses/t(...)

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 2400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Frédéric ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:38 Go (Free:9 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - CDFS - Total:2 Go (Free:0 Go)
F:\ (USB) - FAT - Total:124 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 11/01/2009|22:31 )

--------------------\\ Listing des dossiers dans APPLIC~1

[03/03/2006|21:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[03/03/2006|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[03/03/2006|21:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[03/03/2006|21:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[04/03/2006|13:15] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft

[27/03/2006|20:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[10/08/2008|17:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[28/12/2008|11:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[03/08/2008|16:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[21/03/2006|22:01] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bluetooth
[14/12/2006|17:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\CA
[18/06/2006|19:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Emjysoft
[05/09/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\FLEXnet
[23/12/2006|16:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[01/11/2007|18:40] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Macrovision
[29/06/2008|21:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[24/09/2008|14:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[04/03/2006|13:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[29/06/2008|16:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Skype
[27/05/2006|18:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[20/05/2006|13:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[14/09/2007|17:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar

[04/03/2006|13:15] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft

[04/03/2006|13:15] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft

[04/03/2006|17:55] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\ABBYY
[18/03/2006|18:45] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Adobe
[27/03/2006|20:55] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\AdobeUM
[10/08/2008|17:44] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Apple Computer
[04/03/2006|18:03] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\ArcSoft
[03/08/2008|16:04] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\AVGTOOLBAR
[10/12/2008|20:17] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\com.uplayme.airclient.9B472EFF9A3BAE26509EDFEDD3D8214233BACDB1.1
[15/10/2006|23:16] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\EPSON
[29/03/2008|22:20] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\FileZilla
[23/12/2006|11:23] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Google
[04/10/2006|21:07] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Help
[04/03/2006|14:25] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Identities
[28/12/2008|00:02] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\InstallShield
[20/04/2008|23:50] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\ItsLabel
[01/11/2008|12:00] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\JAM Software
[28/12/2006|23:30] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\LameFE
[22/03/2006|19:41] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Lavasoft
[18/06/2006|08:24] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Leadertech
[05/12/2006|20:54] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\LimeWire
[09/04/2006|17:35] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\LogProtect
[06/03/2006|18:18] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Macromedia
[29/06/2008|21:49] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Malwarebytes
[28/06/2007|23:22] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Media Player Classic
[04/03/2006|13:15] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Microsoft
[22/08/2007|14:57] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Mozilla
[27/03/2008|21:19] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Notepad++
[12/02/2008|12:52] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\OpenOffice.org2
[28/12/2008|00:08] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Panasonic
[09/04/2006|13:44] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Sierra
[29/06/2008|16:58] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Skype
[29/06/2008|17:00] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\skypePM
[04/03/2006|17:57] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Smart Panel
[09/03/2006|22:49] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\Sun
[29/12/2006|18:17] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\utorrent
[08/10/2007|19:09] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\WinRAR
[15/11/2006|21:02] C:\DOCUME~1\FR�D�R~1.FFF\APPLIC~1\XnView

[30/10/2006|22:17] C:\DOCUME~1\arnaud\APPLIC~1\Adobe
[31/07/2007|12:08] C:\DOCUME~1\arnaud\APPLIC~1\AdobeUM
[23/08/2008|18:43] C:\DOCUME~1\arnaud\APPLIC~1\Apple Computer
[31/05/2007|22:04] C:\DOCUME~1\arnaud\APPLIC~1\ArcSoft
[30/07/2007|23:32] C:\DOCUME~1\arnaud\APPLIC~1\DivX
[23/04/2008|10:07] C:\DOCUME~1\arnaud\APPLIC~1\EoRezo
[01/01/2008|22:53] C:\DOCUME~1\arnaud\APPLIC~1\FileZilla
[04/01/2007|18:05] C:\DOCUME~1\arnaud\APPLIC~1\Google
[26/09/2006|17:54] C:\DOCUME~1\arnaud\APPLIC~1\Identities
[23/04/2008|10:07] C:\DOCUME~1\arnaud\APPLIC~1\ItsLabel
[17/10/2007|18:05] C:\DOCUME~1\arnaud\APPLIC~1\Jasc
[26/09/2006|17:54] C:\DOCUME~1\arnaud\APPLIC~1\LogProtect
[26/09/2006|17:57] C:\DOCUME~1\arnaud\APPLIC~1\Macromedia
[13/10/2007|15:22] C:\DOCUME~1\arnaud\APPLIC~1\Media Player Classic
[04/03/2006|13:15] C:\DOCUME~1\arnaud\APPLIC~1\Microsoft
[01/08/2007|23:05] C:\DOCUME~1\arnaud\APPLIC~1\Mozilla
[06/08/2007|22:09] C:\DOCUME~1\arnaud\APPLIC~1\Notepad++
[31/05/2007|22:01] C:\DOCUME~1\arnaud\APPLIC~1\Smart Panel
[31/01/2007|15:38] C:\DOCUME~1\arnaud\APPLIC~1\Sun
[11/08/2007|15:48] C:\DOCUME~1\arnaud\APPLIC~1\teamspeak2
[07/10/2007|16:08] C:\DOCUME~1\arnaud\APPLIC~1\WinRAR

