Trojan qui est reconnu à chaque connexion

J'ai télécharger le logiciel, mais le problème c'est qu'il ne veut pas s'ouvrir comme la pluspart de mes logiciels, il me met des messages erreurs vbscript etc..

Arguments
Canned
ChangeLog
GenProc.bat
outil
Page
Arguments\design.css
Canned\A-Squared.txt
Canned\Bagle2_Dl.txt
Canned\bfu_Dl.txt
Canned\CCleaner_48H.txt
Canned\CCleaner_Dl.txt
Canned\CCleaner_Exec.txt
Canned\FixWebHancer_Dl.txt
Canned\FixWebHancer_Exec.txt
Canned\Flash_Disinfector_Dl.txt
Canned\Flash_Disinfector_Exec.txt
Canned\FxNdotN_Dl.txt
Canned\FxNdotN_Exec.txt
Canned\Haxfix_Dl.txt
Canned\Look2me_Dl.txt
Canned\Look2me_Exec.txt
Canned\Lop_Dl.txt
Canned\Lop_Exec.txt
Canned\MSNfix_Dl.txt
Canned\MSNfix_Exec.txt
Canned\Navilog1_Dl.txt
Canned\Navilog1_Exec.txt
Canned\Purity_Dl.txt
Canned\Purity_Exec.txt
Canned\RemGAIN_Dl.txt
Canned\RemGAIN_Exec.txt
Canned\Rustock_Dl.txt
Canned\ScanAntivirusNod32.txt
Canned\ScanAntivirusPanda.txt
Canned\SDfix_Dl.txt
Canned\SDfix_Exec.txt
Canned\SmitfraudFix_Dl.txt
Canned\SmitfraudFix_Exec.txt
Canned\SpywareTerminator.txt
Canned\TeaTimer.txt
Canned\ToolbarSD_Dl.txt
Canned\ToolbarSD_Exec.txt
Canned\ToolCleaner.txt
Canned\Vundo_Dl.txt
Canned\Vundo_Exec.txt
Canned\Vundo_Recovery_Dl.txt
Canned\Winsoftware_bfu_Dl.txt
Canned\Winsoftware_bfu_Exec.txt
Canned\WORT_Dl.txt
Canned\WORT_Exec.txt
Canned\Yoog_Dl.txt
Canned\Yoog_Exec.txt
ChangeLog\BagleLog.txt
ChangeLog\FixWebHancerLog.txt
ChangeLog\FlashLog.txt
ChangeLog\FxNdotNLog.txt
ChangeLog\HaxfixLog.txt
ChangeLog\Look2MeLog.txt
ChangeLog\LopLog.txt
ChangeLog\MSNFixLog.txt
ChangeLog\NaviLog.txt
ChangeLog\PurityLog.txt
ChangeLog\RemGainLog.txt
ChangeLog\RustockLog.txt
ChangeLog\SDfixLog.txt
ChangeLog\SmitLog.txt
ChangeLog\ToolbarSDLog.txt
ChangeLog\VundoLog.txt
Regardes j'ai trouvé un truc, avec le logiciel que tu m'as conseillé/

ChangeLog\WareOutLog.txt
ChangeLog\WinSoftware.txt
ChangeLog\YoogLog.txt
ChangeLog\YoogLogFF.txt
outil\BlocageDate.vbs
outil\commandes.sed
outil\CompareDate.bat
outil\curl.exe
outil\Curl_HJT.bat
outil\Debug.bat
outil\EnableWSH.bat
outil\EpurOS.bat
outil\Exclusions.txt
outil\getmsiinfo.vbs
outil\grep.exe
outil\icon_genproc.ico
outil\Infection.bat
outil\info.vbs
outil\Lancements.bat
outil\libiconv2.dll
outil\libintl3.dll
outil\Norton.vbs
outil\OSVers.bat
outil\pcre3.dll
outil\regex2.dll
outil\sed.exe
outil\sndrec32.exe
outil\Son.vbs
outil\supprime.bat
outil\Supprime_Du_Debut.bat
outil\swreg.exe
outil\tasklist.exe
outil\Termine.wav
outil\UAC.vbs
outil\Uninstall.bat
outil\uniq.exe
outil\Var.bat
outil\Uac.bat
outil\Infection.bat
Page\GenProcPage
Page\GenProcPage\1.gif
Page\GenProcPage\2.gif
Page\GenProcPage\4.gif
Page\GenProcPage\aide.gif
Page\GenProcPage\design.css
Page\GenProcPage\important.gif

-----------\\ ToolBar S&D 1.2.8 XP/Vista


"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 03/04/2009|10:50 )

-----------\\ Recherche de Fichiers / Dossiers ...

