Virus/ ouverture de fenetre

.Voici le rapport merci flo
======= RAPPORT D'AD-REMOVER 1.1.4.6_F | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.12.2009 à 20:37
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:25:47, 18/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: D1T1S81J | Utilisateur actuel: J...........
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

C:\WINDOWS\System32\nvs2.inf
C:\WINDOWS\pack.epk
C:\Program Files\eoRezo
C:\Program Files\LETMIN
C:\Program Files\Trymedia
C:\Program Files\Viewpoint
C:\Program Files\Winsudate
C:\DOCUME~1\JAUZE\APPLIC~1\EoRezo
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
C:\WINDOWS\System32\yrdcvku.dat
C:\WINDOWS\System32\yrdcvku_nav.dat
C:\WINDOWS\System32\yrdcvku_navps.dat

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKLM\software\classes\EoRezoBHO.EoBho
HKLM\software\classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Classes\Interface\{FED621D1-59B0-11D0-9C47-00A0C90F29FC}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\software\EoRezo
HKLM\software\MetaStream
HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKLM\software\microsoft\shared tools\msconfig\startupreg\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoClock
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\software\microsoft\windows\currentversion\uninstall\ViewpointMediaPlayer
HKLM\software\Trymedia Systems
HKLM\software\Viewpoint
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.15 [fr] *
.
Nom du profil: u0j9n0kn.default (J.........)
.
(J......., prefs.js) Browser.download.lastDir, C:\Documents and Settings\J...........\Bureau\en cours
(J........., prefs.js) Browser.search.defaultenginename, Google
(J......., prefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
(J.........., prefs.js) Browser.startup.homepage, hxxp://www.orange.fr
(J.........., prefs.js) Extensions.enabledItems, {3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091119W,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,jqs@sun.com:1.0,{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15
(JAUZE, prefs.js) Keyword.URL, hxxp://www.google.com/search?sourceid=navclient&hl=fr&q=
.
.
* Internet Explorer Version 7.0.5730.11 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Use Custom Search URL: 1 (0x1)
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Start Page: hxxp://fr.msn.com/
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\J........\Mes documents\Mes fichiers re‡us\Abbyy Scan To Office 1.0\keygen.rar
C:\Documents and Settings\J.......\Mes documents\pouet\Keygen.exe
C:\Documents and Settings\J..........\Mes documents\pouet\patch7.5.exe
C:\Documents and Settings\J...........\Mes documents\pouet\Nouveau dossier\Alcohol 120% v1.9.2.1705 Multilanguage Serial (Ok).zip
C:\Documents and Settings\J..........\Mes documents\pouet\Nouveau dossier\Patch7.5.0311.rar
C:\Documents and Settings\J..........\Mes documents\pouet\Nouveau dossier\Alcohol 120% v1.9.2.1705 Multilanguage + serial (OK)\Alcohol120_retail_1_9_2_1705.exe
C:\Documents and Settings\J.........\Mes documents\pouet\Nouveau dossier\Alcohol 120% v1.9.2.1705 Multilanguage + serial (OK)\setup.exe
C:\Documents and Settings\J........\Mes documents\pouet\Nouveau dossier\Alcohol 120% v1.9.2.1705 Multilanguage + serial (OK)\YAG.nfo
C:\Documents and Settings\J.........\Mes documents\pouet\WinRAR 3.30 crack‚ - Francais\WinRAR 3.30 crack‚ - Francais\WinRAR 3.30.exe
.
===================================
.
5195 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
0 Fichier(s) - C:\DOCUME~1\J........\LOCALS~1\Temp
6 Fichier(s) - C:\WINDOWS\Temp
5 Fichier(s) - C:\WINDOWS\Prefetch
.
18 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
104 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 13:38:44 | 18/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.

voici le nouveau rapport


############################## | UsbFix V6.065 |

User : JAUZE (Administrateurs) # D1T1S81J
Update on 18/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:07:49 | 18/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Disabled
AV : McAfee VirusScan [ Enabled | Updated ]
FW : McAfee Personal Firewall[ Enabled ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 145,48 Go (59,46 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local # 298,09 Go (248,61 Go free) # NTFS
I:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 696
C:\WINDOWS\system32\csrss.exe 764
C:\WINDOWS\system32\winlogon.exe 792
C:\WINDOWS\system32\services.exe 836
C:\WINDOWS\system32\lsass.exe 848
C:\WINDOWS\System32\Ati2evxx.exe 1056
C:\WINDOWS\system32\svchost.exe 1088
C:\WINDOWS\system32\svchost.exe 1196
C:\WINDOWS\System32\svchost.exe 1284
C:\WINDOWS\System32\svchost.exe 1372
C:\WINDOWS\System32\svchost.exe 1464
C:\WINDOWS\system32\spoolsv.exe 1632
C:\WINDOWS\Explorer.EXE 1820
C:\WINDOWS\System32\svchost.exe 1940
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1972
C:\Program Files\Bonjour\mDNSResponder.exe 1996
C:\WINDOWS\system32\drivers\CDAC11BA.EXE 2016
C:\WINDOWS\System32\CTsvcCDA.exe 284
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe 308
C:\Program Files\Java\jre6\bin\jqs.exe 340
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 360
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe 440
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe 544
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe 748
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe 1140
C:\Program Files\Dell\Media Experience\PCMService.exe 1232
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe 1244
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe 1312
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe 1348
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe 1392
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE 1456
C:\WINDOWS\system32\CTHELPER.EXE 1500
c:\PROGRA~1\mcafee.com\agent\mcagent.exe 1592
C:\Program Files\McAfee\MPF\MPFSrv.exe 1680
C:\WINDOWS\system32\dla\tfswctrl.exe 1788
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe 1188
C:\WINDOWS\system32\HPZipm12.exe 2068
C:\WINDOWS\system32\PrintCtrl.exe 2124
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2212
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe 2296
C:\WINDOWS\System32\svchost.exe 2436
C:\Program Files\iTunes\iTunesHelper.exe 2432
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe 2464
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 2468
C:\Program Files\Java\jre6\bin\jusched.exe 2500
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe 2536
C:\WINDOWS\system32\PrintDisp.exe 2588
C:\WINDOWS\system32\wdfmgr.exe 2644
C:\WINDOWS\system32\ctfmon.exe 2752
C:\WINDOWS\System32\MsPMSPSv.exe 2792
C:\WINDOWS\system32\svchost.exe 2832
C:\Program Files\Internet Explorer\IEXPLORE.EXE 2892
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3252
C:\WINDOWS\System32\wbem\wmiapsrv.exe 3564
C:\Program Files\iPod\bin\iPodService.exe 3684
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 4072
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe 276
C:\Program Files\Messenger\msmsgs.exe 1744
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe 2424
C:\WINDOWS\System32\alg.exe 2360
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe 3696
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe 3772
C:\WINDOWS\DvzCommon\DvzMsgr.exe 3836
C:\Program Files\Logitech\SetPoint\SetPoint.exe 268
C:\Program Files\Palm\HOTSYNC.EXE 1180
C:\Program Files\OpenOffice.org 3\program\soffice.exe 2132
C:\Program Files\OpenOffice.org 3\program\soffice.bin 2140
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE 3744
C:\WINDOWS\system32\wuauclt.exe 644
C:\Program Files\Java\jre6\bin\jucheck.exe 3524
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe 2328
C:\Program Files\Internet Explorer\iexplore.exe 2888
C:\Program Files\Windows Live\Toolbar\wltuser.exe 3900
C:\WINDOWS\system32\wbem\wmiprvse.exe 1280

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{630e614e-0bce-11da-aaa3-4d6564696130}
Shell\AutoRun\command =F:\Autorun.exe

HKCU\..\..\Explorer\MountPoints2\{a8534db4-84c0-11de-b2d7-001111365bc9}
Shell\AutoRun\command =__DTMEDIA\DTMedia.exe

################## | Cracks / Keygens / Serials |

"G:\logiciels\WinRAR 3.30 crack‚ - Francais.zip"
-> Contain : WinRAR 3.30 cracké - Francais\WinRAR 3.30.exe

"G:\partitions\Guitare\Guitar Pro 4 Fr + serial.rar"
-> contain : GP4Full.exe


################## | ! Fin du rapport # UsbFix V6.065 ! |

voici le rapport


############################## | UsbFix V6.065 |

User : JAUZE (Administrateurs) # D1T1S81J
Update on 18/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:28:20 | 18/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Disabled
AV : McAfee VirusScan [ Enabled | Updated ]
FW : McAfee Personal Firewall[ Enabled ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 145,48 Go (59,4 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local # 298,09 Go (248,61 Go free) # NTFS
I:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 708
C:\WINDOWS\system32\csrss.exe 756
C:\WINDOWS\system32\winlogon.exe 784
C:\WINDOWS\system32\services.exe 828
C:\WINDOWS\system32\lsass.exe 840
C:\WINDOWS\System32\Ati2evxx.exe 1048
C:\WINDOWS\system32\svchost.exe 1068
C:\WINDOWS\system32\svchost.exe 1140
C:\WINDOWS\System32\svchost.exe 1228
C:\WINDOWS\System32\svchost.exe 1352
C:\WINDOWS\System32\svchost.exe 1384
C:\WINDOWS\system32\spoolsv.exe 1568
C:\WINDOWS\Explorer.EXE 1836
C:\WINDOWS\System32\svchost.exe 2028
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 200
C:\Program Files\Bonjour\mDNSResponder.exe 216
C:\WINDOWS\system32\drivers\CDAC11BA.EXE 236
C:\WINDOWS\System32\CTsvcCDA.exe 248
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe 312
C:\Program Files\Java\jre6\bin\jqs.exe 340
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 372
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe 444
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe 468
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe 748
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe 872
C:\Program Files\McAfee\MPF\MPFSrv.exe 1192
C:\WINDOWS\system32\HPZipm12.exe 1528
C:\WINDOWS\system32\PrintCtrl.exe 1604
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1800
C:\WINDOWS\System32\svchost.exe 1960
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 1640
C:\WINDOWS\system32\wdfmgr.exe 2124
C:\WINDOWS\System32\MsPMSPSv.exe 2176
C:\WINDOWS\system32\svchost.exe 2240
c:\PROGRA~1\mcafee.com\agent\mcagent.exe 2376
C:\WINDOWS\system32\wuauclt.exe 2464
C:\WINDOWS\System32\wbem\wmiapsrv.exe 3084
C:\WINDOWS\system32\wbem\wmiprvse.exe 3200
C:\WINDOWS\system32\wbem\wmiprvse.exe 3332
C:\WINDOWS\System32\alg.exe 3440

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\Recycler\S-1-5-21-3082716108-1413743582-3197327010-1006
Supprimé ! G:\Recycler\S-1-5-21-3082716108-1413743582-3197327010-1006

################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{630e614e-0bce-11da-aaa3-4d6564696130}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a8534db4-84c0-11de-b2d7-001111365bc9}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[18/09/2002 11:35|--a------|0] C:\AUTOEXEC.BAT
[28/10/2008 13:32|--ahs----|216] C:\BOOT.INI
[30/08/2002 07:00|-rahs----|4952] C:\Bootfont.bin
[18/09/2002 11:18|--ahs----|512] C:\BOOTSECT.DOS
[18/09/2002 11:35|--a------|0] C:\CONFIG.SYS
[22/09/2004 13:12|-rah-----|5402] C:\DELL.SDR
[?|?|?] C:\hiberfil.sys
[18/09/2002 11:35|--ah-----|0] C:\IO.SYS
[18/09/2002 11:35|--ah-----|0] C:\MSDOS.SYS
[18/12/2004 07:25|-rahs----|47564] C:\NTDETECT.COM
[18/12/2004 07:25|-rahs----|251712] C:\NTLDR
[?|?|?] C:\pagefile.sys
[18/12/2009 15:33|--a------|3766] C:\UsbFix.txt
[12/03/2003 13:50|--ah-----|52] C:\WM800918.bin

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# G:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |

"G:\logiciels\WinRAR 3.30 crack‚ - Francais.zip"
-> Contain : WinRAR 3.30 cracké - Francais\WinRAR 3.30.exe

"G:\partitions\Guitare\Guitar Pro 4 Fr + serial.rar"
-> contain : GP4Full.exe

Voici le rapport


Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3385
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

18/12/2009 21:34:38
mbam-log-2009-12-18 (21-34-38).txt

Type de recherche: Examen complet (C:\|G:\|)
Eléments examinés: 286338
Temps écoulé: 2 hour(s), 40 minute(s), 52 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 10

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Swizzor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Swizzor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\twain (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\BitGrabber (Trojan.Swizzor) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibcom.dll.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibidl.dll.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibsvc.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibupt.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibusr.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP1042\A0145128.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP1042\A0145129.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP1042\A0145130.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP1042\A0145131.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP1042\A0145132.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.

