Pub cd sans arret avec virus adware avec vist

comment fais t on pour creer un dossier avec explorer.merci car je suis pas tres douée!

Logfile of HijackThis v1.99.1
Scan saved at 12:06:12, on 06/06/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\oopmagent.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\florian\AppData\Local\mqwgkyk.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ooquickpdfv7] "C:\Windows\system32\oopmagent.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [MessengerPlusLiveUninstall] "C:\Users\florian\AppData\Local\Temp\MsgPlusUninstall.exe" /Cleanup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Bagssettings] "C:\ProgramData\FORD DEFY DEFY.canq5"
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Loud flaw bend.w9ell"
O4 - HKCU\..\Run: [mqwgkyk] c:\users\florian\appdata\local\mqwgkyk.exe mqwgkyk
O4 - Startup: OFFICE One Startup v7.lnk = C:\Program Files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

est ce normal que quand je valide sur recherche qu il n y est plus rien sur le bureau et qu il n y a pas la barre de tache

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "florian"

Mise à jour le 05.06.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "c:\users\florian\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\florian\AppData\Roaming" ***


*** Recherche dossiers dans "C:\Users\ADMINI~1\appdata\roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Fichier(s) caché(s) :

C:\Users\florian\AppData\Local\mqwgkyk.dat
C:\Users\florian\AppData\Local\mqwgkyk.exe
C:\Users\florian\AppData\Local\mqwgkyk_nav.dat
C:\Users\florian\AppData\Local\mqwgkyk_navps.dat


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\florian\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\florian\AppData\Local" *

Fichiers trouvés :

mqwgkyk.exe trouvé !



*** Recherche fichiers ***


C:\Windows\system32\nvs2.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\florian\AppData\Local\Microsoft" :


* Dans "C:\Users\florian\AppData\Local" :

mqwgkyk.dat trouvé !

3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 06/06/2008 à 15:14:49,94 ***

-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : florian ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 06/06/2008 | 14:52:58,45 ] [ PC : PC-DE-FLORIAN ]
[ MAJ : 01-06-2008 | 15:51 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[14/12/2007|22:58] C:\Users\florian\AppData\Roaming\Adobe\Linguistics
[29/11/2007|20:37] C:\Users\florian\AppData\Roaming\Adobe\Acrobat

[03/06/2008|21:42] C:\Users\florian\AppData\Roaming\Apple Computer\iTunes



[29/11/2007|20:37] C:\Users\florian\AppData\Roaming\Identities\{A919F4B3-3D3B-499F-A2AB-67578D437E77}

[15/02/2008|00:09] C:\Users\florian\AppData\Roaming\LimeWire\.NetworkShare
[30/11/2007|22:53] C:\Users\florian\AppData\Roaming\LimeWire\.AppSpecialShare
[30/11/2007|22:53] C:\Users\florian\AppData\Roaming\LimeWire\xml
[30/11/2007|22:53] C:\Users\florian\AppData\Roaming\LimeWire\themes

[30/11/2007|17:28] C:\Users\florian\AppData\Roaming\Macromedia\Flash Player
[29/11/2007|20:59] C:\Users\florian\AppData\Roaming\Macromedia\Shockwave Player

[06/06/2008|10:03] C:\Users\florian\AppData\Roaming\Microsoft\MSN Messenger
[02/03/2008|12:46] C:\Users\florian\AppData\Roaming\Microsoft\Windows Photo Gallery
[24/12/2007|00:37] C:\Users\florian\AppData\Roaming\Microsoft\Crypto
[30/11/2007|21:54] C:\Users\florian\AppData\Roaming\Microsoft\Internet Explorer
[30/11/2007|16:46] C:\Users\florian\AppData\Roaming\Microsoft\IdentityCRL
[29/11/2007|23:01] C:\Users\florian\AppData\Roaming\Microsoft\Windows
[29/11/2007|21:22] C:\Users\florian\AppData\Roaming\Microsoft\HTML Help
[29/11/2007|20:59] C:\Users\florian\AppData\Roaming\Microsoft\Installer
[29/11/2007|20:38] C:\Users\florian\AppData\Roaming\Microsoft\SystemCertificates
[29/11/2007|20:37] C:\Users\florian\AppData\Roaming\Microsoft\Protect
[29/11/2007|20:37] C:\Users\florian\AppData\Roaming\Microsoft\Credentials

