virus urgent s'il vous plait

bonjour
voila que avast me dit que dans mon dossier verus j'ai un suposer programme qui s'appelle flash_desinfector.cmd
elle me dit que ses un virus ne veux ni le suprimer ni le mettre en quarantaine en fait avast me dit qu'il ne peu rien de ce virus donc je l'ai foutu a la poubelle et attend de vous que vous me dite quoi faire merci pour l'aide
ps:j'ai aussi mon dick externe de conecter que dois-je faire avec ca merci

Bonjour, il est impossible pour toi de le supprimer manuellement ?
Si avast se déclenche, desactive le juste pour supprimer le fichier.

Sinon utilise ce logiciel : :
http://www.01net.com/telecharger/windows/Utilitaire/manipulation_de_fichier/fiches/32585.html

Il te permettra de supprimer des fichiers même si ceux ci sont bloqué par un processus.

bonjour tof225391
je suis vraiment infecter plus que je pensais voila le resultat de bidefender et je ne sais pas ce que je vais faire pour scaner mon dick externe me renseigner serais gentil merci

Statistiques
Temps	00:46:23
Fichiers	88026
Directoires	7039
Secteurs de boot	0
Archives	1938
Paquets programmes	5127

Résultats
Virus identifiés	4
Fichiers infectés	7
Fichiers suspects	0
Avertissements	0
Désinfectés	0
Fichiers effacés	7

Info sur les moteurs
Définition virus	2566717
Version des moteurs	AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Analyse des plugins	17
Archive des plugins	45
Unpack des plugins	7
E-mail plugins	6
Système plugins	4

Paramètres d'analyse
Première action	Désinfecté
Seconde Action	Supprimé
Heuristique	Oui
Acceptez les avertissements	Oui
Extensions analysées	exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails	Oui
Analyse des Archives	Oui
Analyser paquets programmes	Oui
Analyse des fichiers	Oui
Analyse de boot	Oui

Fichier analysé	Statut
C:\Documents and Settings\user\Bureau\mes dossier\TEST\vtsetup.exe	Infecté par: Worm.Generic.41112
C:\Documents and Settings\user\Bureau\mes dossier\TEST\vtsetup.exe	Supprimé
C:\Documents and Settings\user\Local Settings\Application DataKiweeToolbar1.3.118.msi=>(Embedded CAB)=>_255311685EC0439E9B51F19CA2877AB9	Infecté par: Trojan.Zlob.9156
C:\Documents and Settings\user\Local Settings\Application DataKiweeToolbar1.3.118.msi=>(Embedded CAB)=>_255311685EC0439E9B51F19CA2877AB9	Supprimé
C:\Documents and Settings\user\Local Settings\Application DataKiweeToolbar1.3.118.msi=>(Embedded CAB)	Echec de la mise à jour
C:\Program Files\totalcmd\keygen.exe	Infecté par: Backdoor.Bot.12864
C:\Program Files\totalcmd\keygen.exe	Supprimé
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP329\A0085468.exe	Infecté par: Trojan.Generic.786090
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP329\A0085468.exe	Supprimé
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP329\A0085469.exe	Infecté par: Trojan.Generic.786090
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP329\A0085469.exe	Supprimé
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086477.exe	Infecté par: Worm.Generic.41112
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086477.exe	Supprimé
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086479.exe	Infecté par: Backdoor.Bot.12864
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086479.exe	Supprimé

re bonsoir
voila hijackthis merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:51:28, on 2009-01-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\AGI\common\win32\PythonService.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\DOCUME~1\user\LOCALS~1\Temp\AutoDetect.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\user\Mes documents\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Ceedo AutoDetect] C:\DOCUME~1\user\LOCALS~1\Temp\AutoDetect.exe /active
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ADeck.lnk = C:\Program Files\VIAudioi\SBADeck\ADeck.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-03081ad63bc5eab2.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_0_32.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC9E1E-00AD-4BC0-8F9E-5B9B57416BFA}: NameServer = 207.164.234.129 207.164.234.193
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
--
End of file - 9572 bytes

bonjour
nouveau scan ce matin:

BitDefender Online Scanner

Rapport d'analyse généré à: Wed, Jan 21, 2009 - 02:04:41

Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;

Statistiques
Temps	00:47:46
Fichiers	91774
Directoires	7035
Secteurs de boot	0
Archives	1953
Paquets programmes	5832

Résultats
Virus identifiés	1
Fichiers infectés	2
Fichiers suspects	0
Avertissements	0
Désinfectés	0
Fichiers effacés	2

Info sur les moteurs
Définition virus	2566723
Version des moteurs	AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Analyse des plugins	17
Archive des plugins	45
Unpack des plugins	7
E-mail plugins	6
Système plugins	4

Paramètres d'analyse
Première action	Désinfecté
Seconde Action	Supprimé
Heuristique	Oui
Acceptez les avertissements	Oui
Extensions analysées	exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails	Oui
Analyse des Archives	Oui
Analyser paquets programmes	Oui
Analyse des fichiers	Oui
Analyse de boot	Oui

Fichier analysé	Statut
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086574.msi=>(Embedded CAB)=>_255311685EC0439E9B51F19CA2877AB9	Infecté par: Trojan.Zlob.9156
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086574.msi=>(Embedded CAB)=>_255311685EC0439E9B51F19CA2877AB9	Supprimé
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086574.msi=>(Embedded CAB)	Echec de la mise à jour
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086595.msi=>(Embedded CAB)=>_255311685EC0439E9B51F19CA2877AB9	Infecté par: Trojan.Zlob.9156
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086595.msi=>(Embedded CAB)=>_255311685EC0439E9B51F19CA2877AB9	Supprimé
C:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086595.msi=>(Embedded CAB)	Echec de la mise à jour

bonjour
j'ai desinstaller flash_desinfector manuellement j'ai passer panda antiverus et voila le rapport j'ai besoin d'aide s.v.p il y a des dossiers la dedans dont je ne sais pas ou il son merci:evil:

