isearch.desktopsearch sur mon ordi

Bonjour,

Il y avait un petit moment que tu n'avais pas eu de probleme  

La procédure est longue et en partie en mode sans échec. Attention, tu n'as pas accès à Internet dans ce mode, enregistre cette page Web (clique sur fichier/enregistrer sous/choisis « Bureau ») ou imprime ce que tu as à faire.

1/ Télécharge la version d'évaluation d'AVG Anti-Spyware 7.5

Installe-le sur ton bureau

- Démarre AVG Anti-Spyware 7.5 avec l'icône qui se trouve sur ton Bureau.
Clique sur Mise à jour.
Sous Mise à jour manuelle clique sur Commencer la mise à jour et attend la fin de cette mise à jour puis ferme le programme.

2/ Télécharge Ccleaner

Installe le dans un répertoire dédié (attention à l'installation pense à décocher l'installation de Yahoo toolbar).

3/ Redémarre en mode Sans Échec
(au démarrage, tapote immédiatement la touche F8), puis tu verras un écran avec choix de démarrages :
choisis Mode sans échec avec les flèches du clavier, puis valide avec Entrée.
Choisis ton compte usuel (et non Administrateur).

Si tu n’arrives vraiment pas à redémarrer en mode sans échec je te propose ce lien :

Redémarrer en mode sans échec

4/ Lance Ccleaner

Puis clique sur le bouton « Analyse » ensuite bouton « Lancer le Nettoyage ». Ensuite fait de même sur le bouton « Erreurs » puis « chercher des erreurs » et « réparer les erreurs sélectionnées ».

5/ Lance AVG Anti-Spyware 7.5 et clique sur Analyse et ensuite clique sur Analyse complète du système.
A la fin du scan il affichera une liste des fichiers détectés.
Clique sur le bouton Appliquer toutes les actions.
Clique sur Enregistrer le rapport, puis Enregistrer le rapport sous, je te conseille de le mettre sur ton bureau.

6/ Redémarre en mode normal.
Poste le rapport AVG Anti-Spyware 7.5 dans ta prochaine réponse et poste un nouveau rapport HijackThis.

Bonjour Bob,

Merci pour ton aide. Cependant, je ne peux pas utiliser AVG anti-spyware, car il se bloque toujours au début du scan, sur la mémoire...

Que puis-je utiliser d'autre.

J'ai fait toute la partie ccleaner mais comme je le redoutai, AVG s'est encore planté sur la mémoire, et donc impossible d'aller plus loin.
J'ai fait une analyse du registre seul et voici ce qu'il a trouvé:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 12:11:11 13/12/2006

+ Résultat de l'analyse:



HKU\S-1-5-21-57989841-1078145449-854245398-1013\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport


Voici mon nouveau hijack:

Logfile of HijackThis v1.99.1
Scan saved at 12:22:54, on 13/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\SYSTEM32\DNTUS26.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Compaq\EAB\EABSERVR.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MS_update_0610_KB72306.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\florence\Bureau\ordi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\Compaq\EAB\EABSERVR.EXE" /Start
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [vptray] "C:\Program Files\NavNT\vptray.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] "C:\WINDOWS\system32\LXSUPMON.EXE" RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: MS_update_0610_KB72306.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0075546E-5D3D-11D2-A3E5-0060971304D8} (WTX_Installer Class) - http://www.webtrends.com/Download/Browser/Plugins/WordU...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lepouliguen2005.spaces.msn.com//PhotoUpload/MsnP...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://camera1.mairie-brest.fr/activex/AxisCamControl.c...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zyloml...
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp12.photoprintit.de/microsite/1156/defaults/ac...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AD8D127-082A-4B0C-90EC-AEA45589D5D7}: NameServer = 84.103.237.145 86.64.145.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: IEFilter - {22117A33-5FE1-4D63-818A-D302AFE29584} - (no file)
O23 - Service: Apache - Unknown owner - C:\site\easyphp\Apache\apache.exe" --ntservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DNTUS26.EXE
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:\site\easyphp\MySql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe

Merci pour votre aide

Coucou,

quelqu'un peut-il me donner un petit coup de main svp

Merci beaucoup

Télécharge SpySweeper (de Webroot, version d'essai de 14 jours) :

-Clique sur "Télécharger la version test".
-Installe le programme en choississant "installation standard".
-Accepte le redémarrage
-L'option de le mettre à jour s'affichera, acceptes la mise à jour
-Lorsque les mises à jour seront installées, dans colonne de gauche clique sur l'onglet Options puis analyse.
-Sous Eléments à analyser et Autres options coche toutes les cases.
-Ferme SpySweeper

La suite étant faite en mode sans échec, imprime ou copie/colle dans un fichier texte les instructions suivantes

Redémarre en mode sans échec : au redémarrage, tapotes immédiatement la touche F8, tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

Si tu n’arrives vraiment pas à redémarrer en mode sans échec je te propose ce lien :

Redémarrer en mode sans échec

Démarre SpySweeper
-Clique Analyser sur la gauche puis sur Démarrer l'analyse.
-Quand le scan est terminé, clique sur Suivant.
-Assure-toi que tous les éléments trouvés sont tous cochés, puis clic sur Suivant.
-Tous les éléments cochés seront alors mis en quarantaine.
-Dans "Récapitulatif", sélectionne en bas Afficher le journal de session puis Enregistrer dans un fichier afin de sauvegarder le rapport.

