Danquebec

Bien, merci beaucoup pour l'aide, des conseils et de ce fire-wall bien plus avancé que celui de Windows (évidemment, c'est Microsoft hein^^). Je ferai plus attention à l'avenir (surtout avec ce que j'ai lu à propos des torrents!).

Bien... Après avoir désactivé et réactivé la restauration système je fais quoi?

Désolé pour cette réponse tardive j'ai été très occupé ces derniers temps. J'ai fait ce que tu as dit. Hum, en passant, est-ce que je dois désactiver mon pare-feu windows en ayant le pare-feu COMODO activé?

Voici ce que j'ai en quarantaine. Ceux qui viennent de LimeWire c'est ceux que je scan pour m'assurer qu'il n'yait pas de problème (s'il y en a un, je l'envoie en quarantaine) dès que je télécharge. Les trojans qui s'y c'est bien ceux dont je parlais.

Bien je vais sécuriser Firefox et installer ce pare-feu que tu m'as conseillé, mais il semblerait que mon ordinateur soit encore infecté. Comme avant (j'avais oublié de t'en parler), des trojans tentent de s'infiltrer (que mon anti-virus bloque à chaque coups) et cela sans que je ne clique sur rien... Par contre pour les publicités intempestives c'est bon, elles n'apparaissent plus.

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:15:48, on 2009-03-29 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\lg_fwupdate\fwupdate.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\DNA\btdna.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\Proprietaire\Bureau\OTMoveIt3.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Proprietaire\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.otaku-attitude.net/site/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {91344780-919D-AC12-B0C5-5DE00041F565} - (no file) O2 - BHO: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe" O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161691128921 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neff...ffyLauncher.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- End of file - 10833 bytes

========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder C:\Program Files\Mozilla Firefox\components\mawxqvpuhn.dll not found. ========== COMMANDS ========== Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.9.0 log created on 03292009_165435 Ça fonctionne! Est-ce que mon ordinateur a été désinfecté?