[29/11/2007|21:02] C:\Users\florian\AppData\Roaming\OFFICE One v7\OFFICE One Startup v7
[29/11/2007|20:53] C:\Users\florian\AppData\Roaming\OFFICE One v7\OFFICE One Safety-Box v7

[08/12/2007|08:32] C:\Users\florian\AppData\Roaming\OFFICEOne7\user

[26/01/2008|22:36] C:\Users\florian\AppData\Roaming\Roxio\MediaManager9
[05/01/2008|19:28] C:\Users\florian\AppData\Roaming\Roxio\RoxioCentral
[05/01/2008|19:28] C:\Users\florian\AppData\Roaming\Roxio\RoxioCentral33


----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[06/06/2008 14:51][--ah-----] C:\Windows\tasks\SA.DAT
[06/06/2008 14:50][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[06/06/2008|10:31] C:\ProgramData\Adobe
[09/12/2007|15:23] C:\ProgramData\Apple
[09/12/2007|15:28] C:\ProgramData\Apple Computer
[29/11/2007|20:32] C:\ProgramData\Application Data
[29/11/2007|20:45] C:\ProgramData\BullGuard
[29/11/2007|20:32] C:\ProgramData\Bureau
[28/05/2008|00:24] C:\ProgramData\cashbrowsewipe
[29/11/2007|20:52] C:\ProgramData\Ciel
[29/11/2007|20:32] C:\ProgramData\Documents
[10/04/2008|21:08] C:\ProgramData\DragToDiscUserNameE.txt
[29/11/2007|20:32] C:\ProgramData\Favoris
[08/12/2007|09:32] C:\ProgramData\FaxCtr
[17/02/2008|20:03] C:\ProgramData\FORD DEFY DEFY.3ao4pgi
[28/05/2008|00:23] C:\ProgramData\FORD DEFY DEFY.canq5
[22/01/2008|19:25] C:\ProgramData\FORD DEFY DEFY.gbudjt6
[30/04/2008|01:46] C:\ProgramData\FORD DEFY DEFY.k1cunf
[15/04/2008|20:45] C:\ProgramData\FORD DEFY DEFY.wpyez
[28/05/2008|00:23] C:\ProgramData\FORD DEFY DEFY.xjxnii
[14/09/2007|22:07] C:\ProgramData\InstallShield
[28/05/2008|00:24] C:\ProgramData\Loud flaw bend.w9ell
[29/11/2007|20:32] C:\ProgramData\Menu D‚marrer
[29/11/2007|21:22] C:\ProgramData\Microsoft
[29/11/2007|20:32] C:\ProgramData\ModŠles
[29/11/2007|20:59] C:\ProgramData\OFFICE One v7
[29/11/2007|19:16] C:\ProgramData\Roxio
[29/11/2007|19:18] C:\ProgramData\Sonic
[28/05/2008|00:24] C:\ProgramData\That Face Camp Shim
[22/01/2008|19:13] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[08/12/2007|09:30] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/06/2008|10:31] C:\Program Files\Adobe
[29/11/2007|21:05] C:\Program Files\Alwil Software
[24/03/2008|00:00] C:\Program Files\Antipub
[09/12/2007|15:25] C:\Program Files\Apple Software Update