[Service] ASKService
[Service] ASKUpgrade
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\006DA853.bin
C:\Program Files\AskBarDis\bar\Cache\006DB17B.bin
C:\Program Files\AskBarDis\bar\Cache\006DB42A.bin
C:\Program Files\AskBarDis\bar\Cache\006DB861.bin
C:\Program Files\AskBarDis\bar\Cache\006DBC87.bin
C:\Program Files\AskBarDis\bar\Cache\006DBF65.bin
C:\Program Files\AskBarDis\bar\Cache\006DC159.bin
C:\Program Files\AskBarDis\bar\Cache\007F03EE
C:\Program Files\AskBarDis\bar\Cache\007F05C2
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\dinstallhelper.006E364EBAE2402BA4DAFB7726903C0D.dll
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\dinstallhelper.323032D4B4514CF9B5EFD4B69A736B09.dll
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\dinstallhelper.9620D55C1C0D4737BDD0651C8059E8FD.dll
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_over.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_rec.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\chevron-small.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\DealioSearch.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\deal_report.jpg
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\ebay_login.jpg
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\err_mainwindow.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\err_toolbar.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\global_scripts.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\highlight-bg.png
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\logo.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\logo_over.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.css
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbarl.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\post-this-deal.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\scripts.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\scroller.js
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search-chevron.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\separator.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\settings.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\settings_over.gif
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\yahoo-search.png
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\index.76.35
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.10.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.109.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.110.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.12.52
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.13.58
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.130.58
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.135.50
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.153.44
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.155.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.156.49
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.16.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.161.52
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.178.66
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.184.55
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.188.52
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.189.45
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.196.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.198.56
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.199.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.200.53
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.201.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.202.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.203.71
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.205.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.213.71
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.214.49
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.215.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.216.67
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.217.67
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.218.52
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.219.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.220.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.221.57
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.222.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.223.68
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.226.68
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.227.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.228.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.229.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.23.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.239.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.24.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.240.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.241.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.242.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.243.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.244.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.245.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.247.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.248.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.249.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.250.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.251.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.252.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.253.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.254.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.255.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.256.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.257.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.279.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.28.58
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.282.75
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.283.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.284.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.289.67
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.290.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.291.61
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.296.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.297.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.304.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.307.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.308.75
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.31.47
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.310.46
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.311.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.315.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.316.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.317.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.318.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.319.49
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.32.48
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.334.44
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.335.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.336.44
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.337.44
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.338.75
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.339.47
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.34.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.340.47
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.341.47
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.349.50
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.35.48
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.350.50
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.351.51
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.352.54
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.353.51
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.354.51
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.357.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.358.52
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.359.52
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.360.53
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.361.54
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.362.68
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.363.58
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.364.54
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.365.53
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.367.56
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.368.58
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.369.55
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.370.56
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.371.56
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.372.57
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.373.55
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.375.56
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.376.57
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.377.55
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.378.65
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.384.58
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.386.71
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.387.59
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.388.59
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.389.59
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.390.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.391.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.392.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.393.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.394.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.396.61
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.397.61
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.398.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.399.60
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.403.61
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.404.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.405.61
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.406.61
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.407.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.408.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.409.61
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.412.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.413.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.414.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.415.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.416.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.417.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.418.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.419.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.420.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.421.62
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.423.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.424.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.425.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.426.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.427.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.428.65
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.429.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.430.63
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.432.65
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.433.64
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.434.65
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.435.64
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.436.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.437.64
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.438.71
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.439.71
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.440.75
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.442.73
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.443.73
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.444.73
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.445.68
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.446.69
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.450.67
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.451.67
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.452.68
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.453.68
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.454.69
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.456.69
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.457.75
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.458.70
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.459.70
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.460.69
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.462.74
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.463.69
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.464.70
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.465.68
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.468.70
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.469.70
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.470.70
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.471.73
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.472.70
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.478.74
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.479.73
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.480.68
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.481.71
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.482.74
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.49.67
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.50.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.500.71
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.501.74
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.502.71
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.51.69
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.52.72
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.520.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.521.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.522.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.53.51
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.531.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.532.75
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.534.75
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.54.47
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.55.45
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.56.69
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.57.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.58.47
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.593.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.595.76
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.63.57
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.66.47
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.70.75
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.71.43
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dealio-14066.log
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dealio-14067.log
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dealio-14068.log
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dealio-14069.log
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dod_cache.xml
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2776_2916_3.html
C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2776_3784_11.html
C:\Program Files\Dealio
C:\Program Files\Dealio\kb127
C:\Program Files\Gossiper
C:\Program Files\Gossiper\GossiperToolbarHelper.exe
C:\Program Files\Gossiper\INSTALL.LOG
C:\Program Files\Gossiper\tbGos1.dll
C:\Program Files\Gossiper\tbGoss.dll
C:\Program Files\Gossiper\toolbar.cfg
C:\Program Files\Gossiper\UNWISE.EXE
C:\Program Files\P2P_Torrent
C:\Program Files\P2P_Torrent\INSTALL.LOG
C:\Program Files\P2P_Torrent\P2P_TorrentToolbarHelper.exe
C:\Program Files\P2P_Torrent\tbP2P1.dll
C:\Program Files\P2P_Torrent\tbP2P_.dll
C:\Program Files\P2P_Torrent\toolbar.cfg
C:\Program Files\P2P_Torrent\UNWISE.EXE
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\res
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp\ws-14334.log
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp\ws-14335.log
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp\ws-14336.log
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp\ws-14337.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\res
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Search Settings\kb127\temp