Le rapport : FoxScan Version 1.0.6 Ecrit par Loup blanc - Zebulon.fr Scan lancé le 2009-03-29 à 16:46:04,53 Microsoft Windows XP [version 5.1.2600] Service Pack 3 Mozilla Firefox version : 3.0.5 (fr) Dossier d'installation : C:\Program Files\Mozilla Firefox Profil : default Dossier du profil : C:\Documents and Settings\Proprietaire\Application Data\mozilla\firefox\Profiles\aesdxh2q.default\ Pages de démarrage : "http://www.otaku-attitude.net/site/" ------------------------------------------------------ //////////// Modules complémentaires \\\\\\\\\\\\\ ======= Profil : default ======= La notification d'installation des modules complémentaires est activée Nom : Adblock Plus Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Nom : ColorfulTabs Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} Nom : Cooliris Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\piclens@cooliris.com Nom : CoolPreviews Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} Nom : Java Console Etat : Activé Dossier : C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Nom : Java Quick Starter Etat : Activé Dossier : C:\Program Files\Java\jre6\lib\deploy\jqs\ff Nom : Read it Later Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\isreaditlater@ideashower.com Nom : Simple Dyyno Launcher Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\NPDyyno@dyyno.com Nom : Default Etat : Activé Dossier : C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ------------------------------------------------------ //////////// Plugins de recherche \\\\\\\\\\\\\ ======= Profil : default ======= Recherche dans "prefs.js" : browser.search.defaultenginename : "Google" browser.search.defaulturl : "http://www.google.fr/search.php" browser.search.selectedEngine : "Google" keyword.URL : "http://www.google.fr/search.php?q=" --------- Moteurs de recherche trouvés ------------ + Formulaire de recherche configuré pour le moteur C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml template="http://www.amazon.fr/exec/obidos/external-search/"> C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml template="http://rover.ebay.com/rover/1/709-47295-17703-3/4"> C:\Program Files\Mozilla Firefox\searchplugins\google.xml template="http://www.google.com/search"> C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml template="http://www.dictionnaire-mediadico.com/dictionnaires.asp"> C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml template="http://fr.wikipedia.org/wiki/Special:Recherche"> C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml template="http://fr.search.yahoo.com/search"> C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml width="16" ------------------------------------------------------ //////////// DLL présentes dans C:\Program Files\Mozilla Firefox\components \\\\\\\\\\\\\ browserdirprovider.dll brwsrcmp.dll mawxqvpuhn.dll ------------------------------------------------------ //////////// Plugins configurés dans la Base de registre \\\\\\\\\\\\\ [HKEY_LOCAL_MACHINE\software\mozillaplugins\@adobe.com/FlashPlayer] "Description"="Adobe® Flash® Player 10" "Vendor"="Adobe Systems Incorporated" "Path"="C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@adobe.com/ShockwavePlayer] "Description"="Adobe Shockwave Player" "Vendor"="Adobe Systems Inc" "Path"="C:\WINDOWS\system32\Adobe\Director\np32dsw.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@Apple.com/iTunes,version=] "Description"="Module iTunes Detector" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@Apple.com/iTunes,version=1.0] "Vendor"="Apple Inc." "Path"="C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@bittorrent.com/BitTorrentDNA] "Description"="Delivery Network Acceleration by BitTorrent™" "Vendor"="BitTorrent, Inc." "Path"="C:\Program Files\DNA\plugins\npbtdna.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@divx.com/DivX Browser Plugin,version=1.0.0] "Description"="DivX® Web Player" "Vendor"="DivX,Inc." "Path"="C:\Program Files\DivX\DivX Web Player\npdivx32.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@divx.com/DivX Content Upload Plugin,version=1.0.0] "Description"="DivX® Content Upload Plugin" "Vendor"="DivX,Inc." "Path"="C:\Program Files\DivX\DivX Content Uploader\npUpload.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@dyyno.com/vlc;version=0.8.6f] "Description"="Dyyno Multimedia Plugin" "Vendor"="Dyyno" "Path"="C:\Program Files\Dyyno\Dyyno Player\npvlc.dll" [HKEY_CURRENT_USER\software\mozillaplugins\@tools.google.com/Google Update;version=7] "Description"="Google Update" "Vendor"="Google" "Path"="C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll" ------------------------------------------------------ //////////// Recherche additionnelles pour les infections Goored, YoogSearch... \\\\\\\\\\\\\ [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions] [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.5\extensions] ------------------ Fin du rapport ------------------

Mmmh... Pour les yoog-search je les avais enlevés directement avec les outils ou l'affichage je ne sais plus trop. Mais quand je vais sur wikipédia ou google il y a des "sponsored-results" qui se trouve sur le côté.

Euh... Puisque faire tout ça sans navigateur aurait été assez difficile j'ai utilisé Google Chrome à la place de Firefox. Il n'y aura pas de problème? Bien, j'ai fait tout ce que tu as dit mais quand j'ai relancé Firefox ça ne m'a rien dit. Voici le rapport de OTMoveIt3 : ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\Documents and Settings\Proprietaire\Application Data\mozilla\firefox\Profiles\aesdxh2q.default\searchplugins\Yoog Search.xml moved successfully. File/Folder C:\Program Files\Mozilla Firefox\components\nssnappyads.dll not found. File/Folder C:\WINDOWS\system32\mawxqvpuhn.dll not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\etilqs_EYXMTKSdILeoJhb scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF4DF3.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF6B56.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~WRD0000.doc scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_85c.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.9.0 log created on 03292009_153158 Files moved on Reboot... File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\etilqs_EYXMTKSdILeoJhb not found! C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF4DF3.tmp moved successfully. File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF6B56.tmp not found! C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~WRD0000.doc moved successfully. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. File C:\WINDOWS\temp\Perflib_Perfdata_85c.dat not found! Plusieurs fichiers n'ont pas été trouvés alors j'ai redémarré comme tu l'avais demandé.