ANALYSIS: 2009-01-21 14:43:29
PROTECTIONS: 1
MALWARE: 11
SUSPECTS: 3
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
avast! antivirus 4.8.1296 [VPS 090121-0] 4.8.1296 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00029926 Dialer.Gen Dialers No 0 Yes No C:\Documents and Settings\user\Favoris\recettes\Index français la table de Nadine.url:favicon
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No K:\Ceedo\User\Cookies\user@tribalfusion[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@xiti[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@bs.serving-sys[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@weborama[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@adtech[1].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@fl01.ct2.comclick[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@smartadserver[1].txt
00366244 Application/NirCmd.A HackTools No 0 No No K:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP329\A0085470.exe[K:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP329\A0085470.exe][nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 No No K:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086621.exe[K:\System Volume Information\_restore{F21B0DA0-47BD-41CE-AAF4-01CC72ECA91C}\RP330\A0086621.exe][nircmd.exe]
03074964 Trj/CI.A Virus/Trojan No 0 Yes No K:\System Volume Information\_restore{95C77058-F64B-48EF-80B1-FB5B2DBC6D12}\RP272\A0045274.exe
03074964 Trj/CI.A Virus/Trojan No 0 Yes No K:\My Documents\DICKC D\ecran de veille\ButterflyOasisDashbar_s_Inst-28.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location :
;===================================================================================================================================================================================
No C:\Documents and Settings\user\Bureau\mes dossier\DOWNLOAD CHRISTINE\JEUX\shisen.exe :
No K:\My Documents\DICKC D\DOWNLOAD CHRISTINE\JEUX\shisen.exe :
No K:\My Documents\DICKC D\TEST\shisen20 mahjong.zip[shisen.exe] :
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description :
;===================================================================================================================================================================================
;===================================================================================================================================================================================

bonjour a tous
[img] virus urgent s'il vous plait 440tc510

[/img]mon sujet ne vous interesse pas ou quoi je voudrais savoir si je suis veruser ou pas si j'en ai trop ecris dite moi se que vous voulez et je ferais en consequence merci a tous

Bonsoir Chasse,

Télécharges l'outil de suppression de logiciels malveillant de Microsoft qui devrait éradiquer les virus trouvés lors des différents scans que tu a effectués.
http://www.microsoft.com/downloads/details.aspx?displaylang=fr&FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356

Laisse ton DD externe branché sur le PC ainsi que ta/tes clé USB si tu en as.

Copie/colle le résultat de ce scan dans ta prochaine réponse STP.

Très amHicalement.

bonsoir xide
je mexcuse mes je n'es pas de rapport a te mettre sauf un image que j'ai pris de mon ecran je ne pouvais faire copie coller a moin que je n'ais pas loader le bon truc voila donc l'image qui dit que j'avais un virus et qu'il es suprimer dit moi si tu veux autre chose merci
[img] virus urgent s'il vous plait 110

[/img]

bonjour à tous
pourquoi avais tu utilisé flash_desinfector?
ce n'est pas un virus c'est un outil de désinfection qui sert à nettoyer les PC et les périphériques infectés par des virus !
il est fort probable que tu sois infectée par ce genre de virus transmissible par périphériques externes...
suis ce tutoriel et poste le rapport obtenu
http://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
comme le rapport est long tu risques d'être obligée de le poster en plusieurs morceaux
virus urgent s'il vous plait Nature02

bonjour chrifleur
je l'ai jeter car avast me disais que s'etais un virus
je fais se que tu me demande et je te donne suite tres contente de te voir