-----------\\ Extensions

(Propri‚taire) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://french.icrfast.com/fr/index.php?rvs=hompag"
"Search Page"="http://french.icrfast.com/fr/index.php?rvs=hompag"
"Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://french.icrfast.com/fr/index.php?rvs=hompag"
"Start Page"="http://french.icrfast.com/fr/index.php?rvs=hompag"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"SearchAssistant"="http://www.crawler.com/search/ie.aspx?tb_id=60327"
"CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327"


--------------------\\ Recherche d'autres infections

C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer

C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\uwgsgom_navps.dat
[b]==> EGDACCESS <==/b

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[b]==> WAREOUT <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Winrar 3.71 French + Keygen.torrent
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\DECOMPRESSION DE FICHIERS\Win Rar 3.50 Ita Crack
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\DECOMPRESSION DE FICHIERS\Win Rar 3.50 Ita Crack\Win RAR 3.50 ITA + crack
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\DECOMPRESSION DE FICHIERS\Win Rar 3.50 Ita Crack\Win RAR 3.50 ITA + crack\crack.exe
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\DECOMPRESSION DE FICHIERS\Win Rar 3.50 Ita Crack\Win RAR 3.50 ITA + crack\INFO.txt
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\DECOMPRESSION DE FICHIERS\Win Rar 3.50 Ita Crack\Win RAR 3.50 ITA + crack\wrar350it.exe
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\MOTS DE PASSE\xlcrack-1.2
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\MOTS DE PASSE\xlcrack-1.2.tar.gz
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\MOTS DE PASSE\xlcrack-1.2\COPYING
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\MOTS DE PASSE\xlcrack-1.2\Makefile
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\MOTS DE PASSE\xlcrack-1.2\README
C:\DOCUME~1\PROPRI~1\Mes documents\Stephane LAMBERT\UTILITAIRES\MOTS DE PASSE\xlcrack-1.2\xlcrack.c
C:\DOCUME~1\PROPRI~1\Recent\xlcrack-1.2.lnk
C:\DOCUME~1\PROPRI~1\Recent\xlcrack.lnk



