problème avec les ^^ [Résolu]

bonjour tout le monde, depuis ce matin mon pc se comporte bizarrement. Quand je tape un texte et que je dois mettre un accent circonflexe, je tape sur la touche et il me mets directement ça ^^. De plus quand j'ai ouvert par 2 fois mon pc mon antivirus (nod32) a détecté un trojan et une autre chose mais j'ai pas eu le temps de voir quoi. Donc je pense que mon pc est bel et bien infecté. Pourriez-vous me donner un coup de main pour virer ce bazar de ma machine? merci

Salut à toi et bienvenue,
En ce moment quand tu dis : " bonjour tout le monde" c'est cool, mais dans la pratique je suis a peu prés le seul sur le bateau

Afin de nous éclairer sur la nature précise de tes soucis "infectieux", ( ou pas ? )
dans un premier temps fais cette procédure et poste le rapport généré par Random's system information tool (RSIT) par
random/random
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

- Poste le contenu de log.txt (<<qui sera affiché)
ainsi que info.txt (<<qui sera réduit dans la Barre des Tâches).

// ! Important !
=======================

Ps:
======
Conseil d'ordre général
---->> Aller sur le Net avec Windows Internet Explorer, n'est pas souhaitable.
Pour vous en convaincre, un petit test de votre navigateur

Comparez-donc Windows Internet Explorer avec Mozilla-Firefox (ce dernier devrait atteindre les 92 )
Quand à Windows Internet Explorer, j'en laisse la surprise...

Toutefois, ce qui ne veut pas dire que Windows Internet Explorer, ne doit pas être à jour ! (vérifier que vous avez la dernière version ! )

Télécharger Mozilla-Firefox 3.0. X. (le X représente évidemment la dernière version ) et le mettre à l'install comme Navigateur par défaut.

lien ici

-->source ici de conseils
Eviter à tous prix de poster dans plusieurs Forum à la fois...pas de multi-postage donc !



Poster les 2 rapports demandés (log.txt et info.txt)
En cas de fichier trop gros, suffit de le diviser sur deux réponses, ou plus.....




PS:
si tu ne peux pas télécharger en direct avec la machine infectée, il est évident qu'il faut faire usage, d'une carte SD ou clé usb via un autre PC.