Redémarre normalement

Désinstalle SpySweeper à partir de ajout/suppression de programme sauf si tu veux continuer l'évaluation pendant 15 jours.

Copie/colle le rapport de SpySweeper ici

bonjour à tous,

Impossible d'utiliser spysweeper car j'ai déjà fait ma période d'essai... Même en changeant l'adresse e-mail, il me demande de l'acheter maintenant...
Y a t-il une autre possibilité?

Merci pour votre aide

Bonjour à tous,

Je me permet de faire un re, si quelqu'un a une idée.
Merci pour votre aide

Bonjour,

Telecharge Spyware Terminator

http://www.spywareterminator.com/

Installe le dans son répertoire.

Regarde le Tutorial d’utilisation avant de t’en servir (merci à Malekal) :

http://www.malekal.com/tutorial_SpywareTerminator.html

Bonjour à tous,

Me revoici après un petit w-e.
J'ai bien fait ce que tu m'as dit Bob, voici le rapport de spyware terminator:


Spyware Terminator Version: 1.7.0.899
Start time: 16/12/2006 09:00:14
System: Windows XP
User: Limited

Processes Scan
C:\WINDOWS\SYSTEM32\WINLOGON.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\SYNCOR11.DLL [SoundMAX],
C:\WINDOWS\SYSTEM32\SERVICES.EXE [Microsoft Corporation] SYNCOR11.DLL,
C:\WINDOWS\SYSTEM32\LSASS.EXE [Microsoft Corporation] SYNCOR11.DLL,
C:\WINDOWS\SYSTEM32\SVCHOST.EXE [Microsoft Corporation] SYNCOR11.DLL, SYNCOR11.DLL, SYNCOR11.DLL,
C:\WINDOWS\EXPLORER.EXE [Microsoft Corporation] SYNCOR11.DLL,
C:\PROGRAM FILES\SUNBELT SOFTWARE\COUNTERSPY\CONSUMER\SUNTHREATENGINE.EXE [Sunbelt Software] C:\WINDOWS\SYSTEM32\XCEEDZIP.DLL [Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com], C:\WINDOWS\SYSTEM32\MD5.DLL [Traction Software],
C:\PROGRAM FILES\SUNBELT SOFTWARE\COUNTERSPY\CONSUMER\SUNPROTECTIONSERVER.EXE [Sunbelt Software] MD5.DLL,
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATOR.EXE [Crawler.com] SYNCOR11.DLL,
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE [Crawler.com]

Startup Scan

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"ctfmon.exe" = "C:\WINDOWS\SYSTEM32\CTFMON.EXE" [ Microsoft Corporation ]
"swg" = "C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\1.2.908.5008\GOOGLETOOLBARNOTIFIER.EXE" [ Google Inc. ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"eabconfg.cpl" = "C:\PROGRAM FILES\COMPAQ\EAB\EABSERVR.EXE" [ Compaq ]
"SynTPLpr" = "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE" [ Synaptics, Inc. ]
"SynTPEnh" = "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE" [ Synaptics, Inc. ]
"ATIPTA" = "C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE" [ ATI Technologies, Inc. ]
"vptray" = "C:\PROGRAM FILES\NAVNT\VPTRAY.EXE" [ Symantec Corporation ]
"PrinTray" = "C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\PRINTRAY.EXE" [ Lexmark ]
"LXSUPMON" = "C:\WINDOWS\SYSTEM32\LXSUPMON.EXE" [ Lexmark ]
"SunJavaUpdateSched" = "C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\JUSCHED.EXE" [ Sun Microsystems, Inc. ]
"TkBellExe" = "C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE" [ RealNetworks, Inc. ]
"SunServer" = "C:\PROGRAM FILES\SUNBELT SOFTWARE\COUNTERSPY\CONSUMER\SUNSERVER.EXE" [ Sunbelt Software ]
"SpywareTerminator" = "C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE" [ Crawler.com ]

Toolbars Scan
&Google {2318C2B1-4965-11d4-9B18-009027A5CD4F} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]