Logfile of random's system information tool 1.06 (written by random/random)
Run by J.........at 2009-12-18 21:48:55
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 61 GB (41%) free of 149 GB
Total RAM: 1022 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:49:13, on 18/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\PrintDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\JAUZE\Bureau\RSIT.exe
C:\Program Files\trend micro\JAUZE.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [OmniPage] C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [vxulqts] c:\windows\system32\vxulqts.exe vxulqts
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [ahdxdicagz] c:\windows\system32\ahdxdicagz.exe ahdxdicagz
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [zzz_ImInstaller_IncrediMail] C:\Documents and Settings\JAUZE\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPWU_MPM_Agent] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\mpm.exe
O4 - HKLM\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe
O4 - HKLM\..\Run: [Love default global mess] C:\Documents and Settings\All Users\Application Data\great coal love default\bleh fast.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:FRN
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [Fast warn] C:\DOCUME~1\JAUZE\APPLIC~1\HOLDBU~1\platform clock.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HotSync Manager.LNK = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: &Enregistrer - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Remp&lir - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remp&lir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: &Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RF - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: &Barre d outils - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
O15 - Trusted Zone: https://www.consoclicker.com/
O16 - DPF: {3A226D85-574D-4272-B73C-DBCAECF709B3} (TNSClickerb.Clicker) - http://www.consoclicker.com/TNSClickrb.CAB
O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} (Cisco AnyConnect VPN Client Web Control) - https://86.65.210.108/CACHE/stc/1/binaries/vpnweb.cab
O16 - DPF: {70A5EBDC-3EA6-464A-9FF7-084BC150C417} (TNSClickera.Clicker) - http://www.consoclicker.com/TNSClickra.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1BC539C-BC7F-419F-AE53-9D9DE119A6F5}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: McAfee Application Installer Cleanup (0069101261120564) (0069101261120564mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\006910~1.EXE (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - https://www.all2pdf.com/ - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

Voici le rapport : le pc est plus rapide mais j'ai toujours des fenetres qui s'ouvrent moins il me semble mais toujours


List'em by g3n-h@ckm@n 1.1.5.2

Thx to Chiquitine29.....& CCM team

User : JAUZE (Administrateurs) # D1T1S81J
Update on 14/12/2009 by g3n-h@ckm@n ::::: 00:00
Start at: 22:26:23 | 18/12/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Disabled
AV : McAfee VirusScan [ (!) Disabled | Updated ]
FW : McAfee Personal Firewall[ Enabled ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 145,48 Go (59,43 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local | 298,09 Go (249,46 Go free) | NTFS

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe 712
C:\WINDOWS\system32\csrss.exe 760
C:\WINDOWS\system32\winlogon.exe 784
C:\WINDOWS\system32\services.exe 828
C:\WINDOWS\system32\lsass.exe 840
C:\WINDOWS\System32\Ati2evxx.exe 1048
C:\WINDOWS\system32\svchost.exe 1064
C:\WINDOWS\system32\svchost.exe 1136
C:\WINDOWS\System32\svchost.exe 1224
C:\WINDOWS\System32\svchost.exe 1328
C:\WINDOWS\System32\svchost.exe 1380
C:\WINDOWS\system32\spoolsv.exe 1580
C:\WINDOWS\Explorer.EXE 1840
C:\WINDOWS\System32\svchost.exe 1940
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1972
C:\Program Files\Bonjour\mDNSResponder.exe 1984
C:\WINDOWS\system32\drivers\CDAC11BA.EXE 2012
C:\WINDOWS\System32\CTsvcCDA.exe 2024
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe 204
C:\Program Files\Java\jre6\bin\jqs.exe 216
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 364
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe 376
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe 456
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe 636
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe 688
C:\Program Files\McAfee\MPF\MPFSrv.exe 1172
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe 1300
C:\Program Files\Dell\Media Experience\PCMService.exe 1264
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe 1324
C:\WINDOWS\system32\HPZipm12.exe 1532
c:\PROGRA~1\mcafee.com\agent\mcagent.exe 1736
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe 1780
C:\WINDOWS\system32\PrintCtrl.exe 1508
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe 2052
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2080
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE 2116
C:\WINDOWS\system32\CTHELPER.EXE 2144
C:\WINDOWS\System32\svchost.exe 2192
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 2264
C:\WINDOWS\system32\dla\tfswctrl.exe 2320
C:\WINDOWS\system32\wdfmgr.exe 2316
C:\WINDOWS\System32\MsPMSPSv.exe 2400
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe 2416
C:\WINDOWS\system32\svchost.exe 2464
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe 2648
C:\Program Files\iTunes\iTunesHelper.exe 2760
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe 2784
C:\Program Files\Java\jre6\bin\jusched.exe 2804
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe 2832
C:\WINDOWS\system32\PrintDisp.exe 2844
C:\WINDOWS\system32\ctfmon.exe 2948
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3060
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3428
C:\WINDOWS\System32\wbem\wmiapsrv.exe 3436
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3700
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe 3716
C:\Program Files\iPod\bin\iPodService.exe 3892
C:\Program Files\Messenger\msmsgs.exe 1492
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe 1808
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe 2580
C:\WINDOWS\System32\alg.exe 2596
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe 3596
C:\WINDOWS\DvzCommon\DvzMsgr.exe 4028
C:\Program Files\Logitech\SetPoint\SetPoint.exe 584
C:\Program Files\Palm\HOTSYNC.EXE 1336
C:\Program Files\OpenOffice.org 3\program\soffice.exe 1820
C:\Program Files\OpenOffice.org 3\program\soffice.bin 1980
C:\WINDOWS\system32\wuauclt.exe 1772
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE 2628
C:\Program Files\Internet Explorer\iexplore.exe 3704
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1344
C:\Program Files\Java\jre6\bin\jucheck.exe 5388
C:\WINDOWS\SYSTEM32\SOL.EXE 5032
C:\WINDOWS\system32\wuauclt.exe 4692
C:\WINDOWS\system32\msiexec.exe 3044
C:\Documents and Settings\JAUZE\Bureau\List_Killem[1]\List_Kill'em.exe 2072
C:\WINDOWS\system32\cmd.exe 2860
C:\WINDOWS\system32\wbem\wmiprvse.exe 5668
C:\Documents and Settings\JAUZE\Local Settings\Temp\4A.tmp\pv.exe 5960

======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} REG_SZ "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
BoontyBox REG_SZ
SB Audigy 2 Startup Menu REG_SZ /L:FRN
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
MSMSGS REG_SZ "C:\Program Files\Messenger\msmsgs.exe" /background
LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
TomTomHOME.exe REG_SZ "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
Gestionnaire Antidote.exe REG_SZ C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
Fast warn REG_SZ C:\DOCUME~1\JAUZE\APPLIC~1\HOLDBU~1\platform clock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
IAAnotif REG_SZ C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
PCMService REG_SZ "C:\Program Files\Dell\Media Experience\PCMService.exe"
DVDLauncher REG_SZ "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
IntelMeM REG_SZ C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
CTSysVol REG_SZ C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
CTDVDDet REG_SZ C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
CTHelper REG_SZ CTHELPER.EXE
AsioReg REG_SZ REGSVR32.EXE /S CTASIO.DLL
UpdReg REG_SZ C:\WINDOWS\UpdReg.EXE
dla REG_SZ C:\WINDOWS\system32\dla\tfswctrl.exe
UpdateManager REG_SZ "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
OmniPage REG_SZ C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
UnlockerAssistant REG_SZ "C:\Program Files\Unlocker\UnlockerAssistant.exe"
vxulqts REG_SZ c:\windows\system32\vxulqts.exe vxulqts
helpr REG_SZ C:\Program Files\SETI\helper.exe -loader -nolog
a-squared REG_SZ "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
ahdxdicagz REG_SZ c:\windows\system32\ahdxdicagz.exe ahdxdicagz
KernelFaultCheck REG_EXPAND_SZ %systemroot%\system32\dumprep 0 -k
Logitech Hardware Abstraction Layer REG_SZ KHALMNPR.EXE
SSBkgdUpdate REG_SZ "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
OpwareSE4 REG_SZ "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
mcagent_exe REG_SZ "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
zzz_ImInstaller_IncrediMail REG_SZ C:\Documents and Settings\JAUZE\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
HPWU_MPM_Agent REG_SZ C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\mpm.exe
RoboForm REG_SZ "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
PrintDisp REG_SZ C:\WINDOWS\system32\PrintDisp.exe
Love default global mess REG_SZ C:\Documents and Settings\All Users\Application Data\great coal love default\bleh fast.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)

===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 128 (0x80)
NoDriveAutoRun REG_DWORD 128 (0x80)
HonorAutoRunSetting REG_DWORD 0 (0x0)

===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoCDBurning REG_DWORD 0 (0x0)
HonorAutoRunSetting REG_DWORD 0 (0x0)
NoDriveAutoRun REG_DWORD 128 (0x80)
NoDriveTypeAutoRun REG_DWORD 128 (0x80)

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ

===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\eMule\eMule.exe REG_SZ C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\LimeWire\LimeWire.exe REG_SZ C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
C:\Program Files\BitTorrent\bittorrent.exe REG_SZ C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
C:\Program Files\BitTorrent_DNA\dna.exe REG_SZ C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:BitTorrent DNA
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
C:\Documents and Settings\JAUZE\Local Settings\Temporary Internet Files\Content.IE5\QN3LYF92\incredimail_install[1].exe REG_SZ C:\Documents and Settings\JAUZE\Local Settings\Temporary Internet Files\Content.IE5\QN3LYF92\incredimail_install[1].exe:*:Enabled:IncrediMail Installer
C:\Documents and Settings\JAUZE\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe REG_SZ C:\Documents and Settings\JAUZE\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:*:Enabled:IncrediMail Installer
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
C:\Program Files\Azureus\Azureus.exe REG_SZ C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus
C:\Documents and Settings\JAUZE\Local Settings\Temp\ImInstaller\incredimail_installer.exe REG_SZ C:\Documents and Settings\JAUZE\Local Settings\Temp\ImInstaller\incredimail_installer.exe:*:Enabled:IncrediMail Installer
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
C:\Program Files\uTorrent\uTorrent.exe REG_SZ C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe REG_SZ C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

===============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.orange.fr/portail

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
SharedAccess : 0x2
wuauserv : 0x2

=========

=======
Drive :
=======

D‚fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

Rapport d'analyse
145 Go total, 59,44 Go libre (40%), 9% fragment‚ (fragmentation du fichier 18%)