[28/05/2008|00:23] C:\Program Files\cashbrowsewipe
[29/11/2007|20:52] C:\Program Files\Ciel
[06/06/2008|10:31] C:\Program Files\Common Files
[29/11/2007|23:07] C:\Program Files\desktop.ini
[29/11/2007|20:32] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/06/2008|22:35] C:\Program Files\Hasbro Interactive
[06/06/2008|12:06] C:\Program Files\Hijackthis Version Fran‡aise
[23/01/2008|22:22] C:\Program Files\InstallShield Installation Information
[14/09/2007|22:07] C:\Program Files\Intel
[14/09/2007|22:07] C:\Program Files\InterActual
[09/04/2008|03:10] C:\Program Files\Internet Explorer
[09/12/2007|15:29] C:\Program Files\iPod
[09/12/2007|15:29] C:\Program Files\iTunes
[29/11/2007|20:51] C:\Program Files\Java
[24/03/2008|00:02] C:\Program Files\JCA2000
[08/12/2007|09:33] C:\Program Files\Lexmark 3400 Series
[08/12/2007|09:33] C:\Program Files\Lexmark Fax Solutions
[08/12/2007|09:40] C:\Program Files\Lexmark Toolbar
[30/11/2007|22:32] C:\Program Files\LimeWire
[31/05/2008|22:08] C:\Program Files\lx_cats
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[02/11/2006|14:40] C:\Program Files\Movie Maker
[02/11/2006|14:35] C:\Program Files\MSBuild
[02/11/2006|14:35] C:\Program Files\MSN
[29/11/2007|22:57] C:\Program Files\MSXML 4.0
[29/11/2007|21:26] C:\Program Files\NETGEAR
[29/11/2007|20:50] C:\Program Files\OFFICE One 7.0
[29/11/2007|20:55] C:\Program Files\OFFICE One Games
[29/11/2007|20:59] C:\Program Files\OFFICE One v7
[09/12/2007|15:28] C:\Program Files\QuickTime
[14/09/2007|22:07] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[14/09/2007|22:07] C:\Program Files\Roxio
[15/06/2007|18:32] C:\Program Files\SoftThinks
[06/06/2008|11:36] C:\Program Files\Trend Micro
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[29/11/2007|23:04] C:\Program Files\Windows Calendar
[02/11/2006|14:40] C:\Program Files\Windows Collaboration
[14/09/2007|22:07] C:\Program Files\Windows Defender
[22/01/2008|19:04] C:\Program Files\Windows Live
[14/05/2008|03:00] C:\Program Files\Windows Mail
[29/11/2007|23:04] C:\Program Files\Windows Media Player
[29/11/2007|20:32] C:\Program Files\Windows NT
[02/11/2006|14:40] C:\Program Files\Windows Photo Gallery
[10/01/2008|00:37] C:\Program Files\Windows Sidebar
[14/09/2007|22:07] C:\Program Files\Winqual Tools