voilà le log

Logfile of random's system information tool 1.08 (written by random/random)
Run by jf at 2011-08-04 16:09:14
Microsoft Windows 7 Édition Familiale Premium Service Pack 1
System drive C: has 69 GB (25%) free of 281 GB
Total RAM: 3894 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:09:25, on 4/08/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
C:\Program Files (x86)\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\jf\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\jf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Messenger Plus Live Belgium - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [system32] C:\Users\jf\AppData\Roaming\local.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [system32] C:\Users\jf\AppData\Roaming\local.exe
O4 - HKLM\..\Policies\Explorer\Run: [system32] C:\Users\jf\AppData\Roaming\local.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FSPro Filter Service (fsproflt) - FSPro Labs - C:\Windows\SysWOW64\fsproflt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 28012 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForcathy.job
C:\Windows\tasks\HPCeeScheduleForJF-PC$.job
C:\Windows\tasks\HPCeeScheduleForjf.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP SimplePass Identity Protection Extension - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll [2009-12-30 1262856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1a1c8f1-e3d9-48df-802f-20201061ef61}]
Messenger Plus Live Belgium Toolbar - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{d1a1c8f1-e3d9-48df-802f-20201061ef61} - Messenger Plus Live Belgium Toolbar - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-01-25 61112]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe [2011-02-03 2068480]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"system32"=C:\Users\jf\AppData\Roaming\local.exe [2011-08-04 540672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"system32"=C:\Users\jf\AppData\Roaming\local.exe [2011-08-04 540672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-01-27 1712184]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2011-08-02 1242448]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"system32"=C:\Users\jf\AppData\Roaming\local.exe [2011-08-04 540672]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHoo ks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-03-03 52920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Users\jf\AppData\Local\Temp\o6exkiwnGP.exe"="C:\Users\jf\AppData\Local\Temp\o6exkiwnGP.exe:*:Enabled:Windows Messanger"
"C:\Users\jf\AppData\Roaming\local.exe"="C:\Users\jf\AppData\Roaming\local.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-08-04 13:14:32 ----D---- C:\Users\jf\AppData\Roaming\Booky
2011-08-04 13:14:32 ----D---- C:\Users\jf\AppData\Roaming\Acbiix
2011-08-04 10:29:18 ----D---- C:\Windows\Minidump
2011-08-04 10:27:57 ----A---- C:\Ad-Report-CLEAN[10].txt
2011-08-04 10:26:53 ----A---- C:\Ad-Report-SCAN[11].txt
2011-08-04 08:58:10 ----H---- C:\Users\jf\AppData\Roaming\local.exe
2011-07-27 11:37:03 ----A---- C:\Ad-Report-CLEAN[9].txt
2011-07-27 11:35:43 ----A---- C:\Ad-Report-SCAN[10].txt
2011-07-24 16:08:20 ----SHD---- C:\Config.Msi
2011-07-24 15:54:40 ----D---- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2011-07-13 08:55:21 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 08:55:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 08:55:19 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-13 08:52:52 ----A---- C:\Windows\SysWOW64\setup16.exe
2011-07-13 08:52:52 ----A---- C:\Windows\SysWOW64\kernel32.dll
2011-07-13 08:52:51 ----A---- C:\Windows\SysWOW64\wow32.dll
2011-07-13 08:52:51 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2011-07-13 08:52:51 ----A---- C:\Windows\SysWOW64\instnm.exe
2011-07-13 08:52:50 ----A---- C:\Windows\SysWOW64\user.exe
2011-07-12 14:31:52 ----D---- C:\Users\jf\AppData\Roaming\EurekaLog

======List of files/folders modified in the last 1 months======

2011-08-04 16:09:21 ----D---- C:\Windows\Temp
2011-08-04 16:09:19 ----D---- C:\Windows\Prefetch
2011-08-04 16:09:18 ----D---- C:\Program Files (x86)\trend micro
2011-08-04 15:56:35 ----D---- C:\Windows\System32
2011-08-04 15:56:35 ----D---- C:\Windows\inf
2011-08-04 14:03:51 ----D---- C:\Windows\SysWOW64\drivers
2011-08-04 13:44:33 ----D---- C:\Program Files (x86)\Steam
2011-08-04 13:44:13 ----A---- C:\Windows\SysWOW64\log.txt
2011-08-04 13:21:11 ----D---- C:\Windows\SysWOW64
2011-08-04 10:29:18 ----D---- C:\Windows
2011-08-02 19:32:09 ----A---- C:\Windows\Lexstat.ini
2011-08-02 13:13:42 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-08-02 13:12:32 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-08-02 09:25:12 ----SHD---- C:\System Volume Information
2011-07-31 19:15:39 ----D---- C:\Users\jf\AppData\Roaming\vlc
2011-07-31 13:43:05 ----D---- C:\Windows\Tasks
2011-07-29 09:18:32 ----D---- C:\Users\jf\AppData\Roaming\VSO
2011-07-27 11:38:01 ----RD---- C:\Program Files (x86)
2011-07-26 11:26:58 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-25 20:47:26 ----D---- C:\Users\jf\AppData\Roaming\Azureus
2011-07-25 19:09:00 ----D---- C:\Program Files (x86)\Messenger_Plus_Live_Belgium
2011-07-24 16:08:33 ----SHD---- C:\Windows\Installer
2011-07-24 16:08:24 ----RSD---- C:\Windows\assembly
2011-07-24 16:08:20 ----D---- C:\Program Files (x86)\Hewlett-Packard
2011-07-24 16:07:46 ----D---- C:\SwSetup
2011-07-24 16:07:40 ----D---- C:\Windows\Hewlett-Packard
2011-07-24 16:07:40 ----D---- C:\Users\jf\AppData\Roaming\Hewlett-Packard
2011-07-24 15:58:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-07-24 15:58:27 ----D---- C:\Windows\Help
2011-07-24 15:58:22 ----D---- C:\Windows\winsxs
2011-07-24 15:54:40 ----HD---- C:\ProgramData
2011-07-15 18:36:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-07-14 10:49:44 ----D---- C:\Windows\AppPatch
2011-07-13 14:55:23 ----D---- C:\Windows\debug
2011-07-13 14:55:15 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys []
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot64.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 DVMIO;DeviceVM IO Service; C:\Windows\system32\DRIVERS\dvmio.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys []
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwaudio;Périphérique audio Bluetooth; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys []
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys []
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys []
R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S1 cpuidlep;CpuIdle Pro System Driver; C:\Windows\SysWOW64\drivers\cpuidlep.sys [2011-06-06 4484]
S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\jf\AppData\Local\Temp\ALSysIO64.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 cpuz132;cpuz132; \??\C:\Users\jf\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 driverhardwarev2x64;driverhardwarev2x64; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 873248]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-30 444680]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-02-08 338168]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\System32\ezSharedSvcHost.exe [2010-01-25 514232]
R2 fsproflt;FSPro Filter Service; C:\Windows\SysWOW64\fsproflt.exe [2010-01-06 142648]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-21 103992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 HPWMISVC;HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
R2 lxcz_device;lxcz_device; C:\Windows\system32\lxczcoms.exe [2007-04-19 537520]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe [2010-01-14 244736]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-01-06 1791280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-05-21 818232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-03 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-03 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\x64\maconfservice.exe [2010-09-12 325120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-05-13 403240]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------