Il ne vous est pas n‚cessaire de d‚fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
C:\Documents and Settings\All Users\Application Data\.zreglib
C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
C:\WINDOWS\config.ini
C:\WINDOWS\Fonts\GRGAREF.TTF
C:\WINDOWS\System32\dumphive.exe
C:\WINDOWS\System32\Process.exe
C:\WINDOWS\System32\setb0.tmp
C:\WINDOWS\System32\setb1.tmp
C:\WINDOWS\System32\setb2.tmp
C:\WINDOWS\System32\setb3.tmp
C:\WINDOWS\System32\setb4.tmp
C:\WINDOWS\System32\setb5.tmp
C:\WINDOWS\System32\setb6.tmp
C:\WINDOWS\System32\setb9.tmp
C:\WINDOWS\System32\SrchSTS.exe
C:\WINDOWS\System32\tmp.reg

¤¤¤¤¤¤¤¤¤¤ Keys :

HKLM\Software\Microsoft\Windows\CurrentVersion\Run "Love default global mess"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BitGrabber"
HKLM\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}

================
Other infections
================

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-18 22:30:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40]
"ujdew"=hex:20,02,00,00,d5,a9,92,8e,e7,82,63,43,2d,bc,e0,79,8d,a2,a0,d5,85,..
"ljej40"=hex:89,d6,97,0c,92,e0,f6,0d,c8,fe,b7,a1,11,3f,a2,85,27,db,04,ac,a3,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
"DisplayName"="Alcohol 120%"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

==========
Programs
==========

a-squared Anti-Malware
a-squared Free
ABBYY ScanTo Office 1.0
Ad-Remover
Adobe
Ahead
Alcohol Soft
Apple Software Update
ArcSoft
ATI Technologies
Audacity
AVS4YOU
Azureus
Bejeweled 2 Deluxe
BitTorrent
BitTorrent_DNA
Bonjour
BoontyGames
Broadcom
Caere
Canon
CanonBJ
CCleaner
Cimaware
Cisco
Common Files
ComPlus Applications
Creative
CyberLink
Dell
DIFX
DivX
Documents To Go
Druide
DVD Shrink
Easy Cross
Easy Thumbnails
Elaborate Bytes
eMule
EPSON
Fichiers communs
FileZilla Client
GameHouse
Google
Grisoft
GSpot
Guitar Pro 4
Hachette Multim‚dia
HijackThis
Hold Burn Ref
HP
Icone
Illustrate
InstallShield Installation Information
Intel
Internet Explorer
Inventel
iPod
iTunes
Jasc Software Inc
Java
JRE
Learn2.com
LimeWire
Logitech
Malwarebytes' Anti-Malware
McAfee
McAfee.com
Mediametrie
Mes Jeux T‚l‚charg‚s
Messenger
Messenger Plus! 3
Messenger Plus! Live
Micro Application
Microsoft
Microsoft CAPICOM 2.1.0.2
Microsoft Encarta
microsoft frontpage
Microsoft Office
Microsoft Office Outlook Connector
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
Microsoft Visual Studio
Microsoft Works
Modem Helper
Modem On Hold
Monkey's Audio
Movie Maker
Mozilla Firefox
mp3DirectCut
MSBuild
MSN
MSN Apps
MSN Games
MSN Gaming Zone
MSXML 4.0
MSXML 6.0
NetMeeting
Ontrack
OpenOffice.org 3
OpiStat
orange
OrangeHSS
Outlook Express
Palm
Palm Inc
PDF Editeur 2
PDF Editor Objects 2
PDFtoMusic
PopCap Games
Power IE
PRIMAX
PSCS2Updater
QuickTime
Radio Fr Solo
Real
Recovery for Excel
Reference Assemblies
Samsung
ScanSoft
Securitoo
Services en ligne
Sibelius Software
Siber Systems
SimpleOCR
SlySoft
Smart Projects
Sonic
Spybot - Search & Destroy
TomTom HOME
TomTom HOME 2
TomTom International B.V
trend micro
Tunatic
Uninstall Information
Unlocker
uTorrent
Wanadoo
Wanadoo Jeux
Winamp
Windows Desktop Search
Windows Live
Windows Live SkyDrive
Windows Media Player
Windows NT
WindowsUpdate
WinRAR
XEROX
Yahoo!

============
Lecteur C:
============

0af4ead7f07a435e99e1fc
AUTOEXEC.BAT
autorun.inf
Autre utilisateur
BOOT.INI
Bootfont.bin
BOOTSECT.DOS
CloneDVDTemp
Config.Msi
CONFIG.SYS
CtDriverInstTemp
DELL
DELL.SDR
Documents and Settings
DRIVERS
EPSON
GRW3EVAL
hiberfil.sys
hijackthis
I386
IO.SYS
Kill'em
List'em.txt
Media
MMWA
MSDOS.SYS
MSOCache
My RoboForm Data
NTDETECT.COM
NTLDR
opn-driver
pagefile.sys
Program Files
RECYCLER
rsit
scan
System Volume Information
teleir
temp
UsbFix
UsbFix.txt
VundoFix Backups
WINDOWS
WM800918.bin
WUTemp

¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

C:\Documents and Settings\.........Recent\ABBYY.FineReader.9.0.Professional.Edition.v9.0.0.662.Multilanguage.Incl.Patch.rar.lnk




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Voici le rapport





Kill'em by g3n-h@ckm@n 1.1.5.2

User : JAUZE (Administrateurs) # D1T1S81J
Update on 14/12/2009 by g3n-h@ckm@n ::::: 00:00
Start at: 23:01:24 | 18/12/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Disabled
AV : McAfee VirusScan [ (!) Disabled | Updated ]
FW : McAfee Personal Firewall[ Enabled ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 145,48 Go (59,42 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local | 298,09 Go (249,62 Go free) | NTFS


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe 712
C:\WINDOWS\system32\csrss.exe 760
C:\WINDOWS\system32\winlogon.exe 784
C:\WINDOWS\system32\services.exe 828
C:\WINDOWS\system32\lsass.exe 840
C:\WINDOWS\System32\Ati2evxx.exe 1048
C:\WINDOWS\system32\svchost.exe 1064
C:\WINDOWS\system32\svchost.exe 1136
C:\WINDOWS\System32\svchost.exe 1224
C:\WINDOWS\System32\svchost.exe 1328
C:\WINDOWS\System32\svchost.exe 1380
C:\WINDOWS\system32\spoolsv.exe 1580
C:\WINDOWS\Explorer.EXE 1840
C:\WINDOWS\System32\svchost.exe 1940
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1972
C:\Program Files\Bonjour\mDNSResponder.exe 1984
C:\WINDOWS\system32\drivers\CDAC11BA.EXE 2012
C:\WINDOWS\System32\CTsvcCDA.exe 2024
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe 204
C:\Program Files\Java\jre6\bin\jqs.exe 216
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 364
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe 376
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe 456
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe 636
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe 688
C:\Program Files\McAfee\MPF\MPFSrv.exe 1172
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe 1300
C:\Program Files\Dell\Media Experience\PCMService.exe 1264
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe 1324
C:\WINDOWS\system32\HPZipm12.exe 1532
c:\PROGRA~1\mcafee.com\agent\mcagent.exe 1736
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe 1780
C:\WINDOWS\system32\PrintCtrl.exe 1508
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe 2052
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2080
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE 2116
C:\WINDOWS\system32\CTHELPER.EXE 2144
C:\WINDOWS\System32\svchost.exe 2192
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 2264
C:\WINDOWS\system32\dla\tfswctrl.exe 2320
C:\WINDOWS\system32\wdfmgr.exe 2316
C:\WINDOWS\System32\MsPMSPSv.exe 2400
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe 2416
C:\WINDOWS\system32\svchost.exe 2464
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe 2648
C:\Program Files\iTunes\iTunesHelper.exe 2760
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe 2784
C:\Program Files\Java\jre6\bin\jusched.exe 2804
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe 2832
C:\WINDOWS\system32\PrintDisp.exe 2844
C:\WINDOWS\system32\ctfmon.exe 2948
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3060
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3428
C:\WINDOWS\System32\wbem\wmiapsrv.exe 3436
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3700
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe 3716
C:\Program Files\iPod\bin\iPodService.exe 3892
C:\Program Files\Messenger\msmsgs.exe 1492
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe 1808
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe 2580
C:\WINDOWS\System32\alg.exe 2596
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe 3596
C:\WINDOWS\DvzCommon\DvzMsgr.exe 4028
C:\Program Files\Logitech\SetPoint\SetPoint.exe 584
C:\Program Files\Palm\HOTSYNC.EXE 1336
C:\Program Files\OpenOffice.org 3\program\soffice.exe 1820
C:\Program Files\OpenOffice.org 3\program\soffice.bin 1980
C:\WINDOWS\system32\wuauclt.exe 1772
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE 2628
C:\Program Files\Internet Explorer\iexplore.exe 3704
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1344
C:\Program Files\Java\jre6\bin\jucheck.exe 5388
C:\Documents and Settings\JAUZE\Bureau\List_Killem[1]\List_Kill'em.exe 3908
C:\WINDOWS\system32\cmd.exe 4524
C:\WINDOWS\system32\wbem\wmiprvse.exe 2812
C:\Documents and Settings\JAUZE\Local Settings\Temp\15B.tmp\pv.exe 5656

Detections :
==========


¤¤¤¤¤¤¤¤¤¤ Files/folders :

"C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}"
"C:\Documents and Settings\All Users\Application Data\.zreglib"
C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
"C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe"
"C:\WINDOWS\config.ini"
"C:\WINDOWS\Fonts\GRGAREF.TTF"
"C:\WINDOWS\system32\dumphive.exe"
"C:\WINDOWS\system32\Process.exe"
C:\WINDOWS\System32\setb0.tmp
C:\WINDOWS\System32\setb1.tmp
C:\WINDOWS\System32\setb2.tmp
C:\WINDOWS\System32\setb3.tmp
C:\WINDOWS\System32\setb4.tmp
C:\WINDOWS\System32\setb5.tmp
C:\WINDOWS\System32\setb6.tmp
C:\WINDOWS\System32\setb9.tmp
"C:\WINDOWS\system32\SrchSTS.exe"
"C:\WINDOWS\system32\tmp.reg"


¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

Quarantine :

.zreglib.Kill'em
bwUnin-7.2.0.137-8876480SL.exe.Kill'em
config.ini.Kill'em
dumphive.exe.Kill'em
grgaref.ttf.Kill'em
Process.exe.Kill'em
QTSBandwidthCache.Kill'em
setb0.tmp.Kill'em
setb1.tmp.Kill'em
setb2.tmp.Kill'em
setb3.tmp.Kill'em
setb4.tmp.Kill'em
setb5.tmp.Kill'em
setb6.tmp.Kill'em
setb9.tmp.Kill'em
SrchSTS.exe.Kill'em
tmp.reg.Kill'em
{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em

==============
host file OK !
==============

========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BitGrabber

============
Disk Cleaned
============

================
Prefetch cleaned
================



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Kill'em by g3n-h@ckm@n 1.1.5.2

User : JAUZE (Administrateurs) # D1T1S81J
Update on 14/12/2009 by g3n-h@ckm@n ::::: 00:00
Start at: 23:01:24 | 18/12/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Disabled
AV : McAfee VirusScan [ (!) Disabled | Updated ]
FW : McAfee Personal Firewall[ Enabled ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 145,48 Go (59,42 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local | 298,09 Go (249,62 Go free) | NTFS