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[10/10/2008 12:40][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[11/01/2009 22:21][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[20/04/2008|23:47] C:\Program Files\7-Zip
[04/03/2006|17:55] C:\Program Files\ABBYY
[03/03/2008|18:07] C:\Program Files\ABC Amber Text2Image Converter
[07/08/2005|22:37] C:\Program Files\Accessoires
[27/03/2006|20:54] C:\Program Files\Adobe
[11/01/2009|21:34] C:\Program Files\Ad-remover
[10/08/2008|17:43] C:\Program Files\Apple Software Update
[04/03/2006|17:54] C:\Program Files\ArcSoft
[26/10/2006|22:59] C:\Program Files\ASoft
[09/03/2008|23:03] C:\Program Files\a-squared Anti-Malware
[01/08/2006|00:26] C:\Program Files\ATI Technologies
[18/10/2008|22:20] C:\Program Files\AudacityPortable
[03/08/2008|16:19] C:\Program Files\Avira
[30/05/2007|16:23] C:\Program Files\Bodom-Child - RaBBi
[20/05/2006|21:32] C:\Program Files\CDBurnerXP Pro 3
[31/12/2007|12:20] C:\Program Files\Dofus
[25/05/2007|18:21] C:\Program Files\Dofus-Arena
[01/04/2006|15:54] C:\Program Files\EA Games
[02/01/2007|16:25] C:\Program Files\eMule
[04/03/2006|17:52] C:\Program Files\epson
[08/08/2007|17:12] C:\Program Files\FairUse Wizard 2
[07/08/2005|22:37] C:\Program Files\Fichiers communs
[01/01/2008|22:51] C:\Program Files\FileZilla Client
[20/06/2007|21:52] C:\Program Files\FlashGet
[18/10/2008|22:12] C:\Program Files\Freecorder
[05/05/2008|19:52] C:\Program Files\Getif 2.2
[23/12/2006|11:23] C:\Program Files\Google
[09/06/2007|00:18] C:\Program Files\GUILD WARS
[04/03/2006|17:43] C:\Program Files\HP DeskJet 720C Series v10.3
[02/01/2007|16:52] C:\Program Files\Illustrate
[08/08/2005|23:29] C:\Program Files\InstallShield Installation Information
[07/08/2005|22:37] C:\Program Files\Internet Explorer
[01/04/2006|21:52] C:\Program Files\i-voyager46
[21/03/2006|21:58] C:\Program Files\IVT Corporation
[27/03/2008|19:19] C:\Program Files\IZArc
[17/10/2007|18:03] C:\Program Files\Jasc Software Inc
[04/08/2007|17:27] C:\Program Files\Java
[24/03/2006|21:00] C:\Program Files\jv16 PowerTools 2005
[08/12/2006|18:42] C:\Program Files\KC Softwares
[11/06/2007|23:58] C:\Program Files\K-Lite Codec Pack
[24/06/2007|16:06] C:\Program Files\KroniK the Online Game
[26/03/2006|10:50] C:\Program Files\Larousse
[21/08/2006|22:48] C:\Program Files\Lavalys
[29/06/2008|21:49] C:\Program Files\Malwarebytes' Anti-Malware
[10/12/2008|20:11] C:\Program Files\ManyCam 2.3
[03/03/2006|21:51] C:\Program Files\Messenger
[24/09/2008|13:47] C:\Program Files\Messenger Plus! Live
[31/03/2006|21:41] C:\Program Files\Micro Application
[03/03/2006|21:54] C:\Program Files\microsoft frontpage
[06/10/2007|16:23] C:\Program Files\Microsoft FrontPage Express
[06/12/2006|17:50] C:\Program Files\Microsoft Games
[04/03/2006|18:17] C:\Program Files\Microsoft Money
[04/03/2006|17:39] C:\Program Files\Microsoft Office
[21/06/2006|18:03] C:\Program Files\MindArk
[04/10/2006|18:30] C:\Program Files\MINDSCAPE
[20/10/2006|21:52] C:\Program Files\minitel
[03/03/2006|21:52] C:\Program Files\Movie Maker
[01/08/2007|23:05] C:\Program Files\Mozilla Firefox
[23/03/2008|22:46] C:\Program Files\MSECache
[30/08/2008|14:33] C:\Program Files\msn
[17/06/2006|08:37] C:\Program Files\MSN Apps
[03/03/2006|21:51] C:\Program Files\MSN Gaming Zone
[19/05/2006|12:32] C:\Program Files\MSN Messenger
[14/08/2007|23:44] C:\Program Files\MSXML 4.0
[11/01/2009|18:47] C:\Program Files\Navilog1
[03/03/2006|21:52] C:\Program Files\NetMeeting
[30/07/2007|21:30] C:\Program Files\Neuf
[06/08/2007|22:09] C:\Program Files\Notepad++
[05/12/2006|19:53] C:\Program Files\OneMX
[07/08/2005|22:37] C:\Program Files\Outlook Express
[28/12/2008|00:02] C:\Program Files\Panasonic
[09/11/2008|20:16] C:\Program Files\Panda Security
[29/11/2006|22:35] C:\Program Files\QuickTime
[22/03/2006|19:45] C:\Program Files\RegCleaner
[12/12/2008|22:23] C:\Program Files\SCleaner
[04/03/2006|13:31] C:\Program Files\Services en ligne
[09/04/2006|13:39] C:\Program Files\Sierra
[02/08/2006|12:11] C:\Program Files\Sierra On-Line
[29/06/2008|16:57] C:\Program Files\Skype
[04/03/2006|17:52] C:\Program Files\Smart Panel
[20/10/2006|23:27] C:\Program Files\SpYAv
[27/05/2006|18:58] C:\Program Files\Spybot - Search & Destroy
[20/05/2008|23:11] C:\Program Files\Sunbelt Software
[15/10/2006|19:30] C:\Program Files\Ulead GIF Animator 2.0
[30/07/2007|23:31] C:\Program Files\Ulead Systems
[24/09/2008|13:47] C:\Program Files\Windows Live
[19/06/2007|21:52] C:\Program Files\Windows Live Safety Center
[14/09/2007|17:47] C:\Program Files\Windows Live Toolbar
[02/11/2007|17:02] C:\Program Files\Windows Media Connect 2
[13/12/2005|23:11] C:\Program Files\Windows Media Player
[03/03/2006|21:51] C:\Program Files\Windows NT
[14/08/2005|15:26] C:\Program Files\WindowsUpdate
[07/10/2007|16:07] C:\Program Files\WinRAR
[11/02/2006|21:56] C:\Program Files\Wintuneup Pro
[14/12/2005|20:42] C:\Program Files\WinZip
[08/04/2007|20:36] C:\Program Files\Xamus
[03/03/2006|21:55] C:\Program Files\xerox
[31/12/2006|17:46] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/12/2005|21:56] C:\Program Files\Fichiers communs\Adaptec Shared
[27/03/2006|20:45] C:\Program Files\Fichiers communs\Adobe
[10/12/2008|20:15] C:\Program Files\Fichiers communs\Adobe AIR
[05/02/2006|20:15] C:\Program Files\Fichiers communs\Designer
[08/08/2005|23:29] C:\Program Files\Fichiers communs\FTL Shared
[08/08/2005|23:28] C:\Program Files\Fichiers communs\InstallShield
[04/08/2007|17:24] C:\Program Files\Fichiers communs\Java
[01/11/2007|18:38] C:\Program Files\Fichiers communs\Macromedia Shared
[07/08/2005|22:37] C:\Program Files\Fichiers communs\Microsoft Shared
[03/03/2006|21:52] C:\Program Files\Fichiers communs\MSSoap
[09/08/2005|21:53] C:\Program Files\Fichiers communs\ODBC
[07/08/2005|22:39] C:\Program Files\Fichiers communs\SERVICES
[29/06/2008|16:57] C:\Program Files\Fichiers communs\Skype
[03/03/2006|21:46] C:\Program Files\Fichiers communs\SpeechEngines
[19/08/2006|10:00] C:\Program Files\Fichiers communs\SWF Studio
[07/08/2005|22:38] C:\Program Files\Fichiers communs\SYSTEM
[19/08/2006|09:54] C:\Program Files\Fichiers communs\Thraex Software