BHO Scan
SSVHelper Class {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\SSV.DLL [Sun Microsystems, Inc.]
Google Toolbar Helper {AA58ED58-01DD-4d91-8333-CF10577473F7} C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL [Google Inc.]
Web Browser Applet Control {08B0E5C0-4FCB-11CF-AAA5-00401C608501} C:\WINDOWS\SYSTEM32\MSJAVA.DLL [Microsoft Corporation]
{FB5F1910-F110-11d2-BB9E-00C04F795683} [file not found]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} = Extension Affichage Panorama du Panneau de configuration (deskpan.dll) [file not found]
{764BF0E1-F219-11ce-972D-00AA00A14F56} = Extensions de l'environnement de compression de fichiers () [file not found]
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} = Menu contextuel de cryptage () [file not found]
{88895560-9AA2-1069-930E-00AA0030EBC8} = Extension icône HyperTerminal (C:\WINDOWS\SYSTEM32\HTICONS.DLL) [Hilgraeve, Inc.]
{0DF44EAA-FF21-4412-828E-260A8728E7F1} = Barre des tâches et menu Démarrer () [file not found]
{87D62D94-71B3-4b9a-9489-5FE6850DC73E} = Avi Properties Handler () [file not found]
{32683183-48a0-441b-a342-7c2a440a9478} = Media Band () [file not found]
{7A9D77BD-5403-11d2-8785-2E0420524153} = Comptes d'utilisateurs () [file not found]
{692E33B0-AF9D-11D0-B976-00A0C9190447} = Remote Storage Properties (C:\WINDOWS\SYSTEM32\RSSHELL.DLL) [Microsoft Corporation]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension (C:\PROGRAM FILES\WINRAR\RAREXT.DLL) [Empty]
{E46E18A6-806B-4F4B-A893-C9F951ED2FFD} = AdBackup () [file not found]
{BDA77241-42F6-11d0-85E2-00AA001FE28C} = LDVP Shell Extensions (C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\SSC\VPSHELL2.DLL) [Symantec Corporation]
{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL) [Microsoft Corporation]
{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL) [Microsoft Corporation]
{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler (C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL) [Microsoft Corporation]
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} (C:\PROGRAM FILES\MICROSOFT OFFICE\VISIO11\VISSHE.DLL) [Empty]
{D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} (C:\PROGRAM FILES\MICROSOFT OFFICE\VISIO11\VISSHE.DLL) [Empty]
{2F603045-309F-11CF-9774-0020AFD0CFF6} = Synaptics Control Panel (C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPCPL.DLL) [Synaptics, Inc.]
{640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices (C:\WINDOWS\SYSTEM32\AUDIODEV.DLL) [Microsoft Corporation]
{cc86590a-b60a-48e6-996b-41d25ed39a1e} = Portable Media Devices Menu (C:\WINDOWS\SYSTEM32\AUDIODEV.DLL) [Microsoft Corporation]
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} = Autoplay for SlideShow (C:\WINDOWS\SYSTEM32\SHIMGVW.DLL) [Microsoft Corporation]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player (C:\PROGRAM FILES\REAL\REALPLAYER\RPSHELL.DLL) [RealNetworks, Inc.]
{21569614-B795-46b1-85F4-E737A8DC09AD} = Shell Search Band (C:\WINDOWS\SYSTEM32\BROWSEUI.DLL) [Microsoft Corporation]
{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} = Messenger Sharing Folders (C:\PROGRAM FILES\MSN MESSENGER\FSSHEXT.8.0.0792.00.DLL) [Microsoft Corporation]
{7C9D5882-CB4A-4090-96C8-430BFE8B795B} = Webroot Spy Sweeper Context Menu Integration (C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll) [file not found]
{BD88A479-9623-4897-8546-BC62B9628F44} = SPTHandler (C:\PROGRAM FILES\SPYWARE TERMINATOR\SPTCONTMENU.DLL) [Crawler.com]

Winlogon Notify Scan
WRNotifier = WRLogonNTF.dll (WRLogonNTF.dll) [file not found]