re bonjour chrifleur
toute surprise je m'etais installer pour une heure ou deux mes qu'elle que secondes et voila le premier
Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2009-01-24 11:37:10
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 27 GB (35%) free of 76 GB
Total RAM: 959 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:37:20, on 2009-01-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\smss.exe
C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\winlogon.exe
C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\services.exe
C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\lsass.exe
C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\svchost.exe
C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\svchost.exe
C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\aswUpdSv.exe
C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\ashServ.exe
C:\\\\\\\\WINDOWS\\\\\\\\Explorer.EXE
C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\LEXBCES.EXE
C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\LEXPPS.EXE
C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\spoolsv.exe
C:\\\\\\\\PROGRA~1\\\\\\\\ALWILS~1\\\\\\\\Avast4\\\\\\\\ashDisp.exe
C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jusched.exe
C:\\\\\\\\Program Files\\\\\\\\Winamp\\\\\\\\winampa.exe
C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\ctfmon.exe
C:\\\\\\\\Program Files\\\\\\\\MétéoMédia\\\\\\\\MétéoÉclair\\\\\\\\WeatherEye.exe
C:\\\\\\\\Program Files\\\\\\\\AGI\\\\\\\\common\\\\\\\\win32\\\\\\\\PythonService.exe
C:\\\\\\\\Program Files\\\\\\\\Bonjour\\\\\\\\mDNSResponder.exe
C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jqs.exe
C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\svchost.exe
C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\ashMaiSv.exe
C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\ashWebSv.exe
C:\\\\\\\\Program Files\\\\\\\\MétéoMédia\\\\\\\\MétéoÉclair\\\\\\\\WeatherEye.exe
C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\svchost.exe
C:\\\\\\\\Documents and Settings\\\\\\\\user\\\\\\\\Bureau\\\\\\\\RSIT.exe
C:\\\\\\\\Documents and Settings\\\\\\\\user\\\\\\\\Mes documents\\\\\\\\hijackthis\\\\\\\\user.exe
R0 - HKCU\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Start Page = http://www.google.ca/
R1 - HKLM\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Windows\\\\\\\\CurrentVersion\\\\\\\\Internet Settings,ProxyOverride = *.local
R0 - HKCU\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\\\\\\\\Program Files\\\\\\\\AGI\\\\\\\\common\\\\\\\\agcutils.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\\\\\\\Program Files\\\\\\\\Fichiers communs\\\\\\\\Adobe\\\\\\\\Acrobat\\\\\\\\ActiveX\\\\\\\\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\\\\\\\\Program Files\\\\\\\\Real\\\\\\\\RealPlayer\\\\\\\\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\\\\\\\\PROGRA~1\\\\\\\\SPYBOT~1\\\\\\\\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\\\\\\\Program Files\\\\\\\\Fichiers communs\\\\\\\\Microsoft Shared\\\\\\\\Windows Live\\\\\\\\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\lib\\\\\\\\deploy\\\\\\\\jqs\\\\\\\\ie\\\\\\\\jqs_plugin.dll
O4 - HKLM\\\\\\\\..\\\\\\\\Run: [avast!] C:\\\\\\\\PROGRA~1\\\\\\\\ALWILS~1\\\\\\\\Avast4\\\\\\\\ashDisp.exe
O4 - HKLM\\\\\\\\..\\\\\\\\Run: [SunJavaUpdateSched] "C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jusched.exe"
O4 - HKLM\\\\\\\\..\\\\\\\\Run: [QuickTime Task] "C:\\\\\\\\Program Files\\\\\\\\QuickTime\\\\\\\\qttask.exe" -atboottime
O4 - HKLM\\\\\\\\..\\\\\\\\Run: [WinampAgent] "C:\\\\\\\\Program Files\\\\\\\\Winamp\\\\\\\\winampa.exe"
O4 - HKLM\\\\\\\\..\\\\\\\\Run: [Adobe Reader Speed Launcher] "C:\\\\\\\\Program Files\\\\\\\\Adobe\\\\\\\\Reader 8.0\\\\\\\\Reader\\\\\\\\Reader_sl.exe"
O4 - HKLM\\\\\\\\..\\\\\\\\Run: [MSConfig] C:\\\\\\\\WINDOWS\\\\\\\\pchealth\\\\\\\\helpctr\\\\\\\\Binaries\\\\\\\\MSCONFIG.EXE /auto
O4 - HKCU\\\\\\\\..\\\\\\\\Run: [ctfmon.exe] C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\ctfmon.exe
O4 - HKCU\\\\\\\\..\\\\\\\\Run: [WeatherEye] C:\\\\\\\\Program Files\\\\\\\\MétéoMédia\\\\\\\\MétéoÉclair\\\\\\\\WeatherEye.exe
O4 - HKUS\\\\\\\\S-1-5-19\\\\\\\\..\\\\\\\\Run: [CTFMON.EXE] C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\\\\\\\\S-1-5-20\\\\\\\\..\\\\\\\\Run: [CTFMON.EXE] C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\\\\\\\\S-1-5-18\\\\\\\\..\\\\\\\\Run: [CTFMON.EXE] C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\\\\\\\\.DEFAULT\\\\\\\\..\\\\\\\\Run: [CTFMON.EXE] C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\\\\\\\\Program Files\\\\\\\\WinAVI FLV Converter\\\\\\\\flv_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\\\\\\\\PROGRA~1\\\\\\\\MICROS~2\\\\\\\\Office12\\\\\\\\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\\\\\\\\WINDOWS\\\\\\\\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\\\\\\\\WINDOWS\\\\\\\\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\\\\\\\PROGRA~1\\\\\\\\SPYBOT~1\\\\\\\\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\\\\\\\PROGRA~1\\\\\\\\SPYBOT~1\\\\\\\\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\\\\\\\WINDOWS\\\\\\\\Network Diagnostic\\\\\\\\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\\\\\\\WINDOWS\\\\\\\\Network Diagnostic\\\\\\\\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\\\\\\\Program Files\\\\\\\\Messenger\\\\\\\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\\\\\\\Program Files\\\\\\\\Messenger\\\\\\\\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\\\\\\\\windows\\\\\\\\system32\\\\\\\\nwprovau.dll
O12 - Plugin for .spop: C:\\\\\\\\Program Files\\\\\\\\Internet Explorer\\\\\\\\Plugins\\\\\\\\NPDocBox.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-03081ad63bc5eab2.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_0_32.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\\\\\\\\Program Files\\\\\\\\AGI\\\\\\\\common\\\\\\\\win32\\\\\\\\PythonService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\\\\\\\\Program Files\\\\\\\\Bonjour\\\\\\\\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\LEXBCES.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\\\\\\\\Program Files\\\\\\\\ma-config.com\\\\\\\\maconfservice.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\\\\\\\\Program Files\\\\\\\\TuneUp Utilities 2006\\\\\\\\WinStylerThemeSvc.exe
--
End of file - 8502 bytes
======Scheduled tasks folder======