--------------------\\ Process

( 34 Processes )

iexplore.exe ~ [PID:2880]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\FRÉDÉR~1.FFF\Cookies\frédéric@advertising[1].txt
C:\DOCUME~1\FRÉDÉR~1.FFF\Cookies\frédéric@adopt.euroclick[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-11 22:32:48
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\FR�D�R~1.FFF\Bureau\Images portable fl et sons portable\Ice Crack.jpg
C:\DOCUME~1\FR�D�R~1.FFF\Bureau\Images portable fl et sons portable\Images\Ice Crack.jpg
C:\DOCUME~1\FR�D�R~1.FFF\Bureau\kart\ImTOO.CD.Ripper.1.0.10.Keygen.exe


[F:7][D:1]-> C:\DOCUME~1\FR�D�R~1.FFF\LOCALS~1\Temp
[F:61][D:0]-> C:\DOCUME~1\FR�D�R~1.FFF\Cookies
[F:1148][D:9]-> C:\DOCUME~1\FR�D�R~1.FFF\LOCALS~1\TEMPOR~1\content.IE5
[F:30][D:2]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 11/01/2009|22:33 - Option : [1]

--------------------\\ Fin du rapport a 22:33:43

ok,dans un premier temp peut tu desinstaller tes crack

ensuite relancer tool barsd option 2

voila se qui a suprime

C:\DOCUME~1\FR�D�R~1.FFF\Bureau\Images portable fl et sons portable\Ice Crack.jpg
C:\DOCUME~1\FR�D�R~1.FFF\Bureau\Images portable fl et sons portable\Images\Ice Crack.jpg
C:\DOCUME~1\FR�D�R~1.FFF\Bureau\kart\ImTOO.CD.Ripper.1.0.10.Keygen.exe

voilà c'est fait, tu m'avais parlé d'un virus au niveau de la restauration tout à l'heure ?

non,je crois pas ,comment va le pc
c mieux

la navigation semble plus rapide et il n'y a plus toutes ces pages de pub qui s'ouvraient, je te remercie pour tout le temps que tu viens de passer et ce que tu as fait. Le problème est donc résolu. Merci beaucoup et bonsoir

ok,ha j avai oublier un dernier chose veut tu desinstaller adob reader il n et pas a jour tien je t envoie le lien pour le metre a jour
http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/1(...)

ensuite noublie pas de metre resolu svp

aller bon surf

Bonsoir,


Tu oublies quelque chose.

il faut le supprimer ? et comment je fais ?

Bonjour,

Télécharge OTViewIt de OldTimer sur ton bureau.

- Ferme toutes les fenêtres et applications.
- Double clique sur OTViewIt.exe pour le lancer.
- Dans la liste déroulante "File Age" choisis : 30 days (ou selon votre choix)
- Clique sur le bouton "Run Scan".
- Patiente quelques minutes.
- le bloc note va s'ouvrir, poste les deux rapports obtenus dans ta prochaine réponse.


Note : FlashGet contient un spyware. Je te conseille de le désinstaller.


Cordialement.

Bonsoir,

Poste également le rapport C:\rsit\extras.txt

bonsoir,
pour flash get c'est fait
voiçi le premier

OTViewIt logfile created on: 14/01/2009 22:53:38 - Run 3
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Local Settings\Temporary Internet Files\Content.IE5\K1PIADGY
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 151,13 Mb Available Physical Memory | 29,55% Memory free
1,22 Gb Paging File | 0,86 Gb Available in Paging File | 70,39% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,28 Gb Total Space | 10,20 Gb Free Space | 26,64% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
Drive E: | 2,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FRED
Current User Name: Frédéric
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2005/08/04 05:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
[2008/10/23 20:48:38 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
[2005/08/04 05:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
[2008/01/07 17:56:32 | 00,366,712 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Anti-Malware\a2service.exe
[2008/06/12 14:28:46 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
[1998/02/15 04:00:48 | 00,617,984 | ---- | M] ( ) -- C:\WINDOWS\system32\msvmsvcv.exe
[2008/03/28 23:37:20 | 00,413,696 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
[2008/01/28 11:43:40 | 02,097,488 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[2008/10/14 07:02:16 | 01,791,272 | ---- | M] (ManyCam LLC) -- C:\Program Files\ManyCam 2.3\ManyCam.exe
[2008/10/23 20:48:24 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
[2005/04/06 16:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
[2006/03/04 17:56:00 | 00,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
[2008/05/27 19:35:30 | 00,040,960 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
[2008/04/14 04:34:28 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/10/15 08:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[2009/01/14 22:53:36 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Local Settings\Temporary Internet Files\Content.IE5\K1PIADGY\OTViewIt[1].exe

========== (O23) Win32 Services ==========

[2008/01/07 17:56:32 | 00,366,712 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware [Auto | Running])
[2008/10/23 20:48:38 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
[2008/10/23 20:48:24 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])
[2004/07/15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2005/08/04 05:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2005/04/06 16:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service [Auto | Running])
[2006/03/04 17:56:00 | 00,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA [Auto | Running])
[2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2007/11/01 18:38:34 | 00,068,096 | ---- | M] () -- C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service [On_Demand | Stopped])
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services ==========