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe 712
C:\WINDOWS\system32\csrss.exe 760
C:\WINDOWS\system32\winlogon.exe 784
C:\WINDOWS\system32\services.exe 828
C:\WINDOWS\system32\lsass.exe 840
C:\WINDOWS\System32\Ati2evxx.exe 1048
C:\WINDOWS\system32\svchost.exe 1064
C:\WINDOWS\system32\svchost.exe 1136
C:\WINDOWS\System32\svchost.exe 1224
C:\WINDOWS\System32\svchost.exe 1328
C:\WINDOWS\System32\svchost.exe 1380
C:\WINDOWS\system32\spoolsv.exe 1580
C:\WINDOWS\Explorer.EXE 1840
C:\WINDOWS\System32\svchost.exe 1940
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1972
C:\Program Files\Bonjour\mDNSResponder.exe 1984
C:\WINDOWS\system32\drivers\CDAC11BA.EXE 2012
C:\WINDOWS\System32\CTsvcCDA.exe 2024
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe 204
C:\Program Files\Java\jre6\bin\jqs.exe 216
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 364
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe 376
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe 456
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe 636
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe 688
C:\Program Files\McAfee\MPF\MPFSrv.exe 1172
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe 1300
C:\Program Files\Dell\Media Experience\PCMService.exe 1264
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe 1324
C:\WINDOWS\system32\HPZipm12.exe 1532
c:\PROGRA~1\mcafee.com\agent\mcagent.exe 1736
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe 1780
C:\WINDOWS\system32\PrintCtrl.exe 1508
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe 2052
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2080
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE 2116
C:\WINDOWS\system32\CTHELPER.EXE 2144
C:\WINDOWS\System32\svchost.exe 2192
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 2264
C:\WINDOWS\system32\dla\tfswctrl.exe 2320
C:\WINDOWS\system32\wdfmgr.exe 2316
C:\WINDOWS\System32\MsPMSPSv.exe 2400
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe 2416
C:\WINDOWS\system32\svchost.exe 2464
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe 2648
C:\Program Files\iTunes\iTunesHelper.exe 2760
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe 2784
C:\Program Files\Java\jre6\bin\jusched.exe 2804
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe 2832
C:\WINDOWS\system32\PrintDisp.exe 2844
C:\WINDOWS\system32\ctfmon.exe 2948
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3060
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3428
C:\WINDOWS\System32\wbem\wmiapsrv.exe 3436
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3700
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe 3716
C:\Program Files\iPod\bin\iPodService.exe 3892
C:\Program Files\Messenger\msmsgs.exe 1492
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe 1808
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe 2580
C:\WINDOWS\System32\alg.exe 2596
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe 3596
C:\WINDOWS\DvzCommon\DvzMsgr.exe 4028
C:\Program Files\Logitech\SetPoint\SetPoint.exe 584
C:\Program Files\Palm\HOTSYNC.EXE 1336
C:\Program Files\OpenOffice.org 3\program\soffice.exe 1820
C:\Program Files\OpenOffice.org 3\program\soffice.bin 1980
C:\WINDOWS\system32\wuauclt.exe 1772
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE 2628
C:\Program Files\Internet Explorer\iexplore.exe 3704
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1344
C:\Program Files\Java\jre6\bin\jucheck.exe 5388
C:\Documents and Settings\JAUZE\Bureau\List_Killem[1]\List_Kill'em.exe 3908
C:\WINDOWS\system32\cmd.exe 4524
C:\WINDOWS\system32\wbem\wmiprvse.exe 2812
C:\Documents and Settings\JAUZE\Local Settings\Temp\15B.tmp\pv.exe 5656

Detections :
==========


¤¤¤¤¤¤¤¤¤¤ Files/folders :

"C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}"
"C:\Documents and Settings\All Users\Application Data\.zreglib"
C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
"C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe"
"C:\WINDOWS\config.ini"
"C:\WINDOWS\Fonts\GRGAREF.TTF"
"C:\WINDOWS\system32\dumphive.exe"
"C:\WINDOWS\system32\Process.exe"
C:\WINDOWS\System32\setb0.tmp
C:\WINDOWS\System32\setb1.tmp
C:\WINDOWS\System32\setb2.tmp
C:\WINDOWS\System32\setb3.tmp
C:\WINDOWS\System32\setb4.tmp
C:\WINDOWS\System32\setb5.tmp
C:\WINDOWS\System32\setb6.tmp
C:\WINDOWS\System32\setb9.tmp
"C:\WINDOWS\system32\SrchSTS.exe"
"C:\WINDOWS\system32\tmp.reg"


¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

Quarantine :

.zreglib.Kill'em
bwUnin-7.2.0.137-8876480SL.exe.Kill'em
config.ini.Kill'em
dumphive.exe.Kill'em
grgaref.ttf.Kill'em
Process.exe.Kill'em
QTSBandwidthCache.Kill'em
setb0.tmp.Kill'em
setb1.tmp.Kill'em
setb2.tmp.Kill'em
setb3.tmp.Kill'em
setb4.tmp.Kill'em
setb5.tmp.Kill'em
setb6.tmp.Kill'em
setb9.tmp.Kill'em
SrchSTS.exe.Kill'em
tmp.reg.Kill'em
{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em

==============
host file OK !
==============

========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BitGrabber

============
Disk Cleaned
============

================
Prefetch cleaned
================



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Voici le rapport ah quelle galere ces virus merci pour tout ce travail
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A01
USER : JA........( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:145 Go (Free:59 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:298 Go (Free:249 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 18/12/2009|23:32 )

--------------------\\ Listing des dossiers dans APPLIC~1

[29/09/2004|16:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[22/09/2004|13:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[22/09/2004|13:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[22/09/2004|13:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Jasc Software Inc
[22/09/2004|13:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[22/09/2004|13:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
[22/09/2004|13:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[22/09/2004|13:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[16/12/2009|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/08/2009|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[29/09/2004|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[23/12/2007|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[23/12/2007|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/10/2008|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[29/12/2005|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[27/09/2007|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[22/09/2004|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[27/06/2006|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[04/07/2007|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[25/08/2009|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[11/11/2009|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/12/2009|09:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
[16/12/2009|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Iceni
[27/05/2007|07:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[30/12/2005|08:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[18/12/2009|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[01/12/2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[04/03/2007|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[05/04/2005|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/11/2009|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/12/2009|14:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[28/09/2004|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[06/01/2005|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[16/12/2009|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nitro PDF
[21/06/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[22/11/2004|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[11/11/2009|06:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[07/04/2005|09:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm
[22/09/2004|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/09/2007|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[02/10/2008|06:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[18/05/2007|09:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[06/03/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[08/10/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[25/07/2006|06:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/05/2008|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[02/03/2006|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[29/09/2004|16:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[22/09/2004|13:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Creative
[22/09/2004|13:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/09/2004|13:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Jasc Software Inc
[22/09/2004|13:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2004|13:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[22/09/2004|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[22/09/2004|13:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[08/12/2006|12:52] C:\DOCUME~1\JAUZE\APPLIC~1\ABBYY
[05/02/2008|20:02] C:\DOCUME~1\JAUZE\APPLIC~1\ACAMPREF
[11/11/2009|10:35] C:\DOCUME~1\JAUZE\APPLIC~1\Adobe
[25/03/2006|07:56] C:\DOCUME~1\JAUZE\APPLIC~1\AdobeUM
[16/06/2009|08:29] C:\DOCUME~1\JAUZE\APPLIC~1\AdSigner
[05/01/2007|09:13] C:\DOCUME~1\JAUZE\APPLIC~1\Ahead
[06/09/2008|18:46] C:\DOCUME~1\JAUZE\APPLIC~1\Anuman Interactive
[29/09/2004|16:40] C:\DOCUME~1\JAUZE\APPLIC~1\AOL
[04/01/2009|21:00] C:\DOCUME~1\JAUZE\APPLIC~1\Apple Computer
[16/11/2007|07:47] C:\DOCUME~1\JAUZE\APPLIC~1\Arcsoft
[16/12/2009|21:33] C:\DOCUME~1\JAUZE\APPLIC~1\Aspell
[24/10/2008|15:41] C:\DOCUME~1\JAUZE\APPLIC~1\AVS4YOU
[09/08/2009|17:33] C:\DOCUME~1\JAUZE\APPLIC~1\Azureus
[01/10/2007|11:11] C:\DOCUME~1\JAUZE\APPLIC~1\BitTorrent
[09/08/2008|16:46] C:\DOCUME~1\JAUZE\APPLIC~1\Brother
[21/12/2004|10:34] C:\DOCUME~1\JAUZE\APPLIC~1\Caere
[25/10/2009|17:44] C:\DOCUME~1\JAUZE\APPLIC~1\Canon
[20/02/2007|22:56] C:\DOCUME~1\JAUZE\APPLIC~1\Cimaware
[20/06/2006|20:13] C:\DOCUME~1\JAUZE\APPLIC~1\Creative
[25/10/2004|08:05] C:\DOCUME~1\JAUZE\APPLIC~1\CyberLink
[28/08/2007|11:23] C:\DOCUME~1\JAUZE\APPLIC~1\DivX
[12/12/2006|07:03] C:\DOCUME~1\JAUZE\APPLIC~1\Download Manager
[16/12/2009|19:38] C:\DOCUME~1\JAUZE\APPLIC~1\Downloaded Installations
[18/11/2007|13:29] C:\DOCUME~1\JAUZE\APPLIC~1\Druide
[14/09/2006|19:37] C:\DOCUME~1\JAUZE\APPLIC~1\eConf
[30/09/2006|08:10] C:\DOCUME~1\JAUZE\APPLIC~1\Elaborate Bytes
[20/11/2007|16:53] C:\DOCUME~1\JAUZE\APPLIC~1\FileZilla
[09/09/2006|13:46] C:\DOCUME~1\JAUZE\APPLIC~1\Google
[25/12/2004|11:27] C:\DOCUME~1\JAUZE\APPLIC~1\Help
[17/12/2009|09:46] C:\DOCUME~1\JAUZE\APPLIC~1\Hold Burn Ref
[09/04/2008|16:30] C:\DOCUME~1\JAUZE\APPLIC~1\Identities
[08/10/2008|17:30] C:\DOCUME~1\JAUZE\APPLIC~1\InstallShield
[01/06/2007|07:39] C:\DOCUME~1\JAUZE\APPLIC~1\Jasc Software Inc
[06/03/2007|21:00] C:\DOCUME~1\JAUZE\APPLIC~1\Lavasoft
[28/09/2004|10:29] C:\DOCUME~1\JAUZE\APPLIC~1\Leadertech
[01/10/2007|09:31] C:\DOCUME~1\JAUZE\APPLIC~1\LimeWire
[23/02/2007|11:07] C:\DOCUME~1\JAUZE\APPLIC~1\Logitech
[29/12/2004|14:03] C:\DOCUME~1\JAUZE\APPLIC~1\Macromedia
[26/12/2005|22:11] C:\DOCUME~1\JAUZE\APPLIC~1\Magic Match
[18/12/2009|18:21] C:\DOCUME~1\JAUZE\APPLIC~1\Malwarebytes
[17/09/2005|10:16] C:\DOCUME~1\JAUZE\APPLIC~1\Media Player Classic
[29/11/2009|11:07] C:\DOCUME~1\JAUZE\APPLIC~1\Microsoft
[27/09/2004|17:29] C:\DOCUME~1\JAUZE\APPLIC~1\Microsoft Web Folders
[04/07/2008|14:07] C:\DOCUME~1\JAUZE\APPLIC~1\Mozilla
[29/10/2004|06:31] C:\DOCUME~1\JAUZE\APPLIC~1\MSN6
[19/10/2004|14:20] C:\DOCUME~1\JAUZE\APPLIC~1\NeroVision
[16/12/2009|19:49] C:\DOCUME~1\JAUZE\APPLIC~1\Nitro PDF
[21/06/2006|20:35] C:\DOCUME~1\JAUZE\APPLIC~1\OD2
[04/11/2009|18:02] C:\DOCUME~1\JAUZE\APPLIC~1\OpenOffice.org
[27/11/2004|13:00] C:\DOCUME~1\JAUZE\APPLIC~1\Raptisoft
[22/11/2009|21:50] C:\DOCUME~1\JAUZE\APPLIC~1\Real
[27/09/2007|14:04] C:\DOCUME~1\JAUZE\APPLIC~1\ScanSoft
[19/03/2007|14:47] C:\DOCUME~1\JAUZE\APPLIC~1\Screenshot Sender
[16/12/2008|09:43] C:\DOCUME~1\JAUZE\APPLIC~1\Sibelius Software
[30/09/2006|08:04] C:\DOCUME~1\JAUZE\APPLIC~1\SlySoft
[22/09/2004|13:44] C:\DOCUME~1\JAUZE\APPLIC~1\Sonic
[22/09/2004|13:32] C:\DOCUME~1\JAUZE\APPLIC~1\Sun
[18/03/2006|18:44] C:\DOCUME~1\JAUZE\APPLIC~1\Talkback
[19/05/2008|09:21] C:\DOCUME~1\JAUZE\APPLIC~1\TaoUSign
[30/09/2004|08:00] C:\DOCUME~1\JAUZE\APPLIC~1\Template
[14/10/2008|05:56] C:\DOCUME~1\JAUZE\APPLIC~1\TomTom
[28/09/2009|05:28] C:\DOCUME~1\JAUZE\APPLIC~1\uTorrent
[11/10/2009|19:10] C:\DOCUME~1\JAUZE\APPLIC~1\Windows Search
[18/12/2009|15:06] C:\DOCUME~1\JAUZE\APPLIC~1\WinRAR
[22/09/2004|13:43] C:\DOCUME~1\JAUZE\APPLIC~1\You've Got Pictures Screensaver
[31/05/2006|11:03] C:\DOCUME~1\JAUZE\APPLIC~1\Zylom