je vais regarder après l'autre parce que déjà la dernière fois j'ai pas trouvé

re,

tu as télécharger et installé Messenger_Plus_Live_Belgium, qui installe d'office une petite infection de type BT.

Mais pas de panique...


Fais ceci,

* Désactive ton Antivirus pour le moment.
* Télécharge Ad-Remover (de C_XX) sur le bureau.

* /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
* Double clic sur le programme pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Scanner"

* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)

ok. j'ai aussi eu un mail de chez mistergoodeals avec une sois disant facture que j'ai chargé en zip et j'ai ouvert le fichier qui était en .vbs et je dois dire que c'est depuis que ça déconne.

re,

super tu as ouvert un script

Poste le rapport que je t'ai demandé, ne perdons pas de temps

voilà

======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [12]) -> Lancé à 10:49:52 le 05/08/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
jf@JF-PC (Hewlett-Packard HP Pavilion dv7 Notebook PC)

============== RECHERCHE ==============





============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.18 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)
Extensions\belgiumeid@eid.belgium.be (eID België)
HKLM_Extensions|otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
HKLM_Extensions|belgiumeid@eid.belgium.be - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be (x)

-- C:\Users\jf\AppData\Roaming\Mozilla\FireFox\Profiles\mimfv6up.default --
Extensions\belgiumeid@eid.belgium.be (eID België)
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)
Extensions\{d1a1c8f1-e3d9-48df-802f-20201061ef61} (Messenger Plus Live Belgium Community Toolbar)
Prefs.js - browser.download.lastDir, C:\\Users\\jf\\Desktop\\Nouveau dossier
Prefs.js - browser.startup.homepage, hxxps://www.google.be
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18