[2008/04/14 03:54:30 | 00,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\amdk7.sys -- (AmdK7 [System | Running])
[2005/08/04 05:10:18 | 01,273,344 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2001/08/23 16:59:36 | 00,075,392 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\atimpae.sys -- (atirage3 [On_Demand | Stopped])
[2007/02/27 15:25:02 | 00,011,840 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
[2008/05/20 16:29:42 | 00,052,032 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
[2008/11/25 21:43:16 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
[2005/05/31 15:40:20 | 00,020,480 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\blueletaudio.sys -- (BlueletAudio [On_Demand | Running])
[2005/04/30 14:48:58 | 00,010,804 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\btnetdrv.sys -- (BT [On_Demand | Running])
[2005/05/31 09:42:28 | 00,023,000 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped])
[2005/04/30 14:50:20 | 00,011,860 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\vbtenum.sys -- (BTHidEnum [On_Demand | Running])
[2005/04/30 14:50:10 | 00,028,271 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr [Boot | Running])
[2006/09/27 21:31:06 | 00,008,864 | ---- | M] () -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA [Auto | Running])
[2008/12/25 11:57:56 | 00,002,080 | ---- | M] () -- C:\WINDOWS\system32\drivers\dHook.sys -- (EnumHook2 [On_Demand | Stopped])
[2001/08/17 20:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\DRIVERS\fetnd5.sys -- (FETNDIS [On_Demand | Running])
[1998/08/13 15:45:28 | 00,052,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\HPFECP14.SYS -- (HPFECP14 [Auto | Running])
[2008/01/14 11:06:32 | 00,021,632 | ---- | M] (ManyCam LLC.) -- C:\WINDOWS\system32\DRIVERS\ManyCam.sys -- (ManyCam [On_Demand | Running])
[2004/08/05 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/05 12:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
[2005/11/24 13:51:38 | 00,245,248 | R--- | M] (Ralink Technology, Corp.) -- C:\WINDOWS\system32\DRIVERS\rt73.sys -- (RT73 [On_Demand | Stopped])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
[2007/03/01 10:34:22 | 00,028,352 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
[2008/12/14 17:25:44 | 00,023,600 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS -- (TVICHW32 [On_Demand | Stopped])
[2008/04/13 20:36:40 | 00,044,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\uagp35.sys -- (uagp35 [Boot | Running])
[2008/04/13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
[2004/10/19 13:37:38 | 00,061,312 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\VComm.sys -- (VComm [On_Demand | Running])
[2005/03/25 17:18:48 | 00,082,148 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running])
[2004/02/04 10:28:00 | 00,134,144 | ---- | M] (Copyright (C) VIA/S3 Graphics, Inc.) -- C:\WINDOWS\system32\DRIVERS\vtmini.sys -- (viagfx [On_Demand | Stopped])
[2004/09/06 09:01:56 | 00,161,536 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio [On_Demand | Running])
[2004/08/05 12:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])
[2004/08/17 05:44:22 | 00,091,263 | R--- | M] (VM) -- C:\WINDOWS\System32\Drivers\usbVM31b.sys -- (ZSMC301b [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://fr.msn.com/

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Page_Transitions"=
"Search Page"=http://home.microsoft.com/access/allinone.asp
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}
"Start Page"=http://www.neufportail.fr/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} (HKLM) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
{243B17DE-77C7-46BF-B94B-0B5F309A0E64} (HKLM) -- C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{A057A204-BACC-4D26-9990-79A187E2698E} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{A057A204-BACC-4D26-9990-79A187E2698E}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH)
"msvmsvcv"=C:\WINDOWS\system32\msvmsvcv.exe ( )
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ManyCam"="C:\Program Files\ManyCam 2.3\ManyCam.exe" (ManyCam LLC)
"msvmsvcv"=C:\WINDOWS\system32\msvmsvcv.exe ( )
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

========== (O4) Startup Folders ==========

[2008/05/27 19:35:30 | 00,040,960 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
File not found -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Menu Démarrer\Programmes\Démarrage\Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoClose"=0
"NoLogoff"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"DisableRegistryTools"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoClose"=1
"NoLogoff"=1
"NoActiveDesktop"=0
"ClassicShell"=0
"ForceActiveDesktopOn"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableChangePassword"=1
"DisableLockWorkstation"=1
"DisableRegistryTools"=0

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: Reg Error: Value does not exist or could not be read. File not found
E&xporter vers Microsoft Excel: Reg Error: Value does not exist or could not be read. File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{77BF5300-1474-4EC7-9980-D32B190E9B07}: Button: Skype -- %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008/09/29 17:57:50 | 01,082,880 | ---- | M] (Skype Technologies S.A.)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 04:34:14 | 01,695,232 | -HS- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 04:34:14 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2008/09/29 17:57:50 | 01,082,880 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{7F9DB11C-E358-4ca6-A83D-ACC663939424} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | -HS- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{00B71CFB-6864-4346-A978-C0A14556272C}: http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab -- Checkers Class
{14B87622-7E19-4EA8-93B3-97215F77A6BC}: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab -- MessengerStatsClient Class
{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab -- Shockwave ActiveX Control
{17492023-C23A-453E-A040-C7C580BBF700}: http://go.microsoft.com/fwlink/?linkid=39204 -- Windows Genuine Advantage Validation Tool
{1FF43AD5-2262-4C2F-81D4-26D710C3F305}: http://mannequin.redoute.fr/activex/Mannequin.cab -- VB2S Mannequin Virtuel Control
{20A60F0D-9AFA-4515-A0FD-83BD84642501}: http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab -- Checkers Class
{2917297F-F02B-4B9D-81DF-494B6333150B}: http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab -- Minesweeper Flags Class
{41564D57-9980-0010-8000-00AA00389B71}: http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36E(...) -- Reg Error: Key does not exist or could not be opened.
{5D6F45B3-9043-443D-A792-115447494D24}: http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab -- UnoCtrl Class
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://www.zebulon.fr/scan8/oscan8.cab -- BDSCANONLINE Control
{67DABFBF-D0AB-41FA-9C46-CC0F21721616}: http://go.divx.com/plugin/DivXBrowserPlugin.cab -- Reg Error: Key does not exist or could not be opened.
{6E5E167B-1566-4316-B27F-0DDAB3484CF7}: http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageupload(...) -- Image Uploader Control
{74D05D43-3236-11D4-BDCD-00C04F9A3B61}: http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housec(...) -- HouseCall Control
{7FC1B346-83E6-4774-8D20-1A6B09B0E737}: http://arnaudlengletfrance.spaces.live.com/PhotoUpload/MsnPUpld.cab -- Windows Live Photo Upload Control
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Java Plug-in 1.6.0_02
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}: http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab -- MessengerStatsClient Class
{9D190AE6-C81E-4039-8061-978EBAD10073}: http://www.securite.neuf.fr/Ols/fscax.cab -- F-Secure Online Scanner 3.0
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF}: http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab -- MsnMessengerSetupDownloadControl Class
{B8BE5E93-A60C-4D26-A2DC-220313175592}: http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab -- MSN Games - Installer
{C3F79A2B-B9B4-4A66-B012-3EE46475B072}: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab -- MessengerStatsClient Class
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Java Plug-in 1.6.0_02
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Java Plug-in 1.6.0_02
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}: http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab -- Minesweeper Flags Class
{F6BF0D00-0B2A-4A75-BF7B-F385591623AF}: http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab -- Solitaire Showdown Class
{F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8}: https://secure.gopetslive.com/dev/GoPetsWeb.cab -- GoPetsWeb Control