Services Scan
"aaudstum" = C:\DOCUME~1\remi\LOCALS~1\Temp\aaudstum.sys [file not found]
"aeaudio" = C:\WINDOWS\SYSTEM32\DRIVERS\AEAUDIO.SYS [Andrea Electronics Corporation]
"AIRPLUS" = System32\DRIVERS\AIRPLUS.sys [file not found]
"aliadwdm" = C:\WINDOWS\SYSTEM32\DRIVERS\AC97ALI.SYS [Acer Laboratories Inc.]
"AliIde" = C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS [Acer Laboratories Inc.]
"Apache" = C:\SITE\EASYPHP\APACHE\APACHE.EXE [file not found]
"Ati HotKey Poller" = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE [Empty]
"ati2mtag" = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS [ATI Technologies Inc.]
"ATITool" = C:\PROGRAM FILES\ATITOOL\ATITOOL.SYS [Empty]
"ATIXPGAA" = C:\Program Files\Plutonium XP 8.1\Utila\ATIXPGAA.SYS [file not found]
"AVG Anti-Spyware Driver" = C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.SYS [Empty]
"AVG Anti-Spyware Guard" = C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.EXE [Anti-Malware Development a.s.]
"AvgAsCln" = C:\WINDOWS\SYSTEM32\DRIVERS\AVGASCLN.SYS [GRISOFT, s.r.o.]
"basic2" = C:\WINDOWS\SYSTEM32\DRIVERS\BASIC2.SYS [Conexant Systems]
"BTDriver" = System32\DRIVERS\btport.sys [file not found]
"BTWDNDIS" = System32\DRIVERS\btwdndis.sys [file not found]
"BTWUSB" = System32\Drivers\btwusb.sys [file not found]
"caboagp" = C:\WINDOWS\SYSTEM32\DRIVERS\ATISGKAF.SYS [ATI Technologies Inc.]
"Chkstate" = C:\WINDOWS\SYSTEM32\DRIVERS\CHKSTATE.SYS [AMD]
"ClntMgmt.sys" = C:\WINDOWS\system32\Drivers\ClntMgmt.sys [file not found]
"cpqdfw" = C:\WINDOWS\SYSTEM32\DRIVERS\CPQDFW.SYS [Empty]
"DefWatch" = C:\PROGRAM FILES\NAVNT\DEFWATCH.EXE [Symantec Corporation]
"dmboot" = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS [Microsoft Corp., Veritas Software]
"dmio" = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS [Microsoft Corp., Veritas Software]
"DNTUS26" = C:\WINDOWS\SYSTEM32\DNTUS26.EXE [DameWare Development LLC]
"DWMRCS" = C:\WINDOWS\SYSTEM32\DWRCS.EXE [DameWare Development LLC]
"EABFiltr" = C:\WINDOWS\SYSTEM32\DRIVERS\EABFILTR.SYS [Compaq Computer Corp.]
"eabusb" = C:\WINDOWS\SYSTEM32\DRIVERS\EABUSB.SYS [Compaq Computer Corp.]
"Fallback" = C:\WINDOWS\SYSTEM32\DRIVERS\FALLBACK.SYS [Conexant Systems]
"Fsks" = C:\WINDOWS\SYSTEM32\DRIVERS\FSKSNT.SYS [Conexant Systems]
"hsf_msft" = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_MSFT.SYS [Conexant]
"hwinfo" = C:\Documents and Settings\remi\Bureau\cpuz.sys [file not found]
"ibeadr" = System32\Drivers\ibeadr.sys [file not found]
"K56" = C:\WINDOWS\SYSTEM32\DRIVERS\K56NT.SYS [Conexant Systems]
"LexBceS" = C:\WINDOWS\SYSTEM32\LEXBCES.EXE [Lexmark International, Inc.]
"Macromedia Licensing Service" = C:\PROGRAM FILES\FICHIERS COMMUNS\MACROMEDIA SHARED\SERVICE\MACROMEDIA LICENSING.EXE [Empty]
"mdmxsdk" = C:\WINDOWS\SYSTEM32\DRIVERS\MDMXSDK.SYS [Conexant]
"MySql" = C:\site\easyphp\MySql\bin\mysqld-nt.exe [file not found]
"NAVAP" = C:\PROGRAM FILES\NAVNT\NAVAP.SYS [Empty]
"NAVAPEL" = C:\PROGRAM FILES\NAVNT\NAVAPEL.SYS [Empty]
"NAVENG" = C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20061213.022\NAVENG.SYS [Symantec Corporation]
"NAVEX15" = C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20061213.022\NAVEX15.SYS [Symantec Corporation]
"Norton AntiVirus Server" = C:\PROGRAM FILES\NAVNT\RTVSCAN.EXE [Symantec Corporation]
"NRKCTL32" = C:\Documents and Settings\remi\Bureau\NRKCTL32.SYS [file not found]
"PalmUSBD" = system32\drivers\PalmUSBD.sys [file not found]
"Pcouffin" = System32\Drivers\Pcouffin.sys [file not found]
"pfc" = C:\WINDOWS\SYSTEM32\DRIVERS\PFC.SYS [Padus, Inc.]
"Ptilink" = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS [Parallel Technologies, Inc.]
"PxHelp20" = C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS [Sonic Solutions]
"Rksample" = C:\WINDOWS\SYSTEM32\DRIVERS\RKSAMPLE.SYS [Conexant Systems]
"rtl8139" = C:\WINDOWS\SYSTEM32\DRIVERS\R8139N51.SYS [Realtek Semiconductor Corporation]
"rtl8180" = C:\WINDOWS\SYSTEM32\DRIVERS\RTL8180.SYS [Realtek Semiconductor Corporation]
"Secdrv" = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS [Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.]
"smwdm" = C:\WINDOWS\SYSTEM32\DRIVERS\SMWDM.SYS [Analog Devices, Inc.]
"SoftFax" = C:\WINDOWS\SYSTEM32\DRIVERS\FAXNT.SYS [Conexant Systems]
"SONYPVU1" = C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS [Sony Corporation]
"sp_rsdrv2" = C:\WINDOWS\SYSTEM32\DRIVERS\SP_RSDRV2.SYS [Empty]
"sp_rssrv" = C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE [Crawler.com]
"StMp3Rec" = C:\WINDOWS\SYSTEM32\DRIVERS\STMP3REC.SYS [EXATELECOM Co., Ltd.]
"SymEvent" = C:\PROGRAM FILES\SYMANTEC\SYMEVENT.SYS [Symantec Corporation]
"SynTP" = C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS [Synaptics, Inc.]
"TDIMSYS" = C:\WINDOWS\system32\drivers\TDIMSYS.SYS [file not found]
"TOKENMON" = C:\WINDOWS\SYSTEM32\DRIVERS\TOKENM.SYS [Empty]
"Tones" = C:\WINDOWS\SYSTEM32\DRIVERS\TONESNT.SYS [Conexant Systems]
"V124" = C:\WINDOWS\SYSTEM32\DRIVERS\V124NT.SYS [Conexant Systems]
"winachsf" = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.SYS [Conexant Systems]

Protocol Filters Scan
Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} (C:\WINDOWS\SYSTEM32\URLMON.DLL) [Microsoft Corporation]
text/xml = {807553E5-5146-11D5-A672-00B0D022E945} (C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSOXMLMF.DLL) [Microsoft Corporation]