-- C:\Users\cathy\AppData\Roaming\Mozilla\FireFox\Profiles\fmph1iz1.default --
Prefs.js - browser.download.lastDir, C:\\Users\\cathy\\Pictures\\chat email
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKLM_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)
HKCU_Toolbar\WebBrowser|{D1A1C8F1-E3D9-48DF-802F-20201061EF61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (x)
HKLM_Toolbar|{d1a1c8f1-e3d9-48df-802f-20201061ef61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)
HKLM_ElevationPolicy\00dcadab-5473-4e1f-850e-d2c86681ec75 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\d85bc1fd-daaf-491e-861a-706a1126db18 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\fe78f200-b00a-486b-89f0-0b4b6d417fd1 - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{324C84CB-CAA5-4A6C-AF56-E40419E24D51} - C:\Users\jf\AppData\Local\Conduit\CT2535304\Messenger_Plus_Live_BelgiumAutoUpdaterHelper.exe (x)
HKLM_ElevationPolicy\{5D951C6A-5215-457A-8D23-9CCB4D327421} - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper1.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_Extensions\{0000036B-C524-4050-81A0-243669A86B9F} - "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" (C:\Program Files (x86)\Windows Live\Companion\companionres.dll,200)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Envoyer à Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{395610AE-C624-4f58-B89E-23733EA00F9A} - "HP SimplePass Identity Protection Extension" (C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll)
BHO\{53707962-6F74-2D53-2644-206D7942484F} - "Spybot-S&D IE Protection" (C:\PROGRA~2\SPYBOT~1\SDHelper.dll)
BHO\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} - "Windows Live Messenger Companion Helper" (C:\Program Files (x86)\Windows Live\Companion\companioncore.dll)
BHO\{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 189 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 157 Fichier(s)

C:\Ad-Report-CLEAN[10].txt - 04/08/2011 (482 Octet(s))
C:\Ad-Report-CLEAN[1].txt - 10/02/2011 (7591 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 27/02/2011 (5120 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 11/03/2011 (5233 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 11/04/2011 (5358 Octet(s))
C:\Ad-Report-CLEAN[5].txt - 27/04/2011 (5471 Octet(s))
C:\Ad-Report-CLEAN[6].txt - 17/05/2011 (11216 Octet(s))
C:\Ad-Report-CLEAN[7].txt - 28/06/2011 (6188 Octet(s))
C:\Ad-Report-CLEAN[8].txt - 03/07/2011 (6575 Octet(s))
C:\Ad-Report-CLEAN[9].txt - 27/07/2011 (8079 Octet(s))
C:\Ad-Report-SCAN[10].txt - 27/07/2011 (8194 Octet(s))
C:\Ad-Report-SCAN[11].txt - 04/08/2011 (6792 Octet(s))
C:\Ad-Report-SCAN[12].txt - 05/08/2011 (6270 Octet(s))
C:\Ad-Report-SCAN[1].txt - 10/02/2011 (7897 Octet(s))
C:\Ad-Report-SCAN[2].txt - 11/03/2011 (5131 Octet(s))
C:\Ad-Report-SCAN[3].txt - 11/04/2011 (5256 Octet(s))
C:\Ad-Report-SCAN[4].txt - 27/04/2011 (5369 Octet(s))
C:\Ad-Report-SCAN[5].txt - 16/05/2011 (10990 Octet(s))
C:\Ad-Report-SCAN[6].txt - 16/05/2011 (11047 Octet(s))
C:\Ad-Report-SCAN[7].txt - 28/06/2011 (6085 Octet(s))
C:\Ad-Report-SCAN[8].txt - 30/06/2011 (6196 Octet(s))
C:\Ad-Report-SCAN[9].txt - 03/07/2011 (6467 Octet(s))

Fin à: 10:50:46, 05/08/2011

============== E.O.F ==============

voilà

======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [12]) -> Lancé à 10:49:52 le 05/08/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
jf@JF-PC (Hewlett-Packard HP Pavilion dv7 Notebook PC)

============== RECHERCHE ==============





============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.18 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)
Extensions\belgiumeid@eid.belgium.be (eID België)
HKLM_Extensions|otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
HKLM_Extensions|belgiumeid@eid.belgium.be - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be (x)

-- C:\Users\jf\AppData\Roaming\Mozilla\FireFox\Profiles\mimfv6up.default --
Extensions\belgiumeid@eid.belgium.be (eID België)
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)
Extensions\{d1a1c8f1-e3d9-48df-802f-20201061ef61} (Messenger Plus Live Belgium Community Toolbar)
Prefs.js - browser.download.lastDir, C:\\Users\\jf\\Desktop\\Nouveau dossier
Prefs.js - browser.startup.homepage, hxxps://www.google.be
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18