========== (O17) DNS Name Servers ==========

{58B808D2-81D7-4A38-B63B-4E813E2E2E9E} (Servers: | Description: )
{6FD5D633-6770-4DAC-A8B6-E92BE6A9E768} (Servers: | Description: Carte Fast Ethernet compatible VIA)
{BC4C8589-BE9D-4860-A88E-6916E49DED76} (Servers: | Description: Compact Wireless-G USB Adapter)
{F34A4E20-BB22-407D-B244-CB1954133DC4} (Servers: | Description: )

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | | | | | Set tvdumpflags=8 | Set tvdumpflags=8 | | | Set tvdumpflags=8 | ]
[2006/01/21 21:35:04 | 00,000,254 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ FAT32 ]

AUTOEXEC.007 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | Set tvdumpflags=10 | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | | | | Set tvdumpflags=8 | Set tvdumpflags=8 | ]
[2005/10/16 19:14:00 | 00,000,247 | ---- | M] () -- C:\AUTOEXEC.007 -- [ FAT32 ]

AUTOEXEC.001 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | ]
[2005/08/08 23:34:28 | 00,000,134 | ---- | M] () -- C:\AUTOEXEC.001 -- [ FAT32 ]

AUTOEXEC.002 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | ]
[2005/08/09 00:21:48 | 00,000,136 | ---- | M] () -- C:\AUTOEXEC.002 -- [ FAT32 ]

AUTOEXEC.003 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | Set tvdumpflags=10 | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | ]
[2005/08/24 19:00:40 | 00,000,203 | ---- | M] () -- C:\AUTOEXEC.003 -- [ FAT32 ]

AUTOEXEC.004 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | Set tvdumpflags=10 | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | Set tvdumpflags=8 | ]
[2005/09/17 09:49:46 | 00,000,222 | ---- | M] () -- C:\AUTOEXEC.004 -- [ FAT32 ]

AUTOEXEC.005 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | Set tvdumpflags=10 | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | | | | ]
[2005/09/17 09:56:54 | 00,000,209 | ---- | M] () -- C:\AUTOEXEC.005 -- [ FAT32 ]

AUTOEXEC.006 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | Set tvdumpflags=10 | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | | | | Set tvdumpflags=8 | ]
[2005/09/18 18:20:02 | 00,000,228 | ---- | M] () -- C:\AUTOEXEC.006 -- [ FAT32 ]

AUTOEXEC.008 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | Set tvdumpflags=10 | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | | | | Set tvdumpflags=8 | Set tvdumpflags=8 | Set tvdumpflags=8 | ]
[2006/01/18 18:29:42 | 00,000,266 | ---- | M] () -- C:\AUTOEXEC.008 -- [ FAT32 ]

AUTOEXEC.009 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | Set tvdumpflags=10 | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | | | | | Set tvdumpflags=8 | Set tvdumpflags=8 | | | ]
[2006/01/19 22:52:48 | 00,000,253 | ---- | M] () -- C:\AUTOEXEC.009 -- [ FAT32 ]

AUTOEXEC.010 [mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi) | mode con codepage select=850 | keyb fr,,C:\WINDOWS\COMMAND\keyboard.sys | | | SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1 | | | | | Set tvdumpflags=8 | Set tvdumpflags=8 | | | ]
[2006/01/20 18:23:12 | 00,000,235 | ---- | M] () -- C:\AUTOEXEC.010 -- [ FAT32 ]


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af379a82-29fa-11db-a477-001109c64c87}\Shell\AutoRun\command]
""=setupSNK.exe