Hosts Scan
LOCALHOST mapping = 2

IE Scan
IERESET.INF missing Signature="$CHICAGO$"
IERESET.INF missing AdvancedINF=2.5,"You need a new version of advpack.dll"
IERESET.INF missing AddReg=RestoreHomePage.reg
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Start Page",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Page_URL",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Search_URL",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","1",0,"www.%s.com"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","2",0,"www.%s.org"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","3",0,"www.%s.net"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","4",0,"www.%s.edu"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\SearchUrl","Provider",0,""
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","SearchAssistant",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","CustomizeSearch",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites",%SAFESITE_VALUE%,0,"http://ie.search.msn.com/*"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","5"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","6"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","7"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","8"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","9"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","AutoSearch"
IERESET.INF missing SEARCH_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
IERESET.INF missing AddReg=RestoreBrowserSettings.reg
IERESET.INF missing DelReg=DeleteTemplates.reg or DelReg=DeleteTemplates.reg, DeleteAutosearch.reg
IERESET.INF missing START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..." or START_PAGE_URL="http://www.msn.com"
IERESET.INF missing SAFESITE_VALUE="http://home.microsoft.com/" or SAFESITE_VALUE="ie.search.msn.com"
IERESET.INF missing MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..." or MS_START_PAGE_URL="http://www.msn.com"

Voici le scan progress:


Scan Progress (Full Scan)
Start time: 16/12/2006 09:00:14
Database: 1.0.534.280

Processes Scanning
Shdocvw : C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
Startup Scanning
Ctfmon : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ctfmon.exe
Ctfmon : C:\WINDOWS\SYSTEM32\CTFMON.EXE
swg : C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\1.2.908.5008\GOOGLETOOLBARNOTIFIER.EXE
eabconfg.cpl : C:\PROGRAM FILES\COMPAQ\EAB\EABSERVR.EXE
SynTPLpr : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SynTPLpr
SynTPLpr : C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
SynTPLpr : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SynTPEnh
SynTPLpr : C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
ATIPTA : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ATIPTA
ATIPTA : C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE
SymantecAntivirus : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run vptray
SymantecAntivirus : C:\PROGRAM FILES\NAVNT\VPTRAY.EXE
PrinTray : C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\PRINTRAY.EXE
LXSUPMON : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LXSUPMON
LXSUPMON : C:\WINDOWS\SYSTEM32\LXSUPMON.EXE
SunJavaUpdateSched : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SunJavaUpdateSched
SunJavaUpdateSched : C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\JUSCHED.EXE
RealSched : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run TkBellExe
RealSched : C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE
SunServer : C:\PROGRAM FILES\SUNBELT SOFTWARE\COUNTERSPY\CONSUMER\SUNSERVER.EXE
Spyware Terminator : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SpywareTerminator
Spyware Terminator : C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
Explorer : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Shell
Explorer : C:\WINDOWS\EXPLORER.EXE
Toolbars Scanning
Google Toolbar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {2318C2B1-4965-11d4-9B18-009027A5CD4F}
Google Toolbar : C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
Shdocvw : HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
Shdocvw : C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
Shdocvw : explorer.exe PID: 708
Shdocvw : SpywareTerminator.exe PID: 864
Shdocvw : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}
Browser Helper Objects Scanning
SSJava : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
SSJava : C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\SSV.DLL
Google Toolbar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
IE Explorer Bars
IE Extensions
Services Scanning
Protocol filters Scanning
Protocol handlers Scanning
WinSock2 Scanning
Uninstallers Scanning
C:\WINDOWS\ISUN040C.EXE
C:\GAMES\AOM\UNINSTAL.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\UNINSTALLALL\ATICIMUN.EXE
C:\Program Files\AMD PowerNow! Dashboard\UNWISE.EXE
C:\WINDOWS\SYSTEM32\ATIIIEXX.DLL
C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\UNINSTALL.EXE
C:\SIERRA\CAESAR3\UNWISE.EXE
C:\PROGRAM FILES\CCLEANER\UNINST.EXE
C:\PROGRAM FILES\FILEZILLA CLIENT\UNINSTALL.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\GTK\2.0\UNINST.EXE
C:\DOCUMENTS AND SETTINGS\FLORENCE\BUREAU\ORDI\HIJACKTHIS.EXE
C:\PROGRAM FILES\SMART PROJECTS\ISOBUSTER\UNINST\UNINS000.EXE
C:\PROGRAM FILES\JAVA WEB START\UNINST-JAVAWS.EXE
C:\WINDOWS\$NTUNINSTALLKB834707$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB867282$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\MUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB873333$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB873339$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB883939$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB885250$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB885835$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB885836$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB885884$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB886185$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB887472$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB887742$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB888113$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB888302$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB890046$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB890047$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB890175$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB890859$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB890923$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB891781$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB893066$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB893086$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB893756$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$MSI31UNINSTALL_KB893803$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$MSI31UNINSTALL_KB893803V2$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB894391$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB896358$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB896422$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB896423$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB896424$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB896428$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB896688$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB896727$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB898461$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB899587$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB899588$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB899589$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB899591$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB900485$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB900725$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB901017$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB901214$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB902400$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB904706$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB905414$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB905749$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB905915$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB908519$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB908531$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB910437$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB911280$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB911562$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB911564$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB911565$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB911567$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB911927$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB912812$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB912919$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB913446$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB913580$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB914388$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB914389$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB916281$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB916595$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB917159$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB917344$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB917422$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB917734_WMP10$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB917953$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB918439$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB918899$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB919007$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB920213$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB920214$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB920670$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB920683$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB920685$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB921398$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB921883$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB922616$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB922760$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB922819$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB923191$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB923414$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB923980$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB924191$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB924270$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB924496$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\$NTUNINSTALLKB925486$\SPUNINST\SPUNINST.EXE
C:\WINDOWS\INF\LHTTSFRF.INF
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\LSETUP.EXE
C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
C:\PROGRAM FILES\MON LIVRE PHOTO BY CEWE\UNINS000.EXE
C:\WINDOWS\UNINSTALLFIREFOX.EXE
C:\WINDOWS\UNINSTALLTHUNDERBIRD.EXE
C:\WINDOWS\SYSTEM32\UNWISE.EXE
C:\WINDOWS\system32\SETUPAPI.DLL
C:\PROGRAM FILES\PDFCREATOR\UNINS000.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\R1PUNINST.EXE
C:\PROGRAM FILES\RESTORATION\UNINSTALL.EXE
C:\PROGRAM FILES\GAMES\RISK II\UNINSTALL.EXE
C:\PROGRAM FILES\RISKII\UNINSTALL.EXE
C:\WINDOWS\system32\Macromed\Shockwave 8\UNWISE.EXE
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\UNINSTFL.EXE
C:\PROGRAM FILES\SPYWARE TERMINATOR\UNINS000.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNISDLL.DLL
C:\PROGRAM FILES\2K SPORTS\TORINO WINTER OLYMPICS\UNINSTALL.EXE