re

======Scheduled tasks folder======
C:\\WINDOWS\\tasks\\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\\Program Files\\Fichiers communs\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\\Program Files\\Real\\RealPlayer\\rpbrowserrecordplugin.dll [2007-12-11 370296]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\\PROGRA~1\\SPYBOT~1\\SDHelper.dll [2008-01-28 1554256]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\\Program Files\\Java\\jre6\\bin\\ssv.dll [2008-12-03 320920]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll [2008-12-03 34816]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\\Program Files\\Java\\jre6\\lib\\deploy\\jqs\\ie\\jqs_plugin.dll [2008-12-03 73728]
[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
"avast!"=C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe [2008-11-26 81000]
"SunJavaUpdateSched"=C:\\Program Files\\Java\\jre6\\bin\\jusched.exe [2008-12-03 136600]
"QuickTime Task"=C:\\Program Files\\QuickTime\\qttask.exe [2008-09-06 413696]
"WinampAgent"=C:\\Program Files\\Winamp\\winampa.exe [2008-08-03 36352]
"Adobe Reader Speed Launcher"=C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe [2008-10-15 39792]
"MSConfig"=C:\\WINDOWS\\pchealth\\helpctr\\Binaries\\MSCONFIG.EXE [2008-04-13 172544]
[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
"ctfmon.exe"=C:\\WINDOWS\\system32\\ctfmon.exe [2008-04-13 15360]
"WeatherEye"=C:\\Program Files\\MétéoMédia\\MétéoÉclair\\WeatherEye.exe [2009-01-16 4519832]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Adobe Photo Downloader]
C:\\Program Files\\Adobe\\Photoshop Album Edition Découverte\\3.0\\Apps\\apdproxy.exe [2005-06-23 57344]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Adobe Reader Speed Launcher]
C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Ceedo AutoDetect]
C:\\DOCUME~1\\user\\LOCALS~1\\Temp\\AutoDetect.exe [2007-11-15 374288]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\ctfmon.exe]
C:\\WINDOWS\\system32\\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\PinnacleDriverCheck]
C:\\WINDOWS\\system32\\PSDrvCheck.exe [2004-03-10 406016]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\QuickTime Task]
C:\\Program Files\\QuickTime\\qttask.exe [2008-09-06 413696]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SpybotSD TeaTimer]
C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe [2008-01-28 2097488]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SunJavaUpdateSched]
C:\\Program Files\\Java\\jre6\\bin\\jusched.exe [2008-12-03 136600]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\type32]
C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe [2004-06-03 172032]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\VTTimer]
C:\\WINDOWS\\system32\\VTTimer.exe [2003-05-07 36864]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\WinampAgent]
C:\\Program Files\\Winamp\\winampa.exe [2008-08-03 36352]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupfolder\\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^ADeck.lnk]
C:\\PROGRA~1\\VIAudioi\\SBADeck\\ADeck.exe [2004-05-10 7917056]
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupfolder\\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Webshots.lnk]
C:\\PROGRA~1\\Webshots\\Launcher.exe [2009-01-10 157000]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\WgaLogon]
C:\\WINDOWS\\system32\\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\\WINDOWS\\system32\\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\\WINDOWS\\system32\\upnpui.dll [2008-04-13 240128]
[HKEY_LOCAL_MACHINE\\system\\currentcontrolset\\control\\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\aawservice]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\aawservice]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\nm]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\nm.sys]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\UploadMgr]
[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=36
[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\\system\\currentcontrolset\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\authorizedapplications\\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Disabled:Microsoft Management Console"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\ma-config.com\\maconfservice.exe"="C:\\Program Files\\ma-config.com\\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe"="C:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe:*:Enabled:Photo Story 3 for Windows"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Deer Hunter 3\\Deer Hunter 3.exe"="C:\\Program Files\\Deer Hunter 3\\Deer Hunter 3.exe:*:Enabled:Deer Hunter 3"
"C:\\Documents and Settings\\user\\Mes documents\\StubInstaller.exe"="C:\\Documents and Settings\\user\\Mes documents\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_LOCAL_MACHINE\\system\\currentcontrolset\\services\\sharedaccess\\parameters\\firewallpolicy\\domainprofile\\authorizedapplications\\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{42a81d3f-81c6-11dc-9b8b-00138f240de8}]
shell\\AutoRun\\command - K:\\Autorun.exe /run
shell\\Shell00\\command - K:\\Autorun.exe /run
shell\\Shell01\\command - K:\\Autorun.exe /action
shell\\Shell02\\command - K:\\Autorun.exe /uninstall