[12/10/2006|14:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[10/08/2008|20:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[09/10/2009|07:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities
[09/10/2009|07:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Logitech
[30/09/2004|06:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[02/12/2009|05:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee
[04/08/2006|20:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[09/10/2009|07:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Real
[25/05/2009|01:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore
[09/10/2009|07:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sonic
[12/10/2009|07:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Windows Desktop Search

[22/09/2004|13:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[29/11/2004|19:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Creative

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[18/12/2009 23:00][--ah-----] C:\WINDOWS\tasks\A5A1936E915E0252.job
[16/12/2009 10:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/11/2008 02:01][--a------] C:\WINDOWS\tasks\McDefragTask.job
[01/01/2009 01:00][--a------] C:\WINDOWS\tasks\McQcTask.job
[28/09/2004 15:30][--a------] C:\WINDOWS\tasks\Rappel d'abonnement 1 auprŠs de l'ISP.job
[18/12/2009 21:36][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 07:00][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

( A5A1936E915E0252.job )=( c:\docume~1\jauze\applic~1\holdbu~1\THETONS01.exe )

--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"SponsorInstalled"=dword:00000000


--------------------\\ Listing des dossiers dans C:\Program Files

[18/01/2007|22:33] C:\Program Files\ABBYY ScanTo Office 1.0
[11/11/2009|10:38] C:\Program Files\Adobe
[18/12/2009|13:38] C:\Program Files\Ad-Remover
[10/12/2005|19:17] C:\Program Files\Ahead
[13/08/2005|18:39] C:\Program Files\Alcohol Soft
[04/01/2009|21:08] C:\Program Files\Apple Software Update
[27/09/2007|14:01] C:\Program Files\ArcSoft
[14/08/2006|12:58] C:\Program Files\a-squared Anti-Malware
[14/08/2006|12:58] C:\Program Files\a-squared Free
[22/09/2004|13:36] C:\Program Files\ATI Technologies
[19/12/2006|13:43] C:\Program Files\Audacity
[24/10/2008|15:43] C:\Program Files\AVS4YOU
[12/05/2009|12:56] C:\Program Files\Azureus
[18/09/2006|08:12] C:\Program Files\Bejeweled 2 Deluxe
[01/10/2007|11:19] C:\Program Files\BitTorrent
[01/10/2007|11:19] C:\Program Files\BitTorrent_DNA
[04/01/2009|14:58] C:\Program Files\Bonjour
[30/12/2005|08:54] C:\Program Files\BoontyGames
[22/09/2004|13:35] C:\Program Files\Broadcom
[21/12/2004|10:32] C:\Program Files\Caere
[27/09/2007|14:07] C:\Program Files\Canon
[27/09/2007|13:57] C:\Program Files\CanonBJ
[11/08/2006|16:06] C:\Program Files\CCleaner
[25/02/2007|10:23] C:\Program Files\Cimaware
[22/11/2009|20:43] C:\Program Files\Cisco
[22/09/2004|13:43] C:\Program Files\Common Files
[22/09/2004|13:03] C:\Program Files\ComPlus Applications
[21/06/2006|20:00] C:\Program Files\Creative
[22/09/2004|13:36] C:\Program Files\CyberLink
[22/09/2004|13:36] C:\Program Files\Dell
[06/07/2007|10:21] C:\Program Files\DIFX
[02/09/2007|09:04] C:\Program Files\DivX
[30/04/2006|07:18] C:\Program Files\Documents To Go
[11/08/2009|22:15] C:\Program Files\Druide
[29/09/2006|06:41] C:\Program Files\DVD Shrink
[29/03/2005|20:51] C:\Program Files\Easy Cross
[08/06/2005|07:28] C:\Program Files\Easy Thumbnails
[04/07/2007|14:05] C:\Program Files\Elaborate Bytes
[10/01/2008|15:43] C:\Program Files\eMule
[17/10/2004|17:49] C:\Program Files\EPSON
[16/12/2009|21:35] C:\Program Files\Fichiers communs
[20/11/2007|16:53] C:\Program Files\FileZilla Client
[02/01/2006|18:30] C:\Program Files\GameHouse
[11/11/2009|10:54] C:\Program Files\Google
[06/03/2007|21:15] C:\Program Files\Grisoft
[28/10/2004|17:30] C:\Program Files\GSpot
[02/10/2009|09:14] C:\Program Files\Guitar Pro 4
[07/01/2008|17:52] C:\Program Files\Hachette Multim‚dia
[07/03/2007|18:56] C:\Program Files\HijackThis
[17/12/2009|09:45] C:\Program Files\Hold Burn Ref
[04/04/2009|17:25] C:\Program Files\HP
[04/07/2008|17:21] C:\Program Files\Icone
[03/06/2007|21:26] C:\Program Files\Illustrate
[25/08/2009|14:28] C:\Program Files\InstallShield Installation Information
[22/09/2004|13:37] C:\Program Files\Intel
[09/12/2009|14:58] C:\Program Files\Internet Explorer
[27/01/2006|17:15] C:\Program Files\Inventel
[04/01/2009|14:59] C:\Program Files\iPod
[04/01/2009|15:00] C:\Program Files\iTunes
[01/06/2007|07:39] C:\Program Files\Jasc Software Inc
[14/10/2009|13:49] C:\Program Files\Java
[04/11/2009|17:51] C:\Program Files\JRE
[22/09/2004|13:43] C:\Program Files\Learn2.com
[01/10/2007|09:33] C:\Program Files\LimeWire
[23/02/2007|11:06] C:\Program Files\Logitech
[18/12/2009|18:20] C:\Program Files\Malwarebytes' Anti-Malware
[18/12/2009|08:15] C:\Program Files\McAfee
[04/03/2007|13:23] C:\Program Files\McAfee.com
[15/02/2007|16:22] C:\Program Files\Mediametrie
[30/12/2005|08:52] C:\Program Files\Mes Jeux T‚l‚charg‚s
[14/08/2008|13:24] C:\Program Files\Messenger
[17/10/2008|08:06] C:\Program Files\Messenger Plus! 3
[06/11/2009|12:40] C:\Program Files\Messenger Plus! Live
[29/03/2005|10:40] C:\Program Files\Micro Application
[06/10/2009|16:34] C:\Program Files\Microsoft
[09/05/2008|13:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[13/08/2005|18:56] C:\Program Files\Microsoft Encarta
[09/01/2005|14:05] C:\Program Files\microsoft frontpage
[11/01/2008|09:56] C:\Program Files\Microsoft Office
[06/10/2009|16:34] C:\Program Files\Microsoft Office Outlook Connector
[07/10/2009|13:20] C:\Program Files\Microsoft Silverlight
[06/10/2009|16:29] C:\Program Files\Microsoft SQL Server Compact Edition
[06/10/2009|17:42] C:\Program Files\Microsoft Sync Framework
[11/01/2008|09:56] C:\Program Files\Microsoft Visual Studio
[22/10/2009|13:04] C:\Program Files\Microsoft Works
[24/11/2004|23:35] C:\Program Files\Modem Helper
[22/09/2004|13:37] C:\Program Files\Modem On Hold
[16/12/2009|20:27] C:\Program Files\Monkey's Audio
[18/12/2004|07:30] C:\Program Files\Movie Maker
[18/12/2009|23:26] C:\Program Files\Mozilla Firefox
[06/01/2007|13:56] C:\Program Files\mp3DirectCut
[07/10/2009|13:06] C:\Program Files\MSBuild
[22/09/2004|13:03] C:\Program Files\MSN
[09/12/2004|11:07] C:\Program Files\MSN Apps
[29/12/2005|16:15] C:\Program Files\MSN Games
[22/09/2004|13:03] C:\Program Files\MSN Gaming Zone
[18/11/2006|14:01] C:\Program Files\MSXML 4.0
[07/10/2009|13:02] C:\Program Files\MSXML 6.0
[18/12/2004|07:27] C:\Program Files\NetMeeting
[25/02/2007|10:22] C:\Program Files\Ontrack
[04/11/2009|17:51] C:\Program Files\OpenOffice.org 3
[15/02/2007|15:45] C:\Program Files\OpiStat
[10/08/2007|08:04] C:\Program Files\orange
[16/02/2007|05:44] C:\Program Files\OrangeHSS
[12/08/2009|09:35] C:\Program Files\Outlook Express
[03/04/2008|08:08] C:\Program Files\Palm
[03/04/2008|08:08] C:\Program Files\Palm Inc
[17/12/2009|17:14] C:\Program Files\PDF Editeur 2
[16/11/2007|10:34] C:\Program Files\PDF Editor Objects 2
[05/02/2008|20:02] C:\Program Files\PDFtoMusic
[29/12/2005|10:43] C:\Program Files\PopCap Games
[28/10/2006|08:23] C:\Program Files\Power IE
[21/12/2004|09:57] C:\Program Files\PRIMAX
[25/08/2009|20:45] C:\Program Files\PSCS2Updater
[04/01/2009|14:58] C:\Program Files\QuickTime
[15/04/2006|21:38] C:\Program Files\Radio Fr Solo
[22/09/2004|13:42] C:\Program Files\Real
[20/02/2007|23:02] C:\Program Files\Recovery for Excel
[07/10/2009|13:06] C:\Program Files\Reference Assemblies
[19/04/2008|14:52] C:\Program Files\Samsung
[27/09/2007|14:04] C:\Program Files\ScanSoft
[30/06/2009|16:31] C:\Program Files\Securitoo
[22/09/2004|13:03] C:\Program Files\Services en ligne
[16/12/2008|09:43] C:\Program Files\Sibelius Software
[20/01/2005|16:06] C:\Program Files\Siber Systems
[08/12/2006|12:03] C:\Program Files\SimpleOCR
[30/09/2006|13:58] C:\Program Files\SlySoft
[02/07/2005|18:00] C:\Program Files\Smart Projects
[22/09/2004|13:41] C:\Program Files\Sonic
[18/05/2007|09:12] C:\Program Files\Spybot - Search & Destroy
[10/12/2008|15:56] C:\Program Files\TomTom HOME
[19/09/2009|18:42] C:\Program Files\TomTom HOME 2
[19/09/2009|18:43] C:\Program Files\TomTom International B.V
[18/12/2009|21:48] C:\Program Files\trend micro
[23/03/2009|22:44] C:\Program Files\Tunatic
[22/09/2004|13:32] C:\Program Files\Uninstall Information
[11/06/2006|19:43] C:\Program Files\Unlocker
[27/08/2008|07:43] C:\Program Files\uTorrent
[16/02/2007|05:42] C:\Program Files\Wanadoo
[28/12/2005|22:17] C:\Program Files\Wanadoo Jeux
[01/12/2005|18:33] C:\Program Files\Winamp
[12/10/2009|09:29] C:\Program Files\Windows Desktop Search
[06/10/2009|17:42] C:\Program Files\Windows Live
[13/02/2009|17:08] C:\Program Files\Windows Live SkyDrive
[16/08/2006|10:00] C:\Program Files\Windows Media Player
[18/12/2004|07:27] C:\Program Files\Windows NT
[21/06/2007|04:47] C:\Program Files\WindowsUpdate
[20/04/2005|15:54] C:\Program Files\WinRAR
[22/09/2004|13:03] C:\Program Files\XEROX
[02/12/2004|17:04] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/11/2009|10:37] C:\Program Files\Fichiers communs\Adobe
[25/08/2009|20:41] C:\Program Files\Fichiers communs\Adobe Systems Shared
[10/12/2005|18:43] C:\Program Files\Fichiers communs\Ahead
[30/07/2007|17:51] C:\Program Files\Fichiers communs\AOL
[23/12/2007|21:39] C:\Program Files\Fichiers communs\Apple
[24/10/2008|15:43] C:\Program Files\Fichiers communs\AVSMedia
[29/12/2005|22:32] C:\Program Files\Fichiers communs\BOONTY Shared
[09/08/2008|13:20] C:\Program Files\Fichiers communs\Brother
[21/12/2004|10:32] C:\Program Files\Fichiers communs\Caere
[11/01/2008|09:56] C:\Program Files\Fichiers communs\DESIGNER
[16/02/2007|05:34] C:\Program Files\Fichiers communs\France Telecom
[26/03/2009|07:55] C:\Program Files\Fichiers communs\Hewlett-Packard
[27/05/2007|07:11] C:\Program Files\Fichiers communs\InstallShield
[22/09/2004|13:32] C:\Program Files\Fichiers communs\Java
[25/02/2007|10:22] C:\Program Files\Fichiers communs\Logitech
[28/08/2009|07:53] C:\Program Files\Fichiers communs\Macrovision Shared
[29/11/2007|11:24] C:\Program Files\Fichiers communs\McAfee
[22/10/2009|13:05] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2004|13:03] C:\Program Files\Fichiers communs\MSSoap
[22/09/2004|13:43] C:\Program Files\Fichiers communs\Nullsoft
[22/09/2004|13:03] C:\Program Files\Fichiers communs\ODBC
[22/11/2009|21:50] C:\Program Files\Fichiers communs\Real
[27/09/2007|14:04] C:\Program Files\Fichiers communs\ScanSoft Shared
[18/03/2006|19:00] C:\Program Files\Fichiers communs\Services
[22/09/2004|13:41] C:\Program Files\Fichiers communs\Sonic
[22/09/2004|13:40] C:\Program Files\Fichiers communs\Sonic Shared
[22/09/2004|13:03] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|05:41] C:\Program Files\Fichiers communs\System
[13/02/2009|13:45] C:\Program Files\Fichiers communs\Windows Live
[08/05/2008|14:25] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[22/11/2009|21:50] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 78 Processes )