========== Files/Folders - Created Within 30 Days ==========

[2009/01/14 22:28:01 | 00,001,878 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114W2831.zlg
[2009/01/14 21:28:01 | 00,000,291 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114V2831.zlg
[2009/01/14 20:28:01 | 00,001,369 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114U2831.zlg
[2009/01/14 19:28:01 | 00,000,162 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114T2831.zlg
[2009/01/14 18:28:00 | 00,002,576 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114S2830.zlg
[2009/01/13 22:34:48 | 00,001,160 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\113W3416.zlg
[2009/01/13 21:34:48 | 00,000,231 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\113V3416.zlg
[2009/01/13 20:34:47 | 00,002,324 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\113U3415.zlg
[2009/01/12 22:34:47 | 00,002,717 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\112W3415.zlg
[2009/01/12 21:34:47 | 00,001,720 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\112V3415.zlg
[2009/01/12 20:34:47 | 00,005,416 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\112U3415.zlg
[2009/01/11 23:45:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\zlg a supprimer
[2009/01/11 22:21:51 | 53,639,9872 | -HS- | C] () -- C:\hiberfil.sys
[2009/01/11 21:34:36 | 00,001,474 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\Ad-remover.lnk
[2009/01/11 21:34:34 | 00,000,000 | ---D | C] -- C:\Program Files\Ad-remover
[2009/01/11 18:47:00 | 00,000,534 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Navilog1.lnk
[2009/01/11 18:46:59 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2009/01/11 14:35:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\scan
[2009/01/05 22:54:17 | 00,000,532 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Menu Démarrer\Programmes\Démarrage\Anti-Pub.lnk
[2009/01/02 18:10:52 | 00,334,489 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\P1000041 copier.jpg
[2009/01/02 18:08:41 | 01,498,788 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\P1000041.JPG
[2009/01/01 21:08:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\nouvel an
[2008/12/29 21:49:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\gérald
[2008/12/28 16:48:35 | 67,254,5091 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\_Za01204
[2008/12/28 11:58:44 | 00,000,096 | ---- | C] () -- C:\WINDOWS\PhEdit.INI
[2008/12/28 11:52:14 | 00,001,508 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\QuickTime Player.lnk
[2008/12/28 11:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
[2008/12/28 00:37:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\DCIM
[2008/12/28 00:08:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Application Data\Panasonic
[2008/12/28 00:03:27 | 00,001,640 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\PHOTOfunSTUDIO -viewer-.lnk
[2008/12/28 00:03:14 | 00,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICSDK2.dll
[2008/12/28 00:03:14 | 00,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICEntry.dll
[2008/12/28 00:03:14 | 00,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2008/12/28 00:03:14 | 00,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2008/12/28 00:03:14 | 00,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2008/12/28 00:03:14 | 00,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2008/12/28 00:03:14 | 00,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2008/12/28 00:03:14 | 00,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2008/12/28 00:03:14 | 00,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2008/12/28 00:03:14 | 00,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2008/12/28 00:03:14 | 00,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2008/12/28 00:03:14 | 00,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2008/12/28 00:03:14 | 00,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2008/12/28 00:03:14 | 00,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2008/12/28 00:03:13 | 00,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2008/12/28 00:03:13 | 00,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2008/12/28 00:03:13 | 00,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2008/12/28 00:03:13 | 00,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008/12/28 00:03:13 | 00,013,732 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2008/12/28 00:03:13 | 00,006,442 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_IT.cfg
[2008/12/28 00:03:13 | 00,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_PT.cfg
[2008/12/28 00:03:13 | 00,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_BP.cfg
[2008/12/28 00:03:13 | 00,006,335 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_GE.cfg
[2008/12/28 00:03:13 | 00,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_CF.cfg
[2008/12/28 00:03:13 | 00,006,122 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_DU.cfg
[2008/12/28 00:03:13 | 00,006,103 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_ES.cfg
[2008/12/28 00:03:13 | 00,005,817 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_KO.cfg
[2008/12/28 00:03:13 | 00,005,436 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_SC.cfg
[2008/12/28 00:03:13 | 00,002,889 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_RU.cfg
[2008/12/28 00:03:13 | 00,002,426 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_TC.cfg
[2008/12/28 00:02:53 | 00,001,612 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\PHOTOfunSTUDIO -viewer-.lnk
[2008/12/28 00:02:50 | 00,045,056 | ---- | C] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\System32\PhDi2.sys
[2008/12/28 00:02:44 | 00,000,000 | ---D | C] -- C:\Program Files\Panasonic
[2008/12/28 00:02:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Application Data\InstallShield
[2008/12/27 09:37:19 | 00,004,620 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\fl.jpg
[2008/12/26 15:44:56 | 00,023,972 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\lv bandeau.jpg
[2008/12/26 14:05:35 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\bandeau lv.doc
[2008/12/26 14:03:30 | 05,710,848 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\bandeau lv.doc
[2008/12/26 13:57:34 | 01,383,894 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\DSC01163.JPG
[2008/12/25 11:57:55 | 00,002,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\dHook.sys
[2008/12/24 15:12:28 | 00,088,576 | ---- | C] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\menu noel 2009.doc
[2008/12/22 17:44:02 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\wsphook.dll
[2008/12/22 17:44:02 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\injectdll.dll
[2008/12/21 22:49:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2008/12/21 22:49:29 | 00,617,984 | ---- | C] ( ) -- C:\WINDOWS\System32\msvmsvcv.exe
[2008/12/21 22:49:29 | 00,000,310 | ---- | C] () -- C:\WINDOWS\System32\msvmsvcv.ini

========== Files - Modified Within 30 Days ==========

[2009/01/14 22:51:08 | 00,013,752 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/01/14 22:50:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/01/14 22:50:28 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/01/14 22:50:26 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2009/01/14 22:28:02 | 00,001,878 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114W2831.zlg
[2009/01/14 21:28:02 | 00,000,291 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114V2831.zlg
[2009/01/14 20:28:02 | 00,001,369 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114U2831.zlg
[2009/01/14 19:28:02 | 00,000,162 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114T2831.zlg
[2009/01/14 18:28:02 | 00,002,576 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\114S2830.zlg
[2009/01/13 22:34:50 | 00,001,160 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\113W3416.zlg
[2009/01/13 21:34:50 | 00,000,231 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\113V3416.zlg
[2009/01/13 20:34:50 | 00,002,324 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\113U3415.zlg
[2009/01/12 22:34:48 | 00,002,717 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\112W3415.zlg
[2009/01/12 21:34:48 | 00,001,720 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\112V3415.zlg
[2009/01/12 20:34:48 | 00,005,416 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\112U3415.zlg
[2009/01/11 23:55:08 | 00,026,448 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Application Data\GDIPFONTCACHEV1.DAT
[2009/01/11 23:52:10 | 00,385,536 | -HS- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\Thumbs.db
[2009/01/11 21:34:38 | 00,001,474 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\Ad-remover.lnk
[2009/01/11 19:41:50 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/01/11 18:47:02 | 00,000,534 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Navilog1.lnk
[2009/01/05 22:54:18 | 00,000,532 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Menu Démarrer\Programmes\Démarrage\Anti-Pub.lnk
[2009/01/04 18:38:22 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/01/04 18:38:18 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/01/02 18:13:54 | 00,334,489 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\P1000041 copier.jpg
[2009/01/02 18:12:44 | 01,498,788 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\P1000041.JPG
[2008/12/28 19:57:10 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Skype.lnk
[2008/12/28 16:50:44 | 67,254,5091 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\_Za01204
[2008/12/28 12:05:20 | 00,000,096 | ---- | M] () -- C:\WINDOWS\PhEdit.INI
[2008/12/28 11:52:16 | 00,001,508 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\QuickTime Player.lnk
[2008/12/28 01:06:46 | 00,026,448 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/28 00:19:44 | 01,439,248 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/28 00:03:28 | 00,001,640 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\PHOTOfunSTUDIO -viewer-.lnk
[2008/12/28 00:02:54 | 00,001,612 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\PHOTOfunSTUDIO -viewer-.lnk
[2008/12/27 09:36:56 | 00,004,620 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\fl.jpg
[2008/12/26 15:47:50 | 00,044,544 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\bandeau lv.doc
[2008/12/26 15:45:00 | 00,023,972 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\lv bandeau.jpg
[2008/12/26 15:09:00 | 01,383,894 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Bureau\DSC01163.JPG
[2008/12/26 14:03:34 | 05,710,848 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\bandeau lv.doc
[2008/12/25 11:57:56 | 00,002,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\dHook.sys
[2008/12/24 15:12:30 | 00,088,576 | ---- | M] () -- C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Mes documents\menu noel 2009.doc
[2008/12/22 17:44:04 | 00,086,016 | ---- | M] () -- C:\WINDOWS\System32\wsphook.dll
[2008/12/22 17:44:04 | 00,053,248 | ---- | M] () -- C:\WINDOWS\System32\injectdll.dll
[2008/12/21 22:49:32 | 00,053,248 | ---- | M] () -- C:\WINDOWS\System32\zlib.dll
< End of report >