======List of files/folders created in the last 1 months======
2009-01-24 11:37:10 ----D---- C:\\rsit
2009-01-23 01:09:05 ----N---- C:\\WINDOWS\\system32\\difxapi.dll
2009-01-23 01:09:05 ----D---- C:\\Program Files\\VIA
2009-01-23 01:04:18 ----AD---- C:\\Program Files\\Vinyl_V700b
2009-01-16 14:51:17 ----D---- C:\\Documents and Settings\\user\\Application Data\\Obsidium
2009-01-16 14:51:12 ----D---- C:\\Program Files\\AudioComparer
2009-01-14 01:22:42 ----HDC---- C:\\WINDOWS\\$NtUninstallKB958687$
2009-01-10 23:45:51 ----D---- C:\\Program Files\\Diettes et tics
2009-01-10 14:00:25 ----D---- C:\\Documents and Settings\\user\\Application Data\\agi
2009-01-10 14:00:24 ----D---- C:\\Documents and Settings\\All Users\\Application Data\\agi
2009-01-10 13:59:56 ----D---- C:\\Program Files\\AGI
2009-01-10 00:57:19 ----D---- C:\\Documents and Settings\\user\\Application Data\\ESTSoft
======List of files/folders modified in the last 1 months======
2009-01-24 11:37:20 ----D---- C:\\WINDOWS\\Prefetch
2009-01-24 11:05:52 ----D---- C:\\WINDOWS\\Temp
2009-01-24 11:05:16 ----RASH---- C:\\boot.ini
2009-01-24 11:05:16 ----A---- C:\\WINDOWS\\win.ini
2009-01-24 11:05:16 ----A---- C:\\WINDOWS\\system.ini
2009-01-24 00:58:22 ----A---- C:\\WINDOWS\\SchedLgU.Txt
2009-01-23 15:40:49 ----D---- C:\\WINDOWS\\system32\\CatRoot2
2009-01-23 15:39:09 ----D---- C:\\WINDOWS\\pss
2009-01-23 14:38:21 ----SHD---- C:\\WINDOWS\\Installer
2009-01-23 06:38:42 ----D---- C:\\WINDOWS
2009-01-23 01:10:34 ----HD---- C:\\Program Files\\InstallShield Installation Information
2009-01-23 01:10:06 ----D---- C:\\Config.Msi
2009-01-23 01:09:55 ----RSHDC---- C:\\WINDOWS\\system32\\dllcache
2009-01-23 01:09:50 ----D---- C:\\WINDOWS\\system32\\drivers
2009-01-23 01:09:50 ----D---- C:\\WINDOWS\\system32
2009-01-23 01:09:45 ----HD---- C:\\WINDOWS\\inf
2009-01-23 01:09:44 ----D---- C:\\WINDOWS\\system32\\ReinstallBackups
2009-01-23 01:09:05 ----D---- C:\\Program Files
2009-01-22 23:15:27 ----A---- C:\\WINDOWS\\LEXSTAT.INI
2009-01-22 14:41:04 ----D---- C:\\WINDOWS\\Debug
2009-01-21 16:32:25 ----D---- C:\\WINDOWS\\BDOSCAN8
2009-01-21 08:25:57 ----D---- C:\\Program Files\\Panda Security
2009-01-21 08:21:37 ----SD---- C:\\WINDOWS\\Downloaded Program Files
2009-01-20 20:24:36 ----D---- C:\\Documents and Settings\\All Users\\Application Data\\Adobe
2009-01-20 20:24:27 ----D---- C:\\Program Files\\Fichiers communs\\Adobe
2009-01-20 20:24:27 ----D---- C:\\Program Files\\Adobe
2009-01-20 17:47:02 ----A---- C:\\WINDOWS\\NeroDigital.ini
2009-01-20 16:57:52 ----D---- C:\\Program Files\\totalcmd
2009-01-20 14:38:44 ----D---- C:\\WINDOWS\\Minidump
2009-01-20 14:28:31 ----A---- C:\\WINDOWS\\wincmd.ini
2009-01-19 17:57:58 ----D---- C:\\Documents and Settings\\user\\Application Data\\IconTweaker
2009-01-19 17:57:58 ----D---- C:\\Documents and Settings\\All Users\\Application Data\\IconTweaker
2009-01-19 17:33:07 ----D---- C:\\Program Files\\Bonjour
2009-01-18 12:26:29 ----D---- C:\\Program Files\\Winamp
2009-01-16 14:42:58 ----D---- C:\\Program Files\\Fichiers communs
2009-01-15 01:41:33 ----D---- C:\\Documents and Settings\\All Users\\Application Data\\Microsoft Help
2009-01-14 01:22:17 ----HD---- C:\\WINDOWS\\$hf_mig$
2009-01-11 11:18:05 ----D---- C:\\Program Files\\Webshots
2009-01-10 14:00:09 ----A---- C:\\WINDOWS\\system32\\pywintypes25.dll
2009-01-10 14:00:09 ----A---- C:\\WINDOWS\\system32\\pythoncom25.dll
2009-01-10 14:00:09 ----A---- C:\\WINDOWS\\system32\\python25.dll
2009-01-09 17:35:30 ----A---- C:\\WINDOWS\\system32\\MRT.exe
2009-01-06 14:55:17 ----D---- C:\\WINDOWS\\Help
======

re
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-10-28 82380]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 41856]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-28 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-28 55936]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-10-23 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2003-06-07 258944]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-27 207488]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 SDTHOOK;SDTHOOK; C:\WINDOWS\System32\DRIVERS\SDTHOOK.sys [2007-06-05 44928]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2009-01-10 10240]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-03 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-05-30 576680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-10 118272]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
-----------------EOF-----------------

re

info.txt logfile of random's system information tool 1.05 2009-01-24 11:37:23
======Uninstall list======
-->C:\\\\\\\\Program Files\\\\\\\\Fichiers communs\\\\\\\\Real\\\\\\\\Update_OB\\\\\\\\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\\\\\\\\WINDOWS\\\\\\\\INF\\\\\\\\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe Acrobat 4.0-->C:\\\\\\\\WINDOWS\\\\\\\\ISUN040C.EXE -f"C:\\\\\\\\Program Files\\\\\\\\Fichiers communs\\\\\\\\Adobe\\\\\\\\Acrobat 4.0\\\\\\\\NT\\\\\\\\Uninst.isu" -c"C:\\\\\\\\Program Files\\\\\\\\Fichiers communs\\\\\\\\Adobe\\\\\\\\Acrobat 4.0\\\\\\\\NT\\\\\\\\Uninst.dll"
Adobe Acrobat 5.0-->C:\\\\\\\\WINDOWS\\\\\\\\ISUNINST.EXE -f"C:\\\\\\\\Program Files\\\\\\\\Fichiers communs\\\\\\\\Adobe\\\\\\\\Acrobat 5.0\\\\\\\\NT\\\\\\\\Uninst.isu" -c"C:\\\\\\\\Program Files\\\\\\\\Fichiers communs\\\\\\\\Adobe\\\\\\\\Acrobat 5.0\\\\\\\\NT\\\\\\\\Uninst.dll"
Adobe Flash Player 10 Plugin-->C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\Macromed\\\\\\\\Flash\\\\\\\\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\Macromed\\\\\\\\Flash\\\\\\\\uninstall_activeX.exe
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player 11-->C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\adobe\\\\\\\\SHOCKW~1\\\\\\\\UNWISE.EXE C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\Adobe\\\\\\\\SHOCKW~1\\\\\\\\Install.log
Adobe