IEXPLORE.EXE ~ [PID:3060]
IEXPLORE.EXE ~ [PID:3428]
iexplore.exe ~ [PID:3704]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\JAUZE\APPLIC~1\HOLDBU~1
C:\DOCUME~1\JAUZE\APPLIC~1\HOLDBU~1\platform clock.exe
C:\DOCUME~1\JAUZE\APPLIC~1\HOLDBU~1\THETONS01.exe
C:\DOCUME~1\JAUZE\APPLIC~1\HOLDBU~1\tlfkmdwt.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default\bleh fast.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default\bleh fast.exe
C:\DOCUME~1\JAUZE\APPLIC~1\holdbu~1
C:\DOCUME~1\JAUZE\APPLIC~1\holdbu~1\platform clock.exe
C:\DOCUME~1\JAUZE\APPLIC~1\holdbu~1\THETONS01.exe
C:\DOCUME~1\JAUZE\APPLIC~1\holdbu~1\tlfkmdwt.exe
C:\Program Files\holdbu~1
C:\DOCUME~1\JAUZE\Cookies\jauze@advertstream[1].txt
C:\DOCUME~1\JAUZE\Cookies\jauze@2xmoinscher[2].txt
C:\DOCUME~1\JAUZE\Cookies\jauze@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\A5A1936E915E0252.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Thunkrealmp3]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\JAUZE\\APPLIC~1\\HOLDBU~1\\platform clock.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Fast warn"="C:\\DOCUME~1\\JAUZE\\APPLIC~1\\HOLDBU~1\\platform clock.exe"
"Fast warn"="C:\\DOCUME~1\\JAUZE\\APPLIC~1\\HOLDBU~1\\platform clock.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Love default global mess"="C:\\Documents and Settings\\All Users\\Application Data\\great coal love default\\bleh fast.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-18 23:36:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 258

--------------------\\ Recherche d'autres infections

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vxulqts"="c:\\windows\\system32\\vxulqts.exe vxulqts"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ahdxdicagz"="c:\\windows\\system32\\ahdxdicagz.exe ahdxdicagz"

[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JAUZE\Application Data\Microsoft\Office\R‚cents\Nero Burning ROM 6.3.0.0 crack_sn.lnk
C:\DOCUME~1\JAUZE\Mes documents\pouet\Nero Burning ROM 6.3.0.0 crack_sn.rtf
C:\DOCUME~1\JAUZE\Mes documents\pouet\WinRAR 3.30 crack‚ - Francais
C:\DOCUME~1\JAUZE\Mes documents\pouet\WinRAR 3.30 crack‚ - Francais\WinRAR 3.30 crack‚ - Francais
C:\DOCUME~1\JAUZE\Mes documents\pouet\WinRAR 3.30 crack‚ - Francais\WinRAR 3.30 crack‚ - Francais\a lire.txt
C:\DOCUME~1\JAUZE\Mes documents\pouet\WinRAR 3.30 crack‚ - Francais\WinRAR 3.30 crack‚ - Francais\WinRAR 3.30.exe
C:\DOCUME~1\JAUZE\Recent\Crack Pdf Editeur V 2.4.lnk
C:\DOCUME~1\JAUZE\Recent\Crack.lnk


[F:41][D:10]-> C:\DOCUME~1\JAUZE\LOCALS~1\Temp
[F:119][D:0]-> C:\DOCUME~1\JAUZE\Cookies
[F:750][D:10]-> C:\DOCUME~1\JAUZE\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/12/2009|23:21 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/12/2009|23:37 - Option : [1]

--------------------\\ Fin du rapport a 23:37:54

Bonjour, voici le ra^pport
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A01
USER : JAUZE ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:145 Go (Free:59 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:298 Go (Free:249 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 19/12/2009| 9:55 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[29/09/2004|16:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[22/09/2004|13:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[22/09/2004|13:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[22/09/2004|13:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Jasc Software Inc
[22/09/2004|13:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[22/09/2004|13:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
[22/09/2004|13:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[22/09/2004|13:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[16/12/2009|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/08/2009|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[29/09/2004|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[23/12/2007|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[23/12/2007|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/10/2008|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[29/12/2005|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[27/09/2007|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[22/09/2004|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[27/06/2006|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[04/07/2007|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[25/08/2009|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[11/11/2009|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/12/2009|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Iceni
[27/05/2007|07:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[30/12/2005|08:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[18/12/2009|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[01/12/2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[04/03/2007|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[05/04/2005|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/11/2009|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/12/2009|14:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[28/09/2004|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[06/01/2005|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[16/12/2009|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nitro PDF
[21/06/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[22/11/2004|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[11/11/2009|06:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[07/04/2005|09:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm
[22/09/2004|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/09/2007|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[02/10/2008|06:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[18/05/2007|09:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[06/03/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[08/10/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[25/07/2006|06:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/05/2008|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[02/03/2006|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[29/09/2004|16:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[22/09/2004|13:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Creative
[22/09/2004|13:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/09/2004|13:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Jasc Software Inc
[22/09/2004|13:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2004|13:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[22/09/2004|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[22/09/2004|13:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[08/12/2006|12:52] C:\DOCUME~1\JAUZE\APPLIC~1\ABBYY
[05/02/2008|20:02] C:\DOCUME~1\JAUZE\APPLIC~1\ACAMPREF
[11/11/2009|10:35] C:\DOCUME~1\JAUZE\APPLIC~1\Adobe
[25/03/2006|07:56] C:\DOCUME~1\JAUZE\APPLIC~1\AdobeUM
[16/06/2009|08:29] C:\DOCUME~1\JAUZE\APPLIC~1\AdSigner
[05/01/2007|09:13] C:\DOCUME~1\JAUZE\APPLIC~1\Ahead
[06/09/2008|18:46] C:\DOCUME~1\JAUZE\APPLIC~1\Anuman Interactive
[29/09/2004|16:40] C:\DOCUME~1\JAUZE\APPLIC~1\AOL
[04/01/2009|21:00] C:\DOCUME~1\JAUZE\APPLIC~1\Apple Computer
[16/11/2007|07:47] C:\DOCUME~1\JAUZE\APPLIC~1\Arcsoft
[16/12/2009|21:33] C:\DOCUME~1\JAUZE\APPLIC~1\Aspell
[24/10/2008|15:41] C:\DOCUME~1\JAUZE\APPLIC~1\AVS4YOU
[09/08/2009|17:33] C:\DOCUME~1\JAUZE\APPLIC~1\Azureus
[01/10/2007|11:11] C:\DOCUME~1\JAUZE\APPLIC~1\BitTorrent
[09/08/2008|16:46] C:\DOCUME~1\JAUZE\APPLIC~1\Brother
[21/12/2004|10:34] C:\DOCUME~1\JAUZE\APPLIC~1\Caere
[25/10/2009|17:44] C:\DOCUME~1\JAUZE\APPLIC~1\Canon
[20/02/2007|22:56] C:\DOCUME~1\JAUZE\APPLIC~1\Cimaware
[20/06/2006|20:13] C:\DOCUME~1\JAUZE\APPLIC~1\Creative
[25/10/2004|08:05] C:\DOCUME~1\JAUZE\APPLIC~1\CyberLink
[28/08/2007|11:23] C:\DOCUME~1\JAUZE\APPLIC~1\DivX
[12/12/2006|07:03] C:\DOCUME~1\JAUZE\APPLIC~1\Download Manager
[16/12/2009|19:38] C:\DOCUME~1\JAUZE\APPLIC~1\Downloaded Installations
[18/11/2007|13:29] C:\DOCUME~1\JAUZE\APPLIC~1\Druide
[14/09/2006|19:37] C:\DOCUME~1\JAUZE\APPLIC~1\eConf
[30/09/2006|08:10] C:\DOCUME~1\JAUZE\APPLIC~1\Elaborate Bytes
[20/11/2007|16:53] C:\DOCUME~1\JAUZE\APPLIC~1\FileZilla
[09/09/2006|13:46] C:\DOCUME~1\JAUZE\APPLIC~1\Google
[25/12/2004|11:27] C:\DOCUME~1\JAUZE\APPLIC~1\Help
[09/04/2008|16:30] C:\DOCUME~1\JAUZE\APPLIC~1\Identities
[08/10/2008|17:30] C:\DOCUME~1\JAUZE\APPLIC~1\InstallShield
[01/06/2007|07:39] C:\DOCUME~1\JAUZE\APPLIC~1\Jasc Software Inc
[06/03/2007|21:00] C:\DOCUME~1\JAUZE\APPLIC~1\Lavasoft
[28/09/2004|10:29] C:\DOCUME~1\JAUZE\APPLIC~1\Leadertech
[01/10/2007|09:31] C:\DOCUME~1\JAUZE\APPLIC~1\LimeWire
[23/02/2007|11:07] C:\DOCUME~1\JAUZE\APPLIC~1\Logitech
[29/12/2004|14:03] C:\DOCUME~1\JAUZE\APPLIC~1\Macromedia
[26/12/2005|22:11] C:\DOCUME~1\JAUZE\APPLIC~1\Magic Match
[18/12/2009|18:21] C:\DOCUME~1\JAUZE\APPLIC~1\Malwarebytes
[17/09/2005|10:16] C:\DOCUME~1\JAUZE\APPLIC~1\Media Player Classic
[29/11/2009|11:07] C:\DOCUME~1\JAUZE\APPLIC~1\Microsoft
[27/09/2004|17:29] C:\DOCUME~1\JAUZE\APPLIC~1\Microsoft Web Folders
[04/07/2008|14:07] C:\DOCUME~1\JAUZE\APPLIC~1\Mozilla
[29/10/2004|06:31] C:\DOCUME~1\JAUZE\APPLIC~1\MSN6
[19/10/2004|14:20] C:\DOCUME~1\JAUZE\APPLIC~1\NeroVision
[16/12/2009|19:49] C:\DOCUME~1\JAUZE\APPLIC~1\Nitro PDF
[21/06/2006|20:35] C:\DOCUME~1\JAUZE\APPLIC~1\OD2
[04/11/2009|18:02] C:\DOCUME~1\JAUZE\APPLIC~1\OpenOffice.org
[27/11/2004|13:00] C:\DOCUME~1\JAUZE\APPLIC~1\Raptisoft
[22/11/2009|21:50] C:\DOCUME~1\JAUZE\APPLIC~1\Real
[27/09/2007|14:04] C:\DOCUME~1\JAUZE\APPLIC~1\ScanSoft
[19/03/2007|14:47] C:\DOCUME~1\JAUZE\APPLIC~1\Screenshot Sender
[16/12/2008|09:43] C:\DOCUME~1\JAUZE\APPLIC~1\Sibelius Software
[30/09/2006|08:04] C:\DOCUME~1\JAUZE\APPLIC~1\SlySoft
[22/09/2004|13:44] C:\DOCUME~1\JAUZE\APPLIC~1\Sonic
[22/09/2004|13:32] C:\DOCUME~1\JAUZE\APPLIC~1\Sun
[18/03/2006|18:44] C:\DOCUME~1\JAUZE\APPLIC~1\Talkback
[19/05/2008|09:21] C:\DOCUME~1\JAUZE\APPLIC~1\TaoUSign
[30/09/2004|08:00] C:\DOCUME~1\JAUZE\APPLIC~1\Template
[14/10/2008|05:56] C:\DOCUME~1\JAUZE\APPLIC~1\TomTom
[28/09/2009|05:28] C:\DOCUME~1\JAUZE\APPLIC~1\uTorrent
[11/10/2009|19:10] C:\DOCUME~1\JAUZE\APPLIC~1\Windows Search
[18/12/2009|15:06] C:\DOCUME~1\JAUZE\APPLIC~1\WinRAR
[22/09/2004|13:43] C:\DOCUME~1\JAUZE\APPLIC~1\You've Got Pictures Screensaver
[31/05/2006|11:03] C:\DOCUME~1\JAUZE\APPLIC~1\Zylom