C:\WINDOWS\SYSTEM32\MSHTA.EXE
C:\PROGRAM FILES\SIERRA ON-LINE\SUTIL32.EXE
C:\WINDOWS\PSUNINST2.EXE
C:\PROGRAM FILES\WINAMP\UNINSTWA.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMSETSDK.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\SETUP_WM.EXE
C:\WINDOWS\$NTSERVICEPACKUNINSTALL$\SPUNINST\SPUNINST.EXE
C:\PROGRAM FILES\WINRAR\UNINSTALL.EXE
C:\PROGRAM FILES\XVID\UNINSTXVID.EXE
C:\WINDOWS\system32\MSIEXEC.EXE
C:\Program Files\Fichiers communs\InstallShield\engine\6\Intel 32\ctor.dll
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
Google Toolbar : C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
Google Toolbar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
C:\PROGRAM FILES\DIVX\DIVX PLAYER 2.1\DIVXPLAYERUNINSTALL.EXE
C:\PROGRAM FILES\INSTALLSHIELD INSTALLATION INFORMATION\{C1939820-A945-11D4-86F6-0001031E5712}\SETUP.EXE
Start Menu Scanning
RealTray : C:\Documents and Settings\florence\Menu Démarrer\Programmes\Accessoires\Divertissement\RealPlayer.lnk
Explorer : C:\Documents and Settings\florence\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk
SynchronizationManager : C:\Documents and Settings\florence\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk
Ccleaner : C:\Documents and Settings\florence\Menu Démarrer\Programmes\CCleaner\CCleaner.lnk
Explorer : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Connexions réseau.lnk
Explorer : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk
Explorer : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Outils système\Tâches planifiées.lnk
SynchronizationManager : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk
LXSUPMON : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Contrôleur de fournitures Lexmark\Contrôleur de fournitures Lexmark.lnk
RealTray : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Real\RealPlayer\RealPlayer.lnk
RealTray : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Real\RealPlayer\Vérifier les mises à jour RealPlayer.lnk
RealTray : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RealPlayer.lnk
Spyware Terminator : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spyware Terminator\Spyware Terminator.lnk
MessengerService : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk
Desktop Scanning
Ccleaner : C:\Documents and Settings\florence\Bureau\CCleaner.lnk
Favorites Scanning
Cookies Scanning
Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@ads.pointroll[2].txt
Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@atdmt[2].txt
Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@doubleclick[1].txt
Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@ebay[1].txt
Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@ebay[3].txt
Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@hitbox[2].txt
Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@mediaplex[2].txt
Affiliate tracking cookie : C:\Documents and Settings\florence\cookies\florence@serving-sys[1].txt
Registry Scanning
Google Toolbar : HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Google Toolbar : C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
Google Toolbar : HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
RXToolbar : HKCR\Interface\{ac368f5f-6670-4dde-a1a8-b9c064ea0402}
YahooToolbar : HKCR\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
YahooToolbar : HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}
MSDXM : HKCR\CLSID\{8E718888-423F-11D2-876E-00A0C9082467}
MSDXM : C:\WINDOWS\SYSTEM32\MSDXM.OCX
SSJava : HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
SSJava : C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\SSV.DLL
Files Scanning
Spyware Terminator : C:\Program Files\Spyware Terminator\Spywareterminatorshield.exe
Spyware Terminator : C:\Program Files\Spyware Terminator\Spywareterminator.exe
Spyware Terminator : C:\Program Files\Spyware Terminator\sptcontmenu.dll
WinampAgent : C:\Program Files\Winamp\winampa.exe
SoundMan : C:\Program Files\analog devices\soundmax\smtray.exe
MessengerService : C:\Program Files\MSN Messenger\msnmsgr.exe
MessengerService : C:\Program Files\Messenger\msmsgs.exe
ATIModeChange : C:\WINDOWS\system32\Ati2mdxx.exe
Ctfmon : C:\WINDOWS\system32\ctfmon.exe
ATIPTA : C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
SynTPLpr : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPLpr : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
SymantecAntivirus : C:\Program Files\NavNT\vptray.exe
SunJavaUpdateSched : C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
SunJavaUpdateSched : C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
MSConfig : C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
SynchronizationManager : C:\WINDOWS\system32\mobsync.exe
RealTray : C:\Program Files\Real\RealPlayer\RealPlay.exe
MSDXM : C:\WINDOWS\system32\msdxm.ocx
RealSched : C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
StillImageMonitor : C:\WINDOWS\system32\STIMON.EXE
GrpConv : C:\WINDOWS\system32\grpconv.exe
Trojan/Abwiz : C:\WINDOWS\system32\zlbw.dll
Wextract : C:\WINDOWS\system32\advpack.dll
KernelFaultCheck : C:\WINDOWS\system32\dumprep.exe
Explorer : C:\WINDOWS\explorer.exe
PowerProfile : C:\WINDOWS\system32\powrprof.dll
BluetoothControlPanel : C:\WINDOWS\system32\bthprops.cpl
SSJava : C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
SSJava : C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
Shdocvw : C:\WINDOWS\system32\shdocvw.dll
PHIME2002ASync : C:\WINDOWS\system32\dllcache\tintsetp.exe
LXSUPMON : C:\WINDOWS\system32\LXSUPMON.EXE
Ccleaner : C:\Program Files\CCleaner\ccleaner.exe
MSPY2002 : C:\WINDOWS\system32\dllcache\imscinst.exe
Trojan/Smitfraud : C:\WINDOWS\system32\sysvx.exe
Verclsid : C:\WINDOWS\system32\verclsid.exe
Systray : C:\WINDOWS\system32\systray.exe
comctl32 : C:\WINDOWS\WinSxS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\comctl32.dll
Preparing DeepFile Scan
DeepFiles Scanning
SoundMan : C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
ATIPTA : C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Ccleaner : C:\Program Files\CCleaner\ccleaner.exe
RealSched : C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
Google Toolbar : C:\Program Files\Google\GoogleToolbar1.dll
SunJavaUpdateSched : C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
SSJava : C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
SunJavaUpdateSched : C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
SSJava : C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
MessengerService : C:\Program Files\Messenger\msmsgs.exe
MessengerService : C:\Program Files\MSN Messenger\msnmsgr.exe
SymantecAntivirus : C:\Program Files\NavNT\vptray.exe
RealTray : C:\Program Files\Real\RealPlayer\realplay.exe
Spyware Terminator : C:\Program Files\Spyware Terminator\sptcontmenu.dll
Spyware Terminator : C:\Program Files\Spyware Terminator\SpywareTerminator.exe
Spyware Terminator : C:\Program Files\Spyware Terminator\Spywareterminatorshield.Exe
SynTPLpr : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
SynTPLpr : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
WinampAgent : C:\Program Files\Winamp\winampa.exe
Explorer : C:\WINDOWS\explorer.exe
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB824141$\user32.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB824141$\win32k.sys
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\dhcpcsvc.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\ndisuio.sys
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\netshell.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\wzcdlg.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\wzcsapi.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\wzcsvc.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB826942$\xpsp2res.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\es.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\dao360.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msexcl40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msjet40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msjetol1.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msjetoledb40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msjtes40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\mspbde40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msrepl40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\mstext40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB829558$\msxbde40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\dao360.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\shell32.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll
Unreadable Binary Files : C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx
Unreadable Binary Files : C:\WINDOWS\$NtUninstallQ828026$\wmp.dll
MSConfig : C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe
Wextract : C:\WINDOWS\system32\advpack.dll
ATIModeChange : C:\WINDOWS\system32\Ati2mdxx.exe
BluetoothControlPanel : C:\WINDOWS\system32\bthprops.cpl
Ctfmon : C:\WINDOWS\system32\ctfmon.exe
MSPY2002 : C:\WINDOWS\system32\dllcache\imscinst.exe
PHIME2002ASync : C:\WINDOWS\system32\dllcache\tintsetp.exe
KernelFaultCheck : C:\WINDOWS\system32\dumprep.exe
GrpConv : C:\WINDOWS\system32\grpconv.exe
LXSUPMON : C:\WINDOWS\system32\LXSUPMON.EXE
SynchronizationManager : C:\WINDOWS\system32\mobsync.exe
MSDXM : C:\WINDOWS\system32\msdxm.ocx
PowerProfile : C:\WINDOWS\system32\powrprof.dll
Shdocvw : C:\WINDOWS\system32\shdocvw.dll
StillImageMonitor : C:\WINDOWS\system32\stimon.exe
Trojan/Smitfraud : C:\WINDOWS\system32\sysvx.exe
Verclsid : C:\WINDOWS\system32\verclsid.exe
Trojan/Abwiz : C:\WINDOWS\system32\zlbw.dll
comctl32 : C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Done