Voici le rapport : FoxScan Version 1.0.6 Ecrit par Loup blanc - Zebulon.fr Scan lancé le 2009-03-29 à 14:56:37,34 Microsoft Windows XP [version 5.1.2600] Service Pack 3 Mozilla Firefox version : 3.0.5 (fr) Dossier d'installation : C:\Program Files\Mozilla Firefox Profil : default Dossier du profil : C:\Documents and Settings\Proprietaire\Application Data\mozilla\firefox\Profiles\aesdxh2q.default\ Pages de démarrage : "http://www.otaku-attitude.net/site/" ------------------------------------------------------ //////////// Modules complémentaires \\\\\\\\\\\\\ ======= Profil : default ======= La notification d'installation des modules complémentaires est activée Nom : Adblock Plus Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Nom : ColorfulTabs Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} Nom : Cooliris Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\piclens@cooliris.com Nom : CoolPreviews Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} Nom : Java Console Etat : Activé Dossier : C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Nom : Java Quick Starter Etat : Activé Dossier : C:\Program Files\Java\jre6\lib\deploy\jqs\ff Nom : Read it Later Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\isreaditlater@ideashower.com Nom : Simple Dyyno Launcher Etat : Activé Dossier : C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\aesdxh2q.default\extensions\NPDyyno@dyyno.com Nom : Default Etat : Activé Dossier : C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ------------------------------------------------------ //////////// Plugins de recherche \\\\\\\\\\\\\ ======= Profil : default ======= Recherche dans "prefs.js" : browser.search.defaultenginename : "Yoog Search" browser.search.defaulturl : "http://www15.yoog.com/search.php?q="'>http://www15.yoog.com/search.php?q=" browser.search.selectedEngine : "Yoog Search" keyword.URL : "http://www15.yoog.com/search.php?q=" --------- Moteurs de recherche trouvés ------------ + Formulaire de recherche configuré pour le moteur C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml template="http://www.amazon.fr/exec/obidos/external-search/"> C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml template="http://rover.ebay.com/rover/1/709-47295-17703-3/4"> C:\Program Files\Mozilla Firefox\searchplugins\google.xml template="http://www.google.com/search"> C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml template="http://www.dictionnaire-mediadico.com/dictionnaires.asp"> C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml template="http://fr.wikipedia.org/wiki/Special:Recherche"> C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml template="http://fr.search.yahoo.com/search"> C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml width="16" C:\Documents and Settings\Proprietaire\Application Data\mozilla\firefox\Profiles\aesdxh2q.default\searchplugins\Yoog Search.xml ------------------------------------------------------ //////////// DLL présentes dans C:\Program Files\Mozilla Firefox\components \\\\\\\\\\\\\ browserdirprovider.dll brwsrcmp.dll mawxqvpuhn.dll nssnappyads.dll ------------------------------------------------------ //////////// Plugins configurés dans la Base de registre \\\\\\\\\\\\\ [HKEY_LOCAL_MACHINE\software\mozillaplugins\@adobe.com/FlashPlayer] "Description"="Adobe® Flash® Player 10" "Vendor"="Adobe Systems Incorporated" "Path"="C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@adobe.com/ShockwavePlayer] "Description"="Adobe Shockwave Player" "Vendor"="Adobe Systems Inc" "Path"="C:\WINDOWS\system32\Adobe\Director\np32dsw.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@Apple.com/iTunes,version=] "Description"="Module iTunes Detector" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@Apple.com/iTunes,version=1.0] "Vendor"="Apple Inc." "Path"="C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@bittorrent.com/BitTorrentDNA] "Description"="Delivery Network Acceleration by BitTorrent™" "Vendor"="BitTorrent, Inc." "Path"="C:\Program Files\DNA\plugins\npbtdna.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@divx.com/DivX Browser Plugin,version=1.0.0] "Description"="DivX® Web Player" "Vendor"="DivX,Inc." "Path"="C:\Program Files\DivX\DivX Web Player\npdivx32.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@divx.com/DivX Content Upload Plugin,version=1.0.0] "Description"="DivX® Content Upload Plugin" "Vendor"="DivX,Inc." "Path"="C:\Program Files\DivX\DivX Content Uploader\npUpload.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@dyyno.com/vlc;version=0.8.6f] "Description"="Dyyno Multimedia Plugin" "Vendor"="Dyyno" "Path"="C:\Program Files\Dyyno\Dyyno Player\npvlc.dll" [HKEY_CURRENT_USER\software\mozillaplugins\@tools.google.com/Google Update;version=7] "Description"="Google Update" "Vendor"="Google" "Path"="C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll" ------------------------------------------------------ //////////// Recherche additionnelles pour les infections Goored, YoogSearch... \\\\\\\\\\\\\ [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions] [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.5\extensions] ------------------ Fin du rapport ------------------