Photoshop

Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AM-DeadLink 3.2-->"C:\\\\\\\\Program Files\\\\\\\\AM-DeadLink\\\\\\\\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\\\\\\\\Program Files\\\\\\\\WinRAR\\\\\\\\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI HFX Pack-->C:\\\\\\\\WINDOWS\\\\\\\\unvise32.exe C:\\\\\\\\WINDOWS\\\\\\\\unhfxati.log
Audio Comparer-->"C:\\\\\\\\Program Files\\\\\\\\AudioComparer\\\\\\\\unins000.exe"
avast! Antivirus-->C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\aswRunDll.exe "C:\\\\\\\\Program Files\\\\\\\\Alwil Software\\\\\\\\Avast4\\\\\\\\Setup\\\\\\\\setiface.dll",RunSetup
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCleaner (remove only)-->"C:\\\\\\\\Program Files\\\\\\\\CCleaner\\\\\\\\uninst.exe"
ConvertMovie 5.0-->C:\\\\\\\\Program Files\\\\\\\\ConvertMovie 5.0\\\\\\\\uninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\\\\\\\\WINDOWS\\\\\\\\$NtUninstallKB939683$\\\\\\\\spuninst\\\\\\\\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\\\\\\\\WINDOWS\\\\\\\\ie7updates\\\\\\\\KB947864-IE7\\\\\\\\spuninst\\\\\\\\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\\\\\\\\WINDOWS\\\\\\\\$NtUninstallKB952287$\\\\\\\\spuninst\\\\\\\\spuninst.exe"
Diaporama version 3.0.0.1-->"C:\\\\\\\\Program Files\\\\\\\\SoftChris\\\\\\\\Diaporama\\\\\\\\unins000.exe"
Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
DVD Solution-->"C:\\\\\\\\Program Files\\\\\\\\Uninstall_CDS.exe"
DVDFab Platinum 3.1.8.0-->"C:\\\\\\\\Program Files\\\\\\\\DVDFab Platinum 3\\\\\\\\unins000.exe"
DynGate-->"C:\\\\\\\\Program Files\\\\\\\\DynGate\\\\\\\\uninstall.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Finance 2003 version 10.03-->"C:\\\\\\\\Program Files\\\\\\\\SoftChris\\\\\\\\Finance 2003\\\\\\\\unins000.exe"
Free FLV Converter V 5.6-->"C:\\\\\\\\Program Files\\\\\\\\Free FLV Converter\\\\\\\\unins000.exe"
Free Mp3 Wma Converter V 1.7.3-->"C:\\\\\\\\Program Files\\\\\\\\Free Audio Pack\\\\\\\\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
Greeting Card Creator 32-->C:\\\\\\\\PROGRA~1\\\\\\\\GREETI~1\\\\\\\\UNWISE.EXE C:\\\\\\\\PROGRA~1\\\\\\\\GREETI~1\\\\\\\\INSTALL.LOG
HijackThis 2.0.2-->"C:\\\\\\\\Documents and Settings\\\\\\\\user\\\\\\\\Mes documents\\\\\\\\hijackthis\\\\\\\\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\\\\\\\\WINDOWS\\\\\\\\$NtUninstallKB929399$\\\\\\\\spuninst\\\\\\\\spuninst.exe"
HP Photo and Imaging 2.2 - Scanjet 3970 Series-->MsiExec.exe /I{796ADAFF-7C5B-4CED-BA11-55A3644F1E0D}
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
iColorFolder-->C:\\\\\\\\Program Files\\\\\\\\iColorFolder\\\\\\\\uninstall.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Online Scanner-->C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\Kaspersky Lab\\\\\\\\Kaspersky Online Scanner\\\\\\\\kavuninstall.exe
K-Lite Codec Pack 4.3.1 (Full)-->"C:\\\\\\\\Program Files\\\\\\\\K-Lite Codec Pack\\\\\\\\unins000.exe"
KM400/KN400 Display Driver and Utilities-->C:\\\\\\\\PROGRA~1\\\\\\\\S3Inc\\\\\\\\S3\\\\\\\\s3setvga.exe -s -fC:\\\\\\\\PROGRA~1\\\\\\\\S3Inc\\\\\\\\S3\\\\\\\\S3.uns
L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\\\\\\\\WINDOWS\\\\\\\\INF\\\\\\\\LHTTSFRF.inf, Uninstall
La Marmite du Chef - Recettes-->C:\\\\\\\\PROGRA~1\\\\\\\\ELJUKY~1\\\\\\\\LAMARM~1\\\\\\\\UNWISE.EXE C:\\\\\\\\PROGRA~1\\\\\\\\ELJUKY~1\\\\\\\\LAMARM~1\\\\\\\\INSTALL.LOG
Lecteur Windows Media 11-->"C:\\\\\\\\Program Files\\\\\\\\Windows Media Player\\\\\\\\Setup_wm.exe" /Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\\\\\\\\WINDOWS\\\\\\\\INF\\\\\\\\tv_enua.inf, Uninstall
Lexmark Z600 Series-->C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\spool\\\\\\\\drivers\\\\\\\\w32x86\\\\\\\\3\\\\\\\\LXBCUN5C.EXE -dLexmark Z600 Series
LimeWire PRO 4.14.10-->"C:\\\\\\\\Program Files\\\\\\\\LimeWire\\\\\\\\uninstall.exe"
Local Cooling Setup-->MsiExec.exe /I{79166E9D-4D2B-405A-B8F5-B43E0C795FF2}
Ma-Config.com-->MsiExec.exe /X{D1874C3B-A0A5-446F-B76C-5265F11D8A1A}
Malwarebytes' Anti-Malware-->"C:\\\\\\\\Program Files\\\\\\\\Malwarebytes' Anti-Malware\\\\\\\\unins000.exe"
Marmiton-->C:\\\\\\\\WINDOWS\\\\\\\\unin040c.exe -f"C:\\\\\\\\Program Files\\\\\\\\Marmiton\\\\\\\\Marmiton\\\\\\\\DeIsL1.isu" -c"C:\\\\\\\\Program Files\\\\\\\\Marmiton\\\\\\\\Marmiton\\\\\\\\_ISREG32.DLL"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\\\\\\\\WINDOWS\\\\\\\\$NtUninstallMSCompPackV1$\\\\\\\\spuninst\\\\\\\\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\\\\\\\\WINDOWS\\\\\\\\$NtServicePackUninstallIDNMitigationAPIs$\\\\\\\\spuninst\\\\\\\\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\\\\\\\\WINDOWS\\\\\\\\$NtServicePackUninstallNLSDownlevelMapping$\\\\\\\\spuninst\\\\\\\\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\\\\\\\\Program Files\\\\\\\\Fichiers communs\\\\\\\\Microsoft Shared\\\\\\\\OFFICE12\\\\\\\\Office Setup Controller\\\\\\\\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Pandora's Box-->"C:\\\\\\\\Program Files\\\\\\\\Microsoft Games\\\\\\\\Pandora's Box\\\\\\\\install" /runtemp /uninstall
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\\\\\\\\WINDOWS\\\\\\\\$NtUninstallWudf01000$\\\\\\\\spuninst\\\\\\\\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