Scan Summary:

Total Scanning Time : 4591.80 s
Objects Scanned : 69 861
Objects Identified : 160
Objects Ignored : 0

Critical Objects : 76


Et voici ce qu'il a supprimé:

Remove Process:

Preparing structures
Creating System Restore Point
Hard File Remover Disabled
Remove Trojan/Abwiz
Deleted File: C:\WINDOWS\system32\zlbw.dll
Remove Trojan/Smitfraud
Deleted File: C:\WINDOWS\system32\sysvx.exe
Remove RXToolbar
Deleted Registry : HKCR\Interface\{ac368f5f-6670-4dde-a1a8-b9c064ea0402}
Remove Affiliate tracking cookie
Deleted File: C:\Documents and Settings\florence\cookies\florence@ads.pointroll[2].txt
Deleted File: C:\Documents and Settings\florence\cookies\florence@atdmt[2].txt
Deleted File: C:\Documents and Settings\florence\cookies\florence@doubleclick[1].txt
Deleted File: C:\Documents and Settings\florence\cookies\florence@ebay[1].txt
Deleted File: C:\Documents and Settings\florence\cookies\florence@ebay[3].txt
Deleted File: C:\Documents and Settings\florence\cookies\florence@hitbox[2].txt
Deleted File: C:\Documents and Settings\florence\cookies\florence@mediaplex[2].txt
Deleted File: C:\Documents and Settings\florence\cookies\florence@serving-sys[1].txt
Remove Unreadable Binary Files
Deleted File: C:\WINDOWS\$NtUninstallKB824141$\user32.dll
Deleted File: C:\WINDOWS\$NtUninstallKB824141$\win32k.sys
Deleted File: C:\WINDOWS\$NtUninstallKB826942$\dhcpcsvc.dll
Deleted File: C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
Deleted File: C:\WINDOWS\$NtUninstallKB826942$\ndisuio.sys
Deleted File: C:\WINDOWS\$NtUninstallKB826942$\netshell.dll
Deleted File: C:\WINDOWS\$NtUninstallKB826942$\wzcdlg.dll
Deleted File: C:\WINDOWS\$NtUninstallKB826942$\wzcsapi.dll
Deleted File: C:\WINDOWS\$NtUninstallKB826942$\wzcsvc.dll
Deleted File: C:\WINDOWS\$NtUninstallKB826942$\xpsp2res.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\es.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
Deleted File: C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\dao360.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msexcl40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msjet40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msjetol1.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msjetoledb40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msjtes40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\mspbde40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msrepl40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\mstext40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB829558$\msxbde40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
Deleted File: C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll
Deleted File: C:\WINDOWS\$NtUninstallKB837001$\dao360.dll
Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll
Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll
Deleted File: C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll
Deleted File: C:\WINDOWS\$NtUninstallKB839645$\shell32.dll
Deleted File: C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll
Deleted File: C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
Deleted File: C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll
Deleted File: C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx
Deleted File: C:\WINDOWS\$NtUninstallQ828026$\wmp.dll
Closing System Restore Point


Malheureusement je pense qu'il reste encore quelque chose car l'ordi continue à me connecter sur internet sans que je lui demande.

Merci de votre aide

Coucou,

Quelqu'un a t-il une idée SVP.
Voici mon nouveau hijack:

Logfile of HijackThis v1.99.1
Scan saved at 21:28:48, on 18/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\SYSTEM32\DNTUS26.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Compaq\EAB\EABSERVR.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MS_update_0610_KB72306.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\florence\Bureau\ordi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\Compaq\EAB\EABSERVR.EXE" /Start
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [vptray] "C:\Program Files\NavNT\vptray.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] "C:\WINDOWS\system32\LXSUPMON.EXE" RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: MS_update_0610_KB72306.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0075546E-5D3D-11D2-A3E5-0060971304D8} (WTX_Installer Class) - http://www.webtrends.com/Download/Browser/Plugins/WordU...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lepouliguen2005.spaces.msn.com//PhotoUpload/MsnP...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://camera1.mairie-brest.fr/activex/AxisCamControl.c...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zyloml...
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp12.photoprintit.de/microsite/1156/defaults/ac...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AD8D127-082A-4B0C-90EC-AEA45589D5D7}: NameServer = 86.64.145.146 84.103.237.146
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: IEFilter - {22117A33-5FE1-4D63-818A-D302AFE29584} - (no file)
O23 - Service: Apache - Unknown owner - C:\site\easyphp\Apache\apache.exe" --ntservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DNTUS26.EXE
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:\site\easyphp\MySql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

Merci de votre aide

bonjour

personne n'aurai une ptite idée?

Mrci de votre aide

Bonjour,

1/ Télécharge SmitfraudFix de S!Ri :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

Tu le dézippes sur le Bureau.

2/ Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1

Poste le rapport.

Salut Bob,

Voici le rapport

SmitFraudFix v2.131

Rapport fait à 16:22:58.34, 19/12/2006
Executé à partir de C:\Documents and Settings\florence\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\florence


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\florence\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\florence\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Bonjour,

Un petit UP pour étudier mon dernier rapport

Merci à tous

Coucou,

Un petit coup de pouce SVP pour finir de nettoyer mon ordi. Merci de votre aide