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[06/06/2008|10:31] C:\Program Files\Common Files\Adobe
[09/12/2007|15:23] C:\Program Files\Common Files\Apple
[29/11/2007|20:52] C:\Program Files\Common Files\Ciel
[14/09/2007|22:07] C:\Program Files\Common Files\InstallShield
[29/11/2007|20:51] C:\Program Files\Common Files\Java
[22/01/2008|19:04] C:\Program Files\Common Files\microsoft shared
[29/11/2007|20:52] C:\Program Files\Common Files\MSSoap
[14/09/2007|22:07] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[14/09/2007|22:07] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[06/06/2008|10:27] C:\Program Files\Common Files\Steam
[14/09/2007|22:07] C:\Program Files\Common Files\SureThing Shared
[14/09/2007|22:07] C:\Program Files\Common Files\System
[30/11/2007|16:45] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 70

iexplore.exe ~ [2788]
iexplore.exe ~ [2980]
iexplore.exe ~ [3820]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\FORD DEFY DEFY.3ao4pgi
C:\ProgramData\FORD DEFY DEFY.canq5
C:\ProgramData\FORD DEFY DEFY.gbudjt6
C:\ProgramData\FORD DEFY DEFY.k1cunf
C:\ProgramData\FORD DEFY DEFY.wpyez
C:\ProgramData\FORD DEFY DEFY.xjxnii
C:\ProgramData\Loud flaw bend.w9ell
C:\ProgramData\FORD DEFY DEFY.3ao4pgi
C:\ProgramData\FORD DEFY DEFY.gbudjt6
C:\ProgramData\FORD DEFY DEFY.xjxnii
C:\Users\florian\AppData\Local\Temp\bis25A6.exe
C:\Users\florian\AppData\Local\Temp\bisA710.exe
C:\Users\florian\AppData\Local\Temp\bisD53E.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\That Face Camp Shim
C:\ProgramData\That Face Camp Shim\More Spam.exe
C:\Windows\Prefetch\MORE SPAM.EXE-D05CF717.pf
C:\Users\florian\AppData\Roaming\MICROS~1\Windows\Cookies\florian@www.adserver5[1].txt
C:\Users\florian\AppData\Roaming\MICROS~1\Windows\Cookies\florian@banner.cotedazurpalace[2].txt
C:\Users\florian\AppData\Roaming\MICROS~1\Windows\Cookies\florian@cotedazurpalace[1].txt

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-06 14:54:13
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\Users\florian\AppData\Local\Temp\pack.epk
C:\Windows\system32\nvs2.inf
[b]! EGDACCESS !/b

=> C:\Users\florian\Music\Mafia k1 fry\Mafia k'1 Fry - Ma cit‚ va cracker.mp3


[F:1199][D:49]-> C:\Users\florian\AppData\Local\Temp
[F:126][D:1]-> C:\Users\florian\AppData\Roaming\MICROS~1\Windows\Cookies
[F:360][D:4]-> C:\Users\florian\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:2]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 14:55:41,23 ]----------------------

-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : florian ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 06/06/2008 | 15:27:29,61 ] [ PC : PC-DE-FLORIAN ]
[ MAJ : 01-06-2008 | 15:51 ]
[ UAC => 0 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\ProgramData\That Face Camp Shim\More Spam.exe
Supprimé! - C:\Windows\Prefetch\MORE SPAM.EXE-D05CF717.pf
Supprimé! - C:\Users\florian\AppData\Roaming\MICROS~1\Windows\Cookies\florian@www.adserver5[1].txt
Supprimé! - C:\Users\florian\AppData\Roaming\MICROS~1\Windows\Cookies\florian@banner.cotedazurpalace[2].txt
Supprimé! - C:\Users\florian\AppData\Roaming\MICROS~1\Windows\Cookies\florian@cotedazurpalace[1].txt
Supprimé! - C:\ProgramData\FORD DEFY DEFY.3ao4pgi
Supprimé! - C:\ProgramData\FORD DEFY DEFY.canq5
Supprimé! - C:\ProgramData\FORD DEFY DEFY.gbudjt6
Supprimé! - C:\ProgramData\FORD DEFY DEFY.k1cunf
Supprimé! - C:\ProgramData\FORD DEFY DEFY.wpyez
Supprimé! - C:\ProgramData\FORD DEFY DEFY.xjxnii
Supprimé! - C:\ProgramData\Loud flaw bend.w9ell
Supprimé! - C:\Users\florian\AppData\Local\Temp\bis25A6.exe
Supprimé! - C:\Users\florian\AppData\Local\Temp\bisA710.exe
Supprimé! - C:\Users\florian\AppData\Local\Temp\bisD53E.exe
Supprimé! - C:\ProgramData\That Face Camp Shim
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[14/12/2007|22:58] C:\Users\florian\AppData\Roaming\Adobe\Linguistics
[29/11/2007|20:37] C:\Users\florian\AppData\Roaming\Adobe\Acrobat

[03/06/2008|21:42] C:\Users\florian\AppData\Roaming\Apple Computer\iTunes



[29/11/2007|20:37] C:\Users\florian\AppData\Roaming\Identities\{A919F4B3-3D3B-499F-A2AB-67578D437E77}