1 - "C:\ToolBar SD\TB_1.txt" - 03/04/2009|10:52 - Option : [1]

-----------\\ Fin du rapport a 10:52:07,68

merci pour ces précieux conseils, c'est super sympa,
Je te joint le rapport toolbar, mode 2, normalement il y plus de crack, keygen.
J'essaye le navilog
a tt suite

-----------\\ ToolBar S&D 1.2.8 XP/Vista


"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 03/04/2009|11:26 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Propri‚taire) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://french.icrfast.com/fr/index.php?rvs=hompag"
"Search Page"="http://french.icrfast.com/fr/index.php?rvs=hompag"
"Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://french.icrfast.com/fr/index.php?rvs=hompag"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"SearchAssistant"="http://www.crawler.com/search/ie.aspx?tb_id=60327"
"CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327"


--------------------\\ Recherche d'autres infections

C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer

C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1\uwgsgom_navps.dat
[b]==> EGDACCESS <==/b

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
NameServer REG_SZ 85.255.112.63,85.255.112.87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}]
DhcpNameServer REG_SZ 85.255.112.63,85.255.112.87
[b]==> WAREOUT <==/b




1 - "C:\ToolBar SD\TB_1.txt" - 03/04/2009|10:52 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 03/04/2009|10:56 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 03/04/2009|11:09 - Option : [2]
4 - "C:\ToolBar SD\TB_4.txt" - 03/04/2009|11:15 - Option : [2]
5 - "C:\ToolBar SD\TB_5.txt" - 03/04/2009|11:21 - Option : [2]
6 - "C:\ToolBar SD\TB_6.txt" - 03/04/2009|11:27 - Option : [2]

-----------\\ Fin du rapport a 11:27:25,28

Search Navipromo version 3.7.6 commencé le 03/04/2009 à 11:33:29,85

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO


Recherche executé en mode normal


*** Recherche dossiers dans "C:\windows" ***


*** Recherche dossiers dans "C:\Program Files" ***

...\Instant Access trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Scan Catchme non réalisé.
Droits limités sur la session actuelle.

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\windows\system32" *

* Recherche dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *



*** Recherche fichiers ***


C:\windows\Downloaded Program Files\IaLdr32.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\windows\system32" :

voila le rapport navilog
* Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" :

uwgsgom_navps.dat trouvé !

3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 03/04/2009 à 11:35:50,25 ***

qu'en penses tu? Ced

Pour le navilog, il ne nettoie pas, il me donne un message d'erreur, "redemarrer en mode sans echec et d'avance excuse moi pour avoir repasser les utilitaires, je ne suis pas un as de l'informatique.
Je te joins le rapport smitfraud encore merci de ta patience et de ton aide, tu dois être un crack de l'informatique, sans mauvais jeux de mots.

SmitFraudFix v2.405

Rapport fait à 11:53:31,78, 03/04/2009
Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\

C:\autorun.inf PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\windows


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»»


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS



»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

ca y 'est voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:04:03, on 03/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\windows\Explorer.EXE
C:\windows\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\mstd.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\windows\system32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
R3 - URLSearchHook: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll
R3 - URLSearchHook: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P_.dll
R3 - URLSearchHook: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3310.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3312.z1303.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1303.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3315.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3317.z1303.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1303.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1305.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1305.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1305.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1305.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1305.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1305.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1305.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1305.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1305.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1305.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1306.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1306.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1303.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1303.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1303.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1303.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1304.winmx.com
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Trellian BHO Impl - {24180B00-2EB6-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O2 - BHO: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P_.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll
O3 - Toolbar: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P_.dll
O3 - Toolbar: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{067C93CD-3E9B-456C-B41C-EF587630DAFF}: NameServer = 81.253.149.9 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CCS\Services\Tcpip\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CS1\Services\Tcpip\..\{067C93CD-3E9B-456C-B41C-EF587630DAFF}: NameServer = 81.253.149.9 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.63,85.255.112.87
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: mchgrcoi32 - C:\windows\SYSTEM32\mchgrcoi32.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

AVG8, tu as pu voir quelque chose?