re

Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
MS Pandora's Box Trial Version-->"C:\Program Files\Microsoft Games\Pandora's Box Trial\UNINSTAL.EXE" /runtemp /uninstall
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Digital-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
portraitsofautumn_3125138 Screen Saver-->C:\WINDOWS\system32\portraitsofautumn_3125138.scr /u
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Recettes de Cuisine 2004 Light-->C:\WINDOWS\iun6002.exe "C:\Program Files\LudoSoft\Recettes de Cuisine 2004 Light\irunin.ini"
S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
SoundGraph - DVinyl2020 drivers-->C:\WINDOWS\usb-audio.de\SETUP.exe /u /iDVINYL2020 /rusb-audio.deDVINYL2020
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
TeamViewer 3-->C:\Program Files\TeamViewer3\uninstall.exe
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
TuneUp Utilities 2006-->MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -y-f"C:\PROGRA~1\VIAudioi\SBASetup\Uninst.isu"
VIA Le gestionnaire du dispositif de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Virtual Desktop Manager Powertoy for Windows XP-->MsiExec.exe /I{F251B999-08A9-4704-999C-9962F0DFD88E}
VirusTotal Uploader-->"C:\Program Files\VirusTotalUploader\uninstall.exe"
Webshots Desktop-->"C:\Program Files\AGI\common\bootstrapper.exe" -uninstall"\"C:/Program Files/AGI/Python25\pythonw.exe\" \"C:\Program Files\AGI\common\pyagcore\installer.pyc\" -u WebshotsDesktop"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
=====HijackThis Backups=====
O9 - Extra 'Tools' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - Startup: LedWallpaper.lnk = C:\Program Files\LED\LedWallpaper\LedWallpaper.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O2 - BHO: (no name) - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: avast! antivirus 4.8.1296 [VPS 090123-0]
System event log
Computer Name: USER-PLWN3PT0UF
Event Code: 7036
Message: Le service avast! Mail Scanner est entré dans l'état : en cours d'exécution.
Record Number: 27075
Source Name: Service Control Manager
Time Written: 20081220102809.000000-300
Event Type: information
User:
Computer Name: USER-PLWN3PT0UF
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Mail Scanner.
Record Number: 27074
Source Name: Service Control Manager
Time Written: 20081220102809.000000-300
Event Type: information
User: AUTORITE NT\SYSTEM
Computer Name: USER-PLWN3PT0UF
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.
Record Number: 27073
Source Name: Service Control Manager
Time Written: 20081220102809.000000-300
Event Type: information
User:
Computer Name: USER-PLWN3PT0UF
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.
Record Number: 27072
Source Name: Service Control Manager
Time Written: 20081220102809.000000-300
Event Type: information
User: AUTORITE NT\SYSTEM
Computer Name: USER-PLWN3PT0UF
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 27071
Source Name: Service Control Manager
Time Written: 20081220102809.000000-300
Event Type: information
User:
Application event log
Computer Name: USER-PLWN3PT0UF
Event Code: 103
Message: wlmail (216) WindowsLiveMail0: Le moteur de base de données a arrêté une instance (0).
Record Number: 16059
Source Name: ESENT
Time Written: 20081204000947.000000-300
Event Type: information
User:
Computer Name: USER-PLWN3PT0UF
Event Code: 213
Message: wlmail (216) WindowsLiveMail0: La procédure de sauvegarde est terminée.
Record Number: 16058
Source Name: ESENT
Time Written: 20081204000702.000000-300
Event Type: information
User:
Computer Name: USER-PLWN3PT0UF
Event Code: 224
Message: wlmail (216) WindowsLiveMail0: Suppression des fichiers journaux C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Mail\edb000EB.log à C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Mail\edb000EB.log.
Record Number: 16057
Source Name: ESENT
Time Written: 20081204000702.000000-300
Event Type: information
User:
Computer Name: USER-PLWN3PT0UF
Event Code: 223
Message: wlmail (216) WindowsLiveMail0: Début de la sauvegarde des fichiers journaux (C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Mail\edb000EC.log à C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Mail\edb000EC.log).
Record Number: 16056
Source Name: ESENT
Time Written: 20081204000701.000000-300
Event Type: information
User:
Computer Name: USER-PLWN3PT0UF
Event Code: 221
Message: wlmail (216) WindowsLiveMail0: Fin de la sauvegarde du fichier C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Mail\Mail.MSMessageStore.
Record Number: 16055
Source Name: ESENT
Time Written: 20081204000701.000000-300
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------

re bonjour chrifleur
merci pour ce que tu fais pour moi virus urgent s'il vous plait Vive15