voilà le second

OTViewIt Extras logfile created on: 14/01/2009 22:53:38 - Run 3
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Local Settings\Temporary Internet Files\Content.IE5\K1PIADGY
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 151,13 Mb Available Physical Memory | 29,55% Memory free
1,22 Gb Paging File | 0,86 Gb Available in Paging File | 70,39% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,28 Gb Total Space | 10,20 Gb Free Space | 26,64% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
Drive E: | 2,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FRED
Current User Name: Frédéric
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = SafariHTML] -- Reg Error: Key does not exist or could not be opened. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DisableNotifications"=0
"DoNotAllowExceptions"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 12:55:02 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2005/06/06 13:23:08 | 01,183,744 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil
[2002/03/24 15:37:00 | 00,368,640 | ---- | M] (Asseloos Software) -- C:\Program Files\ASoft\AutoExit\AutoExit.exe:*:Enabled:Public Release Version
[2005/09/19 23:53:46 | 08,571,392 | ---- | M] (Ensemble Studios) -- C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3
[2008/10/15 08:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer
[2008/04/14 04:33:58 | 01,044,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting®
[2008/12/17 19:36:00 | 07,671,408 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\FIREFOX.EXE:*:Enabled:Firefox
[2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 12:55:02 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2008/04/14 04:34:02 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
[2008/04/14 04:34:20 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\RUNDLL32.EXE:*:Enabled:Exécuter une DLL en tant qu'application
[2008/09/29 17:57:48 | 21,755,688 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[2004/01/29 15:08:24 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\OLE DB\msdaipp.dll ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
File not found Reg Error: Key does not exist or could not be opened. (linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} (HKLM) [Reg Error: Key does not exist or could not be opened.])
[2007/01/19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
msdaipp: [HKLM - No CLSID value]
[2004/01/29 15:08:24 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\OLE DB\msdaipp.dll msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[2004/01/29 15:08:24 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\OLE DB\msdaipp.dll msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[2007/01/19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[2008/01/24 15:22:56 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
[2008/06/03 15:08:42 | 01,942,864 | R--- | M] (Skype Technologies) C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [IEProtocolHandler Class])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
File not found Reg Error: Key does not exist or could not be opened. text/html:{2AB289AE-4B90-4281-B2AE-1F4BB034B647} (HKLM) [Reg Error: Key does not exist or could not be opened.]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01A2E33A-8ADA-42D1-9173-8F65149E952F}"=Microsoft Money
"{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}"=Extension Système de Microsoft Money
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}"=Apple Software Update
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}"=QuickTime
"{3248F0A8-6813-11D6-A77B-00B0D0160020}"=Java(TM) 6 Update 2
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{3F50AF3B-8997-4916-0095-99D63DDB785A}"=Harry Potter TM
"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}"=Google Earth
"{485775E8-AEB8-46BD-922B-242879E03DD5}"=Age of Empires III
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}"=modem ADSL USB
"{4FCD8A17-F679-4AD1-8C4D-CFDACC2FA15C}"=Cuisine Facile
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype™ 3.8
"{67EDD823-135A-4D59-87BD-950616D6E857}"=EPSON Copy Utility 3
"{6C11D561-620B-47DA-A693-4C597F3CDF40}"=EPSON Smart Panel
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{891B35C9-FEA9-4CF7-BC42-34A39D64ED0C}"=Sudoku
"{896D642C-7125-44F0-AC49-A23ABF82209C}"=CDBurnerXP Pro 3
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}"=Ulead GIF Animator 5 Evaluation
"{90120000-0020-040C-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system
"{9028040C-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional avec FrontPage
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1"=IZArc 3.81
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}"=PHOTOfunSTUDIO -viewer-
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}"=Adobe AIR
"{AC76BA86-7AD7-1036-7B44-A70700000002}"=Adobe Reader 7.0.7 - Français
"{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}"=ABBYY FineReader 6.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B40FB44A-B861-44E0-9A12-E263AC27B805}"=Smart Cleaner
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}"=BlueSoleil
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}"=ABBYY FineReader 5.0 Sprint
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}"=Empire Earth II
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}"=ScanToWeb
"{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}"=Windows Live Messenger
"{F652D238-5F29-42D5-BAF3-0115EF977EC2}"=Windows Live Sign-in Assistant
"7-Zip"=7-Zip 4.57
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Adobe Photoshop 5.0"=Adobe Photoshop 5.0
"Adobe Shockwave Player"=Adobe Shockwave Player
"Ad-remover"=Ad-remover
"All ATI Software"=ATI - Utilitaire de désinstallation du logiciel
"AntiVir PersonalEdition Classic"=Avira AntiVir Personal - Free Antivirus
"a-squared Anti-Malware_is1"=a-squared Anti-Malware 3.1
"ATI Display Driver"=ATI Display Driver
"dBpowerAMP Music Converter"=dBpowerAMP Music Converter
"Dofus 1.25.0"=Dofus 1.25.0
"DriverAgent.exe"=DriverAgent by eSupport.com
"EPSON Scanner"=EPSON Scan
"EVEREST Home Edition_is1"=EVEREST Home Edition v1.51
"FrontPageExpress"=Microsoft FrontPage Express
"Guild Wars"=GUILD WARS
"HijackThis"=HijackThis 2.0.2
"HP DeskJet 720C Series"=HP DeskJet Serie 720C (Supprimer uniquement)
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}"=Age of Empires III
"KC Softwares VideoInspector_is1"=KC Softwares VideoInspector
"KLiteCodecPack_is1"=K-Lite Codec Pack 3.1.5 Full
"Le Maître de l'Olympe - Zeus."=Le Maître de l'Olympe - Zeus.
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"ManyCam"=ManyCam 2.3 (remove only)
"Messenger Plus! Live"=Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"mkwqalcxnhoahw"=RON Tool Offersfortoday
"Mozilla Firefox (2.0.0.17)"=Mozilla Firefox (2.0.0.17)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"Navilog1_is1"=Navilog1 3.7.1
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"Notepad++"=Notepad++
"PrintMaster Gold 4.03"=PrintMaster Gold 4.03
"SFR_Kit"=SFR - Kit de connexion
"ShoppingReport"=ShopperReports
"SM"=SM
"Spybot - Search & Destroy_is1"=Spybot - Search & Destroy 1.5.2.20
"ST6UNST #1"=SpYAv Version 1
"VTDisplay"=S3 S3Display
"VTGamma2"=S3 S3Gamma2
"VTInfo2"=S3 S3Info2
"VTOverlay"=S3 S3Overlay
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Lecteur Windows Media 11
"Windows XP Service"=Windows XP Service Pack 3
"WinZip"=WinZip
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/08/2007 11:42:16 | Computer Name = FRED | Source = MsiInstaller | ID = 10005
Description = Product: Adobe Setup -- Please install Adobe Setup using Setup.exe