[15/02/2008|00:09] C:\Users\florian\AppData\Roaming\LimeWire\.NetworkShare
[30/11/2007|22:53] C:\Users\florian\AppData\Roaming\LimeWire\.AppSpecialShare
[30/11/2007|22:53] C:\Users\florian\AppData\Roaming\LimeWire\xml
[30/11/2007|22:53] C:\Users\florian\AppData\Roaming\LimeWire\themes

[30/11/2007|17:28] C:\Users\florian\AppData\Roaming\Macromedia\Flash Player
[29/11/2007|20:59] C:\Users\florian\AppData\Roaming\Macromedia\Shockwave Player

[06/06/2008|10:03] C:\Users\florian\AppData\Roaming\Microsoft\MSN Messenger
[02/03/2008|12:46] C:\Users\florian\AppData\Roaming\Microsoft\Windows Photo Gallery
[24/12/2007|00:37] C:\Users\florian\AppData\Roaming\Microsoft\Crypto
[30/11/2007|21:54] C:\Users\florian\AppData\Roaming\Microsoft\Internet Explorer
[30/11/2007|16:46] C:\Users\florian\AppData\Roaming\Microsoft\IdentityCRL
[29/11/2007|23:01] C:\Users\florian\AppData\Roaming\Microsoft\Windows
[29/11/2007|21:22] C:\Users\florian\AppData\Roaming\Microsoft\HTML Help
[29/11/2007|20:59] C:\Users\florian\AppData\Roaming\Microsoft\Installer
[29/11/2007|20:38] C:\Users\florian\AppData\Roaming\Microsoft\SystemCertificates
[29/11/2007|20:37] C:\Users\florian\AppData\Roaming\Microsoft\Protect
[29/11/2007|20:37] C:\Users\florian\AppData\Roaming\Microsoft\Credentials

[29/11/2007|21:02] C:\Users\florian\AppData\Roaming\OFFICE One v7\OFFICE One Startup v7
[29/11/2007|20:53] C:\Users\florian\AppData\Roaming\OFFICE One v7\OFFICE One Safety-Box v7

[08/12/2007|08:32] C:\Users\florian\AppData\Roaming\OFFICEOne7\user

[06/06/2008|14:53] C:\Users\florian\AppData\Roaming\Roxio\MediaManager9
[05/01/2008|19:28] C:\Users\florian\AppData\Roaming\Roxio\RoxioCentral
[05/01/2008|19:28] C:\Users\florian\AppData\Roaming\Roxio\RoxioCentral33