AVG8, tu es encore là, j'attends avec impatience ta réponse, car tu es le seul qui est répondu, help me....

le programme installé ne ce lance pas, j'ai le problème avec bcp de programmes.

C'est ok ced, voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:14, on 03/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\windows\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\mstd.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\windows\system32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
R3 - URLSearchHook: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
R3 - URLSearchHook: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Trellian BHO Impl - {24180B00-2EB6-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
O3 - Toolbar: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{067C93CD-3E9B-456C-B41C-EF587630DAFF}: NameServer = 81.253.149.9 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CCS\Services\Tcpip\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CS1\Services\Tcpip\..\{067C93CD-3E9B-456C-B41C-EF587630DAFF}: NameServer = 81.253.149.9 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.63,85.255.112.87
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: mchgrcoi32 - C:\windows\SYSTEM32\mchgrcoi32.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

je me suis trompé,, le programme ne marche pas je l'ai confondu avec hijack (même icones pratiquement)

il n'y pas moyen de l'ouvrir, j'ai tout essayé, ?

Je ne sais plus quoi faire, es tu toujours là ced.

rien à faire ....

je crois que l'on peut essayer autre chose, car j'ai arrété ma connexion et remise en route, malgré tout tes efforts, je n'ai vu aucune améliorations.

numéro 1
info.txt logfile of random's system information tool 1.06 2009-04-03 12:42:31

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Agere Systems AC'97 Modem-->agrsmdel
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
BlueSoleil-->MsiExec.exe /X{996D8BB8-9B47-46C7-92DC-DCCE64467AB8}
Broadcom 802.11 Wireless LAN Adapter-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
Download-FR Toolbar-->C:\PROGRA~1\DOWNLO~1\UNWISE.EXE /U C:\PROGRA~1\DOWNLO~1\INSTALL.LOG
ESET NOD32 Antivirus-->MsiExec.exe /I{944F0F77-F26F-4D17-A440-6DA4CBE05B71}
Free Mp3 Wma Converter V 1.7.3-->"C:\Program Files\Free Audio Pack\unins000.exe"
Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
Instant Access-->C:\Program Files\Internet Explorer\IEXPLORE.EXE https://www.afternic.com/domains/downloadv3.com
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 510 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBZUN5C.EXE -dLexmark 510 Series
Mairies et Collectivités Locales-->"C:\Program Files\Pédagofiche\Mairies et Collectivités Locales\Désinstallation20080430\Désinstaller Mairies et Collectivités Locales.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\windows\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\windows\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.21)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Navigateur Orange-->C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl
Navilog1 3.7.6-->"C:\Program Files\Navilog1\unins000.exe"
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
NvMixer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
P.I.E. Patch-->C:\Program Files\PIE Patch\uninstaller.exe
P2P_Torrent Toolbar-->C:\PROGRA~1\P2P_TO~1\UNWISE.EXE C:\PROGRA~1\P2P_TO~1\INSTALL.LOG
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C7A451815AD6A55564D6F47B5A12C61D8B4DCFD1\amdk8.inf
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PCI 1620 Cardbus Controller and Software-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{97355297-21C8-40CD-96D3-48E58037A9B8} /l1036
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Quick Launch Buttons 5.10 B5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\Setup.exe" -l0x40c -uninst
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
ToolbarBrowser v2.4-->"C:\Program Files\TRELLIAN\Toolbar\unToolbarBrowser\unins000.exe"
VideoLAN VLC media player 0.8.6e-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 jL.chura.pl
127.0.0.1 localhost

======Security center information======

AV: ESET NOD32 Antivirus 3.0

======System event log======

Computer Name: LAMBERT-992313A
Event Code: 7036
Message: Le service Gestionnaire de connexion automatique d'accès distant est entré dans l'état : arrêté.

Record Number: 41382
Source Name: Service Control Manager
Time Written: 20090318163259.000000+060
Event Type: Informations
User:

Computer Name: LAMBERT-992313A
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service Gestionnaire de connexion automatique d'accès distant.