Error - 11/08/2007 11:42:25 | Computer Name = FRED | Source = MsiInstaller | ID = 10005
Description = Product: Adobe Setup -- Please install Adobe Setup using Setup.exe

Error - 12/08/2007 06:24:42 | Computer Name = FRED | Source = Application Hang | ID = 1002
Description = Application bloquée IEXPLORE.EXE, version 6.0.2900.2180, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 12/08/2007 06:25:10 | Computer Name = FRED | Source = Application Hang | ID = 1002
Description = Application bloquée IEXPLORE.EXE, version 6.0.2900.2180, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 11/01/2009 14:47:36 | Computer Name = FRED | Source = Service Control Manager | ID = 7001
Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas
pu démarrer en raison de l'erreur : %%31

Error - 11/01/2009 14:47:36 | Computer Name = FRED | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : AFD AmdK7 avgio avipbb Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ssmdrv Tcpip WS2IFSL

Error - 11/01/2009 15:38:25 | Computer Name = FRED | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/01/2009 15:38:37 | Computer Name = FRED | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 11/01/2009 15:38:37 | Computer Name = FRED | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 11/01/2009 15:38:52 | Computer Name = FRED | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/01/2009 15:52:58 | Computer Name = FRED | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/01/2009 17:20:10 | Computer Name = FRED | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/01/2009 17:20:15 | Computer Name = FRED | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 11/01/2009 17:20:53 | Computer Name = FRED | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >

Bonjour,

Tu peux supprimer a-squared ; il n'est plus suffisammentefficace.


1) Désactive tes logiciels de protection.


2) Télécharge OTMoveIt3 de OldTimer :

- Enregistre-le sur ton bureau
- Double-clique sur OTMoveIt3.exe pour le lancer (l'extension peut ne pas apparaître)
- Copie-colle l'entièreté de ceci ci dessous dans la partie "Paste Instructions for Items to be Moved" (en-dessous de la barre jaune) :



- Ferme tous tes programmes et clique sur le bouton rouge Moveit! pour lancer le nettoyage
- Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results (en vert à droite)
--> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)
- Ferme OTMoveIt3 (en cliquant sur Exit)

Note : Si un fichier ou un dossier ne sait être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus. Clique alors sur "Yes" pour accepter...

bonsoir,
J'ai lancé une première fois comme tu me l'as indiqué et le micro s'est bloqué, j'ai donc arreté electriquement et relancé à nouveau la procédure et la copie du log :
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF}\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\{A057A204-BACC-4D26-9990-79A187E2698E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\msvmsvcv not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\msvmsvcv not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Windows &Live Favorites\\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xporter vers Microsoft Excel\\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{7F9DB11C-E358-4ca6-A83D-ACC663939424}\\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{E023F504-0C5A-4750-A1E7-A9046DEA8A21\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{41564D57-9980-0010-8000-00AA00389B71}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSSearchHelper\\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\\"PerceivedType"|"text"@="FirefoxHTML" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\\"Content Type"|"text/html" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\\ not found.
========== FILES ==========
File/Folder C:\DOCUME~1\arnaud\APPLIC~1\EoRezo not found.
File/Folder C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Menu Démarrer\Programmes\Démarrage\Anti-Pub.lnk not found.
File/Folder C:\WINDOWS\PhEdit.INI not found.
File/Folder C:\WINDOWS\System32\wsphook.dll not found.
File/Folder C:\WINDOWS\System32\injectdll.dll not found.
File/Folder C:\WINDOWS\system32\msvmsvcv.exe not found.
File/Folder C:\WINDOWS\System32\msvmsvcv.ini not found.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_1f4.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01162009_193903

Files moved on Reboot...
File C:\WINDOWS\temp\Perflib_Perfdata_1f4.dat not found!

Bonjour,

Poste un nouveau rapport HijackThis.

bonsoir
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:15:44, on 17/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Frédéric.FFFFF-CC0EDBB9F\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.3\ManyCam.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageupload(...)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housec(...)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://arnaudlengletfrance.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O24 - Desktop Component 0: (no name) - file:///C:/Documents%20and%20Settings/Fr%E9d%E9ric.FFFFF-CC0EDBB9F/Mes%20docu(...)
O24 - Desktop Component 1: (no name) - http://www.autorevue.cz/Obrazky/2005/09zari/407coupe/66.jpg
O24 - Desktop Component 2: (no name) - file:///C:/Documents%20and%20Settings/Fr%E9d%E9ric.FFFFF-CC0EDBB9F/Local%20Se(...)

--
End of file - 9578 bytes

Bonjour,

1) Télécharge JavaRa et suis les instructions de ce tutorial


2) Ta version d'Adobe Reader n'est pas à jour. Des failles de sécurité peuvent permettre l'infection de ton ordinateur. Plus d'informations.

- Désinstalle Adobe Reader 7 via ajout/suppression de programmes.
- Télécharge et installe Adobe Reader 9.

Il est important de maintenir à jour tous les logiciels (notamment Adobe Reader, Java, Flash, les navigateurs, sans oublier Windows).


Suppression des outils

1) Télécharge ToolsCleaner2 de A.Rothstein et enregistre-le sur ton bureau.

- Double-clique sur ToolsCleaner2.exe pour lancer l'outil.

- Clique sur le bouton Recherche.
- Une fois la recherche terminée, clique sur le bouton Suppression.


2) Copie/colle le rapport et poste-le dans ta prochaine réponse.

Tu peux ensuite supprimer ToolCleaner.