----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[06/06/2008 15:25][--ah-----] C:\Windows\tasks\SA.DAT
[06/06/2008 15:23][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[06/06/2008|10:31] C:\ProgramData\Adobe
[09/12/2007|15:23] C:\ProgramData\Apple
[09/12/2007|15:28] C:\ProgramData\Apple Computer
[29/11/2007|20:32] C:\ProgramData\Application Data
[29/11/2007|20:45] C:\ProgramData\BullGuard
[29/11/2007|20:32] C:\ProgramData\Bureau
[28/05/2008|00:24] C:\ProgramData\cashbrowsewipe
[29/11/2007|20:52] C:\ProgramData\Ciel
[29/11/2007|20:32] C:\ProgramData\Documents
[10/04/2008|21:08] C:\ProgramData\DragToDiscUserNameE.txt
[29/11/2007|20:32] C:\ProgramData\Favoris
[08/12/2007|09:32] C:\ProgramData\FaxCtr
[14/09/2007|22:07] C:\ProgramData\InstallShield
[29/11/2007|20:32] C:\ProgramData\Menu D‚marrer
[29/11/2007|21:22] C:\ProgramData\Microsoft
[29/11/2007|20:32] C:\ProgramData\ModŠles
[29/11/2007|20:59] C:\ProgramData\OFFICE One v7
[29/11/2007|19:16] C:\ProgramData\Roxio
[29/11/2007|19:18] C:\ProgramData\Sonic
[22/01/2008|19:13] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[08/12/2007|09:30] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/06/2008|10:31] C:\Program Files\Adobe
[29/11/2007|21:05] C:\Program Files\Alwil Software
[24/03/2008|00:00] C:\Program Files\Antipub
[09/12/2007|15:25] C:\Program Files\Apple Software Update
[28/05/2008|00:23] C:\Program Files\cashbrowsewipe
[29/11/2007|20:52] C:\Program Files\Ciel
[06/06/2008|10:31] C:\Program Files\Common Files
[29/11/2007|23:07] C:\Program Files\desktop.ini
[29/11/2007|20:32] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/06/2008|22:35] C:\Program Files\Hasbro Interactive
[06/06/2008|12:06] C:\Program Files\Hijackthis Version Fran‡aise
[23/01/2008|22:22] C:\Program Files\InstallShield Installation Information
[14/09/2007|22:07] C:\Program Files\Intel
[14/09/2007|22:07] C:\Program Files\InterActual
[09/04/2008|03:10] C:\Program Files\Internet Explorer
[09/12/2007|15:29] C:\Program Files\iPod
[09/12/2007|15:29] C:\Program Files\iTunes
[29/11/2007|20:51] C:\Program Files\Java
[24/03/2008|00:02] C:\Program Files\JCA2000
[08/12/2007|09:33] C:\Program Files\Lexmark 3400 Series
[08/12/2007|09:33] C:\Program Files\Lexmark Fax Solutions
[08/12/2007|09:40] C:\Program Files\Lexmark Toolbar
[30/11/2007|22:32] C:\Program Files\LimeWire
[31/05/2008|22:08] C:\Program Files\lx_cats
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[02/11/2006|14:40] C:\Program Files\Movie Maker
[02/11/2006|14:35] C:\Program Files\MSBuild
[02/11/2006|14:35] C:\Program Files\MSN
[29/11/2007|22:57] C:\Program Files\MSXML 4.0
[06/06/2008|15:14] C:\Program Files\Navilog1
[29/11/2007|21:26] C:\Program Files\NETGEAR
[29/11/2007|20:50] C:\Program Files\OFFICE One 7.0
[29/11/2007|20:55] C:\Program Files\OFFICE One Games
[29/11/2007|20:59] C:\Program Files\OFFICE One v7
[09/12/2007|15:28] C:\Program Files\QuickTime
[14/09/2007|22:07] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[14/09/2007|22:07] C:\Program Files\Roxio
[15/06/2007|18:32] C:\Program Files\SoftThinks
[06/06/2008|11:36] C:\Program Files\Trend Micro
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[29/11/2007|23:04] C:\Program Files\Windows Calendar
[02/11/2006|14:40] C:\Program Files\Windows Collaboration
[14/09/2007|22:07] C:\Program Files\Windows Defender
[22/01/2008|19:04] C:\Program Files\Windows Live
[14/05/2008|03:00] C:\Program Files\Windows Mail
[29/11/2007|23:04] C:\Program Files\Windows Media Player
[29/11/2007|20:32] C:\Program Files\Windows NT
[02/11/2006|14:40] C:\Program Files\Windows Photo Gallery
[10/01/2008|00:37] C:\Program Files\Windows Sidebar
[14/09/2007|22:07] C:\Program Files\Winqual Tools

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[06/06/2008|10:31] C:\Program Files\Common Files\Adobe
[09/12/2007|15:23] C:\Program Files\Common Files\Apple
[29/11/2007|20:52] C:\Program Files\Common Files\Ciel
[14/09/2007|22:07] C:\Program Files\Common Files\InstallShield
[29/11/2007|20:51] C:\Program Files\Common Files\Java
[22/01/2008|19:04] C:\Program Files\Common Files\microsoft shared
[29/11/2007|20:52] C:\Program Files\Common Files\MSSoap
[14/09/2007|22:07] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[14/09/2007|22:07] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[06/06/2008|10:27] C:\Program Files\Common Files\Steam
[14/09/2007|22:07] C:\Program Files\Common Files\SureThing Shared
[14/09/2007|22:07] C:\Program Files\Common Files\System
[30/11/2007|16:45] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 66