Télécharge Toolbar-S&D d'Eric71, AngelDark, Sham_Rock et XmichouX sur ton Bureau,
Double-clique sur Toolbar-S&D afin de lancer l'installation, un raccourci sera ajouté sur le Bureau.
Double-clique dessus pour démarrer l'outil; choisis la langue.
Sous Vista, faire un clic droit et "Exécuter en tant qu'administrateur" (Elévation des privilèges), puis -> Continuer.
Tape 1 puis sur la touche [Entrée] afin de lancer la recherche.
Patiente jusqu'à la fin de la recherche.
À la fin du scan, le rapport s'ouvrira dans le Bloc-notes.
Poste ce rapport, par copier/coller, dans ta prochaine réponse.
Le rapport se trouve également sous : C:\TB.txt

Aide en image : http://toolbarsd.googlepages.com/aideenimages
Nettoyage :

Désactive ton antivirus, ton antipsyware résidant (spybot par exemple) durant la phase de nettoyage. Voir ici.
Double clique sur le raccourci de Toolbar-S&D présent sur ton bureau. Sous Vista : clic droit -> Exécuter en tant qu'administrateur.
Au menu principal, choisis l'option 2 et valide par la touche [Entrée].

/!\ Ne ferme pas la fenêtre lors de la suppression /!\

Un rapport sera généré. Poste ce rapport avec un nouveau rapport Hijackthis.

Note : Pour les utilisateurs de Vista, ToolBar-SD se charge de désactiver le "Contrôle des comptes utilisateurs" (UAC), il va redémarrer l'ordinateur et réactiver l'UAC.
poste un rapport hijack this

bonjour grifleur
j'ai oublier de mettre les cles usb es-ce que il faut que je recommence merci????

-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 2200+ )
BIOS : Default System BIOS
USER : user ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 090125-0] 4.8.1296 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:26 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)
J:\ (USB)
K:\ (Local Disk) - NTFS - Total:111 Go (Free:59 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 2009-01-25|11:10 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-French.ini
C:\DOCUME~1\user\Favoris\Kazaa Lite K++.url
C:\WINDOWS\iun6002.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.google.ca/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com"

--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\user\Favoris\telechargement\Nero 7.5 with keygen - Torrent Reactor NET.url

1 - "C:\ToolBar SD\TB_1.txt" - 2009-01-25|11:11 - Option : [1]
-----------\\ Fin du rapport a 11:11:59,59

re
mon hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:54, on 2009-01-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\AGI\common\win32\PythonService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\user\Mes documents\hijackthis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-03081ad63bc5eab2.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_0_32.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
--
End of file - 8587 bytes

Oui stp recommence le nettoyage avec les clés USB branchées et poste moi le rapport avec un nouveau rapport hijack this
virus urgent s'il vous plait Nature02

re bonjour crifleur

ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 2200+ )
BIOS : Default System BIOS
USER : user ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 090125-0] 4.8.1296 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:26 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB) - FAT - Total:489 Mo (Free:0 Go)
H:\ (USB)
I:\ (CD or DVD)
J:\ (USB)
K:\ (Local Disk) - NTFS - Total:111 Go (Free:59 Go)
L:\ (USB) - FAT - Total:961 Mo (Free:0 Go)
M:\ (USB) - FAT - Total:489 Mo (Free:0 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 2009-01-25|11:50 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-French.ini
C:\DOCUME~1\user\Favoris\Kazaa Lite K++.url
C:\WINDOWS\iun6002.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.google.ca/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com"

--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\user\Favoris\telechargement\Nero 7.5 with keygen - Torrent Reactor NET.url

1 - "C:\ToolBar SD\TB_1.txt" - 2009-01-25|11:11 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 2009-01-25|11:51 - Option : [1]
-----------\\ Fin du rapport a 11:51:05,81

re hijackthis merci de ta patience

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:05, on 2009-01-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\AGI\common\win32\PythonService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\user\Mes documents\hijackthis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-03081ad63bc5eab2.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_0_32.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
--
End of file - 8537 bytes

relance toolbar s&d option 2 nettoyage et poste le rapport
virus urgent s'il vous plait Nature02

re bonjour voila le rapport

-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 2200+ )
BIOS : Default System BIOS
USER : user ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 090125-0] 4.8.1296 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:26 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB) - FAT - Total:489 Mo (Free:0 Go)
H:\ (USB)
I:\ (CD or DVD)
J:\ (USB)
K:\ (Local Disk) - NTFS - Total:111 Go (Free:59 Go)
L:\ (USB) - FAT - Total:961 Mo (Free:0 Go)
M:\ (USB) - FAT - Total:489 Mo (Free:0 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 2009-01-25|12:01 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\GamesBar\Localization-French.ini
Supprime! - C:\DOCUME~1\user\Favoris\Kazaa Lite K++.url
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\Program Files\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.google.ca/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"

--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\user\Favoris\telechargement\Nero 7.5 with keygen - Torrent Reactor NET.url

1 - "C:\ToolBar SD\TB_1.txt" - 2009-01-25|11:11 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 2009-01-25|11:51 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 2009-01-25|12:02 - Option : [2]
-----------\\ Fin du rapport a 12:02:32,07

» VIRUS sur mon pc!!!
» virus sur msn
» nouveau virus
» problemes de virus
» virus?