[12/10/2006|14:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[10/08/2008|20:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[09/10/2009|07:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities
[09/10/2009|07:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Logitech
[30/09/2004|06:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[02/12/2009|05:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee
[04/08/2006|20:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[09/10/2009|07:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Real
[25/05/2009|01:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore
[09/10/2009|07:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sonic
[12/10/2009|07:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Windows Desktop Search

[22/09/2004|13:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[29/11/2004|19:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Creative

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[16/12/2009 10:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/11/2008 02:01][--a------] C:\WINDOWS\tasks\McDefragTask.job
[01/01/2009 01:00][--a------] C:\WINDOWS\tasks\McQcTask.job
[28/09/2004 15:30][--a------] C:\WINDOWS\tasks\Rappel d'abonnement 1 auprŠs de l'ISP.job
[19/12/2009 09:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 07:00][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"SponsorInstalled"=dword:00000000


--------------------\\ Listing des dossiers dans C:\Program Files

[18/01/2007|22:33] C:\Program Files\ABBYY ScanTo Office 1.0
[11/11/2009|10:38] C:\Program Files\Adobe
[18/12/2009|13:38] C:\Program Files\Ad-Remover
[10/12/2005|19:17] C:\Program Files\Ahead
[13/08/2005|18:39] C:\Program Files\Alcohol Soft
[04/01/2009|21:08] C:\Program Files\Apple Software Update
[27/09/2007|14:01] C:\Program Files\ArcSoft
[14/08/2006|12:58] C:\Program Files\a-squared Anti-Malware
[14/08/2006|12:58] C:\Program Files\a-squared Free
[22/09/2004|13:36] C:\Program Files\ATI Technologies
[19/12/2006|13:43] C:\Program Files\Audacity
[24/10/2008|15:43] C:\Program Files\AVS4YOU
[12/05/2009|12:56] C:\Program Files\Azureus
[18/09/2006|08:12] C:\Program Files\Bejeweled 2 Deluxe
[01/10/2007|11:19] C:\Program Files\BitTorrent
[01/10/2007|11:19] C:\Program Files\BitTorrent_DNA
[04/01/2009|14:58] C:\Program Files\Bonjour
[30/12/2005|08:54] C:\Program Files\BoontyGames
[22/09/2004|13:35] C:\Program Files\Broadcom
[21/12/2004|10:32] C:\Program Files\Caere
[27/09/2007|14:07] C:\Program Files\Canon
[27/09/2007|13:57] C:\Program Files\CanonBJ
[11/08/2006|16:06] C:\Program Files\CCleaner
[25/02/2007|10:23] C:\Program Files\Cimaware
[22/11/2009|20:43] C:\Program Files\Cisco
[22/09/2004|13:43] C:\Program Files\Common Files
[22/09/2004|13:03] C:\Program Files\ComPlus Applications
[21/06/2006|20:00] C:\Program Files\Creative
[22/09/2004|13:36] C:\Program Files\CyberLink
[22/09/2004|13:36] C:\Program Files\Dell
[06/07/2007|10:21] C:\Program Files\DIFX
[02/09/2007|09:04] C:\Program Files\DivX
[30/04/2006|07:18] C:\Program Files\Documents To Go
[11/08/2009|22:15] C:\Program Files\Druide
[29/09/2006|06:41] C:\Program Files\DVD Shrink
[29/03/2005|20:51] C:\Program Files\Easy Cross
[08/06/2005|07:28] C:\Program Files\Easy Thumbnails
[04/07/2007|14:05] C:\Program Files\Elaborate Bytes
[10/01/2008|15:43] C:\Program Files\eMule
[17/10/2004|17:49] C:\Program Files\EPSON
[16/12/2009|21:35] C:\Program Files\Fichiers communs
[20/11/2007|16:53] C:\Program Files\FileZilla Client
[02/01/2006|18:30] C:\Program Files\GameHouse
[11/11/2009|10:54] C:\Program Files\Google
[06/03/2007|21:15] C:\Program Files\Grisoft
[28/10/2004|17:30] C:\Program Files\GSpot
[02/10/2009|09:14] C:\Program Files\Guitar Pro 4
[07/01/2008|17:52] C:\Program Files\Hachette Multim‚dia
[07/03/2007|18:56] C:\Program Files\HijackThis
[04/04/2009|17:25] C:\Program Files\HP
[04/07/2008|17:21] C:\Program Files\Icone
[03/06/2007|21:26] C:\Program Files\Illustrate
[25/08/2009|14:28] C:\Program Files\InstallShield Installation Information
[22/09/2004|13:37] C:\Program Files\Intel
[09/12/2009|14:58] C:\Program Files\Internet Explorer
[27/01/2006|17:15] C:\Program Files\Inventel
[04/01/2009|14:59] C:\Program Files\iPod
[04/01/2009|15:00] C:\Program Files\iTunes
[01/06/2007|07:39] C:\Program Files\Jasc Software Inc
[14/10/2009|13:49] C:\Program Files\Java
[04/11/2009|17:51] C:\Program Files\JRE
[22/09/2004|13:43] C:\Program Files\Learn2.com
[01/10/2007|09:33] C:\Program Files\LimeWire
[23/02/2007|11:06] C:\Program Files\Logitech
[18/12/2009|18:20] C:\Program Files\Malwarebytes' Anti-Malware
[18/12/2009|08:15] C:\Program Files\McAfee
[04/03/2007|13:23] C:\Program Files\McAfee.com
[15/02/2007|16:22] C:\Program Files\Mediametrie
[30/12/2005|08:52] C:\Program Files\Mes Jeux T‚l‚charg‚s
[14/08/2008|13:24] C:\Program Files\Messenger
[17/10/2008|08:06] C:\Program Files\Messenger Plus! 3
[06/11/2009|12:40] C:\Program Files\Messenger Plus! Live
[29/03/2005|10:40] C:\Program Files\Micro Application
[06/10/2009|16:34] C:\Program Files\Microsoft
[09/05/2008|13:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[13/08/2005|18:56] C:\Program Files\Microsoft Encarta
[09/01/2005|14:05] C:\Program Files\microsoft frontpage
[11/01/2008|09:56] C:\Program Files\Microsoft Office
[06/10/2009|16:34] C:\Program Files\Microsoft Office Outlook Connector
[07/10/2009|13:20] C:\Program Files\Microsoft Silverlight
[06/10/2009|16:29] C:\Program Files\Microsoft SQL Server Compact Edition
[06/10/2009|17:42] C:\Program Files\Microsoft Sync Framework
[11/01/2008|09:56] C:\Program Files\Microsoft Visual Studio
[22/10/2009|13:04] C:\Program Files\Microsoft Works
[24/11/2004|23:35] C:\Program Files\Modem Helper
[22/09/2004|13:37] C:\Program Files\Modem On Hold
[16/12/2009|20:27] C:\Program Files\Monkey's Audio
[18/12/2004|07:30] C:\Program Files\Movie Maker
[18/12/2009|23:26] C:\Program Files\Mozilla Firefox
[06/01/2007|13:56] C:\Program Files\mp3DirectCut
[07/10/2009|13:06] C:\Program Files\MSBuild
[22/09/2004|13:03] C:\Program Files\MSN
[09/12/2004|11:07] C:\Program Files\MSN Apps
[29/12/2005|16:15] C:\Program Files\MSN Games
[22/09/2004|13:03] C:\Program Files\MSN Gaming Zone
[18/11/2006|14:01] C:\Program Files\MSXML 4.0
[07/10/2009|13:02] C:\Program Files\MSXML 6.0
[18/12/2004|07:27] C:\Program Files\NetMeeting
[25/02/2007|10:22] C:\Program Files\Ontrack
[04/11/2009|17:51] C:\Program Files\OpenOffice.org 3
[15/02/2007|15:45] C:\Program Files\OpiStat
[10/08/2007|08:04] C:\Program Files\orange
[16/02/2007|05:44] C:\Program Files\OrangeHSS
[12/08/2009|09:35] C:\Program Files\Outlook Express
[03/04/2008|08:08] C:\Program Files\Palm
[03/04/2008|08:08] C:\Program Files\Palm Inc
[16/11/2007|10:34] C:\Program Files\PDF Editor Objects 2
[05/02/2008|20:02] C:\Program Files\PDFtoMusic
[29/12/2005|10:43] C:\Program Files\PopCap Games
[28/10/2006|08:23] C:\Program Files\Power IE
[21/12/2004|09:57] C:\Program Files\PRIMAX
[25/08/2009|20:45] C:\Program Files\PSCS2Updater
[04/01/2009|14:58] C:\Program Files\QuickTime
[15/04/2006|21:38] C:\Program Files\Radio Fr Solo
[22/09/2004|13:42] C:\Program Files\Real
[20/02/2007|23:02] C:\Program Files\Recovery for Excel
[07/10/2009|13:06] C:\Program Files\Reference Assemblies
[19/04/2008|14:52] C:\Program Files\Samsung
[27/09/2007|14:04] C:\Program Files\ScanSoft
[30/06/2009|16:31] C:\Program Files\Securitoo
[22/09/2004|13:03] C:\Program Files\Services en ligne
[16/12/2008|09:43] C:\Program Files\Sibelius Software
[20/01/2005|16:06] C:\Program Files\Siber Systems
[08/12/2006|12:03] C:\Program Files\SimpleOCR
[30/09/2006|13:58] C:\Program Files\SlySoft
[02/07/2005|18:00] C:\Program Files\Smart Projects
[22/09/2004|13:41] C:\Program Files\Sonic
[18/05/2007|09:12] C:\Program Files\Spybot - Search & Destroy
[10/12/2008|15:56] C:\Program Files\TomTom HOME
[19/09/2009|18:42] C:\Program Files\TomTom HOME 2
[19/09/2009|18:43] C:\Program Files\TomTom International B.V
[18/12/2009|21:48] C:\Program Files\trend micro
[23/03/2009|22:44] C:\Program Files\Tunatic
[22/09/2004|13:32] C:\Program Files\Uninstall Information
[11/06/2006|19:43] C:\Program Files\Unlocker
[27/08/2008|07:43] C:\Program Files\uTorrent
[16/02/2007|05:42] C:\Program Files\Wanadoo
[28/12/2005|22:17] C:\Program Files\Wanadoo Jeux
[01/12/2005|18:33] C:\Program Files\Winamp
[12/10/2009|09:29] C:\Program Files\Windows Desktop Search
[06/10/2009|17:42] C:\Program Files\Windows Live
[13/02/2009|17:08] C:\Program Files\Windows Live SkyDrive
[16/08/2006|10:00] C:\Program Files\Windows Media Player
[18/12/2004|07:27] C:\Program Files\Windows NT
[21/06/2007|04:47] C:\Program Files\WindowsUpdate
[20/04/2005|15:54] C:\Program Files\WinRAR
[22/09/2004|13:03] C:\Program Files\XEROX
[02/12/2004|17:04] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/11/2009|10:37] C:\Program Files\Fichiers communs\Adobe
[25/08/2009|20:41] C:\Program Files\Fichiers communs\Adobe Systems Shared
[10/12/2005|18:43] C:\Program Files\Fichiers communs\Ahead
[30/07/2007|17:51] C:\Program Files\Fichiers communs\AOL
[23/12/2007|21:39] C:\Program Files\Fichiers communs\Apple
[24/10/2008|15:43] C:\Program Files\Fichiers communs\AVSMedia
[29/12/2005|22:32] C:\Program Files\Fichiers communs\BOONTY Shared
[09/08/2008|13:20] C:\Program Files\Fichiers communs\Brother
[21/12/2004|10:32] C:\Program Files\Fichiers communs\Caere
[11/01/2008|09:56] C:\Program Files\Fichiers communs\DESIGNER
[16/02/2007|05:34] C:\Program Files\Fichiers communs\France Telecom
[26/03/2009|07:55] C:\Program Files\Fichiers communs\Hewlett-Packard
[27/05/2007|07:11] C:\Program Files\Fichiers communs\InstallShield
[22/09/2004|13:32] C:\Program Files\Fichiers communs\Java
[25/02/2007|10:22] C:\Program Files\Fichiers communs\Logitech
[28/08/2009|07:53] C:\Program Files\Fichiers communs\Macrovision Shared
[29/11/2007|11:24] C:\Program Files\Fichiers communs\McAfee
[22/10/2009|13:05] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2004|13:03] C:\Program Files\Fichiers communs\MSSoap
[22/09/2004|13:43] C:\Program Files\Fichiers communs\Nullsoft
[22/09/2004|13:03] C:\Program Files\Fichiers communs\ODBC
[22/11/2009|21:50] C:\Program Files\Fichiers communs\Real
[27/09/2007|14:04] C:\Program Files\Fichiers communs\ScanSoft Shared
[18/03/2006|19:00] C:\Program Files\Fichiers communs\Services
[22/09/2004|13:41] C:\Program Files\Fichiers communs\Sonic
[22/09/2004|13:40] C:\Program Files\Fichiers communs\Sonic Shared
[22/09/2004|13:03] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|05:41] C:\Program Files\Fichiers communs\System
[13/02/2009|13:45] C:\Program Files\Fichiers communs\Windows Live
[08/05/2008|14:25] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[22/11/2009|21:50] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 74 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-19 09:59:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 258