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-06 15:28:18
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\Users\florian\AppData\Local\Temp\pack.epk
C:\Windows\system32\nvs2.inf
[b]! EGDACCESS !/b

=> C:\Users\florian\Music\Mafia k1 fry\Mafia k'1 Fry - Ma cit‚ va cracker.mp3


[F:1196][D:49]-> C:\Users\florian\AppData\Local\Temp
[F:129][D:1]-> C:\Users\florian\AppData\Roaming\MICROS~1\Windows\Cookies
[F:754][D:4]-> C:\Users\florian\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:2]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 15:29:18,92 ]---------

Clean Navipromo version 3.5.8 commencé le 06/06/2008 à 17:56:09,96

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "florian"

Mise à jour le 05.06.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur

*** Creation backups fichiers trouvés par Catchme ***

Copie vers "C:\Program Files\navilog1\Backupnavi"

Copie C:\Users\florian\AppData\Local\mqwgkyk.dat réalisée avec succès !
Copie C:\Users\florian\AppData\Local\mqwgkyk.exe réalisée avec succès !
Copie C:\Users\florian\AppData\Local\mqwgkyk_nav.dat réalisée avec succès !
Copie C:\Users\florian\AppData\Local\mqwgkyk_navps.dat réalisée avec succès !

*** Suppression des fichiers trouvés avec Catchme ***

C:\Users\florian\AppData\Local\mqwgkyk.dat supprimé !
C:\Users\florian\AppData\Local\mqwgkyk.exe supprimé !
C:\Users\florian\AppData\Local\mqwgkyk_nav.dat supprimé !
C:\Users\florian\AppData\Local\mqwgkyk_navps.dat supprimé !

** 2ème passage avec résultats Catchme **

* Dans "C:\Windows\system32" *


C:\Windows\prefetch\mqwgkyk*.pf trouvé !
Copie C:\Windows\prefetch\mqwgkyk*.pf réalisée avec succès !
C:\Windows\prefetch\mqwgkyk*.pf supprimé !

* Dans "C:\Users\florian\AppData\Local\Microsoft" *


* Dans "C:\Users\florian\AppData\Local" *


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\Windows\System32" *


* Suppression dans "C:\Users\florian\AppData\Local\Microsoft" *


* Suppression dans "C:\Users\florian\AppData\Local" *



*** Suppression dossiers dans "C:\Windows" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\ProgramData" ***


*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Suppression dossiers dans c:\users\florian\appdata\roaming\micros~1\windows\startm~1\programs ***


*** Suppression dossiers dans "C:\Users\florian\AppData\Roaming" ***


*** Suppression dossiers dans "C:\Users\ADMINI~1\appdata\roaming" ***



*** Suppression fichiers ***

C:\Windows\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\florian\AppData\Local\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\Windows\system32" *


* Dans "C:\Users\florian\AppData\Local\Microsoft" *


* Dans "C:\Users\florian\AppData\Local" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 06/06/2008 à 18:02:34,86 ***

bonsoir est ce que je dois faire un rapport hijackis car plus de pages de pub .encore merci pour vos conseils

Scan saved at 20:23:41, on 06/06/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\oopmagent.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ooquickpdfv7] "C:\Windows\system32\oopmagent.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Bagssettings] "C:\ProgramData\FORD DEFY DEFY.canq5"
O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Loud flaw bend.w9ell"
O4 - Startup: OFFICE One Startup v7.lnk = C:\Program Files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Wind
j ai refait un rapport voila ce que ca donne

File/Folder C:\ProgramData\FORD DEFY DEFY.canq5 not found.
File/Folder C:\ProgramData\Loud flaw bend.w9ell not found.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06062008_205647
voici ce que j ai eu

Je n arrive pas a télécharger toolscleaner on me dit que ca répond pas le programme mais vous m avez beaucoup aider je vous remercie énormément pour votre patience. je pense que la c est bon bonne soirée.