J'avais déjà Malwarebytes' Antimalware, mais je croyais qu'il n'était pas vraiment utile pour mon cas parce que j'avais déjà fait un scan et les publicités intempestives étaient toujours là et certaines personnes sur des forums disaient qu'il était illusoire de faire un scan pour chercher un malware. Mais je l'ai fait quand même, ça m'a donné ça : Malwarebytes' Anti-Malware 1.35 Version de la base de données: 1915 Windows 5.1.2600 Service Pack 3 2009-03-29 11:53:20 mbam-log-2009-03-29 (11-53-20).txt Type de recherche: Examen rapide Eléments examinés: 76903 Temps écoulé: 8 minute(s), 51 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 8 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9f391044-c98c-4c30-f172-f6a71dceeb87 (Adware.Adrotator) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3ae0248a-f05c-72c6-ae5e-738eee857217} (Adware.MySideSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kcpyjqjbhrfkjxjh (Adware.SnappyAds) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{58299eaa-0a1a-0f30-aa8b-ce2830c35a8f} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{58299eaa-0a1a-0f30-aa8b-ce2830c35a8f} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58299eaa-0a1a-0f30-aa8b-ce2830c35a8f} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aae613bb-740e-a1f6-28a7-15ec8e260080} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{aae613bb-740e-a1f6-28a7-15ec8e260080} (Adware.BHO) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\9f391044-c98c-4c30-f172-f6a71dceeb87.exe (Adware.Adrotator) -> Quarantined and deleted successfully. C:\WINDOWS\system32\undefined-remove.exe (Adware.SnappyAds) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mawxqvpuhn.dll-uninst.exe (Adware.MySideSearch) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kcpyjqjbhrfkjxjh.exe (Adware.SnappyAds) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\components\ae8509b6-84a4-2b2c-3102-96010c3eba63.dll (Adware.Yoog) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nse37.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mawxqvpuhn.dll (Adware.BHO) -> Quarantined and deleted successfully. Avant je faisais des scans complets car déjà là ça ne m'aidait pas à me débarrasser de l'adware. Est-ce que c'est inutile de faire un scan complet?

Bonjour, j'ai été stupide et je n'ai pas fait attention, me voilà avec un malware sur mon ordinateur qui m'envoie des publicités intempestives. Je ferai plus attention à l'avenir... Mais bon maintenant il est trop tard pour prévenir :s, j'aurais besoins d'aide pour désinfecter mon ordinateur de cet ou ces adwares. Voici mon rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:43:20, on 2009-03-28 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\lg_fwupdate\fwupdate.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\DNA\btdna.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Proprietaire\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.otaku-attitude.net/site/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: snappyads - {58299eaa-0a1a-0f30-aa8b-ce2830c35a8f} - C:\WINDOWS\system32\nse37.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {91344780-919D-AC12-B0C5-5DE00041F565} - (no file) O2 - BHO: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file) O2 - BHO: mysidesearch search enhancer - {AAE613BB-740E-A1F6-28A7-15EC8E260080} - C:\WINDOWS\system32\mawxqvpuhn.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file) O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe" O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [searchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161691128921 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neff...ffyLauncher.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 11319 bytes