--------------------\\ Recherche d'autres infections

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vxulqts"="c:\\windows\\system32\\vxulqts.exe vxulqts"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ahdxdicagz"="c:\\windows\\system32\\ahdxdicagz.exe ahdxdicagz"

[b]==> EGDACCESS <==/b



[F:38][D:6]-> C:\DOCUME~1\JAUZE\LOCALS~1\Temp
[F:125][D:0]-> C:\DOCUME~1\JAUZE\Cookies
[F:372][D:10]-> C:\DOCUME~1\JAUZE\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/12/2009|23:21 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/12/2009|23:37 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 19/12/2009| 9:20 - Option : [2]
4 - "C:\Lop SD\LopR_4.txt" - 19/12/2009|10:00 - Option : [2]

--------------------\\ Fin du rapport a 10:00:24

Voici le rapport

Fix Navipromo version 4.0.5 commencé le 19/12/2009 10:22:01,92

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A01
USER : JAUZE ( Administrator )
BOOT : Normal boot

Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:145 Go (Free:59 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:298 Go (Free:249 Go)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur




Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\JAUZE\locals~1\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

Certificat Egroup supprimé !



*** Scan terminé 19/12/2009 10:36:23,56 ***

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 12/19/2009 at 12:15 PM

Application Version : 4.32.1000

Core Rules Database Version : 4393
Trace Rules Database Version: 2230

Scan type : Complete Scan
Total Scan Time : 01:01:42

Memory items scanned : 722
Memory threats detected : 0
Registry items scanned : 7206
Registry threats detected : 0
File items scanned : 37245
File threats detected : 54

Adware.Tracking Cookie
C:\Documents and Settings\JAUZE\Cookies\jauze@adrevolver[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@fr.sitestat[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@fr.sitestat[4].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@bluestreak[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@apmebf[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@bouyguestelecom.solution.weborama[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@msnportal.112.2o7[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@fr.sitestat[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@fr.sitestat[3].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@cetelem.solution.weborama[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@adserver.aol[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@track.effiliation[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@ads.clicmanager[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@smartadserver[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@tradedoubler[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@casio.solution.weborama[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@advertstream[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@adtech[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@247realmedia[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@aimfar.solution.weborama[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@fr.partypoker[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@himedia.individuad[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@tracking.publicidees[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@content.yieldmanager[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@specificclick[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@estat[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@www.smartadserver[2].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@track.effiliation[3].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@ww57.smartadserver[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@fr.sitestat[5].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@www3.smartadserver[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@xiti[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@media.adrevolver[1].txt
C:\Documents and Settings\JAUZE\Cookies\jauze@server.iad.liveperson[2].txt

voici le rapport le pc me semble aller, pour le moment je n'ai plus de fenêtre, tu penses quoi du rapport ?? encore mille mercis


############################## | FindyKill V5.021 |

# User : JAUZE (Administrateurs) # D1T1S81J
# Update on 10/12/2009 by Chiquitine29
# Start at: 13:05:52 | 19/12/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Pentium(R) 4 CPU 3.00GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Disabled
# AV : McAfee VirusScan [ Enabled | Updated ]
# FW : McAfee Personal Firewall[ Enabled ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 145,48 Go (59,1 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque fixe local # 298,09 Go (249,62 Go free) # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\PrintDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |


################## | C:\WINDOWS |


################## | C:\WINDOWS\system32 |


################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\JAUZE\Application Data |

################## | Temporary Internet Files |


################## | Registre / Clés infectieuses |

Présent ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
Présent ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
Présent ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
Présent ! [HKLM\software\microsoft\security center] "FirewallOverride"
Présent ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"

################## | Etat / Services / Informations |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # FindyKill V5.021 ! |

Voici le rapport
############################## | FindyKill V5.021 |

# User : J..............(Administrateurs) # D1T1S81J
# Update on 10/12/2009 by Chiquitine29
# Start at: 13:52:39 | 19/12/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Pentium(R) 4 CPU 3.00GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Disabled
# AV : McAfee VirusScan [ Enabled | Updated ]
# FW : McAfee Personal Firewall[ Enabled ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 145,48 Go (59,1 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque fixe local # 298,09 Go (249,62 Go free) # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe

################## | C: |


################## | C:\WINDOWS |

Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-0F8DCEDB.pf

################## | C:\WINDOWS\system32 |


################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\JAUZE\Application Data |


################## | Autres suppressions ... |

################## | Temporary Internet Files |


################## | Registre / Clés infectieuses |

Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
Supprimé ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
Supprimé ! [HKLM\software\microsoft\security center] "FirewallOverride"
Supprimé ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"

################## | Etat / Services / Informations |

# Mode sans echec : OK


# Affichage des fichiers cachés : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | PEH ... |


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # FindyKill V5.021 ! |

Voici le rapport

Logfile of random's system information tool 1.06 (written by random/random)
Run by J.......... at 2009-12-19 17:13:52
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 61 GB (41%) free of 149 GB
Total RAM: 1022 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:14:15, on 19/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\PrintDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\JAUZE\Bureau\RSIT.exe
C:\Program Files\trend micro\JAUZE.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [OmniPage] C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [zzz_ImInstaller_IncrediMail] C:\Documents and Settings\JAUZE\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPWU_MPM_Agent] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\mpm.exe
O4 - HKLM\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:FRN
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HotSync Manager.LNK = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: &Enregistrer - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Remp&lir - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remp&lir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: &Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RF - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: &Barre d outils - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
O15 - Trusted Zone: https://www.consoclicker.com/
O16 - DPF: {3A226D85-574D-4272-B73C-DBCAECF709B3} (TNSClickerb.Clicker) - http://www.consoclicker.com/TNSClickrb.CAB
O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} (Cisco AnyConnect VPN Client Web Control) - https://86.65.210.108/CACHE/stc/1/binaries/vpnweb.cab
O16 - DPF: {70A5EBDC-3EA6-464A-9FF7-084BC150C417} (TNSClickera.Clicker) - http://www.consoclicker.com/TNSClickra.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1BC539C-BC7F-419F-AE53-9D9DE119A6F5}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: McAfee Application Installer Cleanup (0069101261120564) (0069101261120564mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\006910~1.EXE (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

Merci Flo par contre je n'arrive pas a faire fonctionner toolscleaner 2 je lance Donc la suite mais ne peux te mettre de rapport