Record Number: 41381
Source Name: Service Control Manager
Time Written: 20090318163259.000000+060
Event Type: Informations
User: LAMBERT-992313A\Propriétaire

Computer Name: LAMBERT-992313A
Event Code: 7036
Message: Le service Gestionnaire de connexion automatique d'accès distant est entré dans l'état : en cours d'exécution.

Record Number: 41380
Source Name: Service Control Manager
Time Written: 20090318144921.000000+060
Event Type: Informations
User:

Computer Name: LAMBERT-992313A
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexion automatique d'accès distant.

Record Number: 41379
Source Name: Service Control Manager
Time Written: 20090318144921.000000+060
Event Type: Informations
User: LAMBERT-992313A\Propriétaire

Computer Name: LAMBERT-992313A
Event Code: 20159
Message: La connexion à Orange effectuée par l'utilisateur fti/abvxyg9 utilisant le périphérique PPPoE6-0 a été déconnectée.

Record Number: 41378
Source Name: RemoteAccess
Time Written: 20090318144921.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: LAMBERT-992313A
Event Code: 1000
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20080706194852.000000+120
Event Type: Informations
User:

Computer Name: LAMBERT-992313A
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés.
Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système
et les dernières entrées du registre d'aide.

Record Number: 4
Source Name: LoadPerf
Time Written: 20080706194851.000000+120
Event Type: Informations
User:

Computer Name: LAMBERT-992313A
Event Code: 11725
Message: Product: Dealio Toolbar 3.4 -- Removal failed.

Record Number: 3
Source Name: MsiInstaller
Time Written: 20080706194636.000000+120
Event Type: Informations
User: LAMBERT-992313A\Propriétaire

Computer Name: LAMBERT-992313A
Event Code: 11725
Message: Product: Dealio Toolbar 3.4 -- Removal failed.

Record Number: 2
Source Name: MsiInstaller
Time Written: 20080706194611.000000+120
Event Type: Informations
User: LAMBERT-992313A\Propriétaire

Computer Name: LAMBERT-992313A
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 1
Source Name: SecurityCenter
Time Written: 20080706194432.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 10, AuthenticAMD
"PROCESSOR_REVISION"=040a
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
numero 2

Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-04-03 12:42:25
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 6 GB (17%) free of 32 GB
Total RAM: 767 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:14, on 03/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\windows\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\mstd.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\windows\system32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.icrfast.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
R3 - URLSearchHook: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
R3 - URLSearchHook: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Trellian BHO Impl - {24180B00-2EB6-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
O3 - Toolbar: Download-FR Toolbar - {8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} - C:\Program Files\Download-FR\tbDown.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{067C93CD-3E9B-456C-B41C-EF587630DAFF}: NameServer = 81.253.149.9 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{35B4D19E-BD84-4FF8-873A-52A4CDFE91B7}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CCS\Services\Tcpip\..\{67A28F0E-5291-4313-97E8-8925DC1F8C95}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF0A1D49-D36C-46C8-BE9D-E05DCA9ED947}: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.63,85.255.112.87
O17 - HKLM\System\CS1\Services\Tcpip\..\{067C93CD-3E9B-456C-B41C-EF587630DAFF}: NameServer = 81.253.149.9 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.63,85.255.112.87
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: mchgrcoi32 - C:\windows\SYSTEM32\mchgrcoi32.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

oui je continue, je reviens de déjeuner excuse moi je suis à ton écoute

ca ne marche toujours pas, j'ai toujours les mêmes problèmes

SmitFraudFix v2.405

Rapport fait à 14:02:47,81, 03/04/2009
Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix


»»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

je me mets à la tâche et je te redis merci encore

J'ai tout bien fait mais le dossier du rapport est vide, d'ailleurs, ça ma planté l'ordi, il a fallu que je redémarre je n'avais plus aucun icones, j'ai supprimé les 3 certificats.
Quelle est la conduite à tenirr

je pense que le programme moveit ne répond pas..je sais pas de trop

Toujours pas de possiblité d'aller sur C: par clic, le gestionnaire internet ne se lance plus au démarrage je commence à me faire du souci, je crois que l'on va pas y arriver

tu es parti peut être??