-- C:\Users\cathy\AppData\Roaming\Mozilla\FireFox\Profiles\fmph1iz1.default --
Prefs.js - browser.download.lastDir, C:\\Users\\cathy\\Pictures\\chat email
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKLM_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)
HKCU_Toolbar\WebBrowser|{D1A1C8F1-E3D9-48DF-802F-20201061EF61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (x)
HKLM_Toolbar|{d1a1c8f1-e3d9-48df-802f-20201061ef61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)
HKLM_ElevationPolicy\00dcadab-5473-4e1f-850e-d2c86681ec75 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\d85bc1fd-daaf-491e-861a-706a1126db18 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\fe78f200-b00a-486b-89f0-0b4b6d417fd1 - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{324C84CB-CAA5-4A6C-AF56-E40419E24D51} - C:\Users\jf\AppData\Local\Conduit\CT2535304\Messenger_Plus_Live_BelgiumAutoUpdaterHelper.exe (x)
HKLM_ElevationPolicy\{5D951C6A-5215-457A-8D23-9CCB4D327421} - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper1.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_Extensions\{0000036B-C524-4050-81A0-243669A86B9F} - "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" (C:\Program Files (x86)\Windows Live\Companion\companionres.dll,200)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Envoyer à Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{395610AE-C624-4f58-B89E-23733EA00F9A} - "HP SimplePass Identity Protection Extension" (C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll)
BHO\{53707962-6F74-2D53-2644-206D7942484F} - "Spybot-S&D IE Protection" (C:\PROGRA~2\SPYBOT~1\SDHelper.dll)
BHO\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} - "Windows Live Messenger Companion Helper" (C:\Program Files (x86)\Windows Live\Companion\companioncore.dll)
BHO\{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\prxtbMes2.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 189 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 157 Fichier(s)

C:\Ad-Report-CLEAN[10].txt - 04/08/2011 (482 Octet(s))
C:\Ad-Report-CLEAN[1].txt - 10/02/2011 (7591 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 27/02/2011 (5120 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 11/03/2011 (5233 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 11/04/2011 (5358 Octet(s))
C:\Ad-Report-CLEAN[5].txt - 27/04/2011 (5471 Octet(s))
C:\Ad-Report-CLEAN[6].txt - 17/05/2011 (11216 Octet(s))
C:\Ad-Report-CLEAN[7].txt - 28/06/2011 (6188 Octet(s))
C:\Ad-Report-CLEAN[8].txt - 03/07/2011 (6575 Octet(s))
C:\Ad-Report-CLEAN[9].txt - 27/07/2011 (8079 Octet(s))
C:\Ad-Report-SCAN[10].txt - 27/07/2011 (8194 Octet(s))
C:\Ad-Report-SCAN[11].txt - 04/08/2011 (6792 Octet(s))
C:\Ad-Report-SCAN[12].txt - 05/08/2011 (6270 Octet(s))
C:\Ad-Report-SCAN[1].txt - 10/02/2011 (7897 Octet(s))
C:\Ad-Report-SCAN[2].txt - 11/03/2011 (5131 Octet(s))
C:\Ad-Report-SCAN[3].txt - 11/04/2011 (5256 Octet(s))
C:\Ad-Report-SCAN[4].txt - 27/04/2011 (5369 Octet(s))
C:\Ad-Report-SCAN[5].txt - 16/05/2011 (10990 Octet(s))
C:\Ad-Report-SCAN[6].txt - 16/05/2011 (11047 Octet(s))
C:\Ad-Report-SCAN[7].txt - 28/06/2011 (6085 Octet(s))
C:\Ad-Report-SCAN[8].txt - 30/06/2011 (6196 Octet(s))
C:\Ad-Report-SCAN[9].txt - 03/07/2011 (6467 Octet(s))

Fin à: 10:50:46, 05/08/2011

============== E.O.F ==============

Ensuite fais ceci:
Télécharge Malwarebytes' Anti-Malware (MBAM)

[*] Double clique sur le fichier téléchargé pour lancer le processus d'installation.
[*] Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
[*] Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
[*] Sélectionne "Exécuter un examen rapide"
[*] Clique sur "Rechercher"
[*] L'analyse démarre, le scan est relativement long, c'est normal.
[*] A la fin de l'analyse, un message s'affiche :


Citation

L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.


Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
[*] Ferme tes navigateurs.
[*] Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
[*] MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

ps:
--->aide visuelle sur Mbam ici

voilà le rapport

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7373

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

4/08/2011 10:26:30
mbam-log-2011-08-04 (10-26-30).txt

Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 446880
Temps écoulé: 1 heure(s), 23 minute(s), 18 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{BA08EFAD-EF14-AC6D-C42A-CF3EAA0C1D4A} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{BA08EFAD-EF14-AC6D-C42A-CF3EAA0C1D4A} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{BA08EFAD-EF14-AC6D-C42A-CF3EAA0C1D4A} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system32 (Trojan.Agent) -> Value: system32 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\sy stem32 (Trojan.Agent) -> Value: system32 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system32 (Trojan.Agent) -> Value: system32 -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\jf\AppData\Roaming\local.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\jf\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.

Bon, petite précision. Quand j'ai eu terminé malware byte j'ai voulu supprimer la sélection, ça a commencé puis il relance mon pc. Voyant ça j'ai attendu qu'il soit relancé, je t'ai posté le rapport et j'ai refais un scan et là il me trouve 16 infections. Je lance la suppression et de nouveau il relance mon pc. Comme si l'infection ne voulais pas se faire supprimer et éteint mon pc. Donc je n'ai rien pu supprimer en fait

de plus, le logo de mon anti virus reste rouge car pas protégé à fond. j'ai vérifié et il marque 'l'initialisation de l'analyseur de virus à échoué"

re,
fais un scan Malwarebytes' Anti-Malware en utilisant le mode sans échec...supprime dans ce mode.

scan fais, suppression faite. je te remets le rapport, je sais pas si c'est nécessaire.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7383

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.7601.17514

5/08/2011 12:24:26
mbam-log-2011-08-05 (12-24-26).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 188357
Temps écoulé: 3 minute(s), 44 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{BA08EFAD-EF14-AC6D-C42A-CF3EAA0C1D4A} (Backdoor.IRCBot.WR) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{BA08EFAD-EF14-AC6D-C42A-CF3EAA0C1D4A} (Backdoor.IRCBot.WR) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{BA08EFAD-EF14-AC6D-C42A-CF3EAA0C1D4A} (Backdoor.IRCBot.WR) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system32 (Backdoor.IRCBot.WR) -> Value: system32 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\sy stem32 (Backdoor.IRCBot.WR) -> Value: system32 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system32 (Backdoor.IRCBot.WR) -> Value: system32 -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\jf\AppData\Roaming\local.exe (Backdoor.IRCBot.WR) -> Quarantined and deleted successfully.
c:\Users\jf\AppData\Local\Temp\84663.exe (Trojan.EnoVI.Gen) -> Quarantined and deleted successfully.
c:\Users\jf\AppData\Local\Temp\o6exkiwngp.exe (Backdoor.IRCBot.WR) -> Quarantined and deleted successfully.
c:\Users\jf\local settings\temporary internet files\Content.IE5\S478436A\test[1].exe (Backdoor.IRCBot.WR) -> Quarantined and deleted successfully.
c:\Users\jf\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
c:\Users\jf\AppData\Local\Temp\pws_cdk.bss (Stolen.Data) -> Quarantined and deleted successfully.
c:\Users\jf\AppData\Local\Temp\pws_mail.bss (Stolen.Data) -> Quarantined and deleted successfully.
c:\Users\jf\AppData\Local\Temp\pws_mess.bss (Stolen.Data) -> Quarantined and deleted successfully.

re,

je voudrais que l'on passe à ceci :

Exécute cette manip pour faire un scan avec Combofix.développé par sUBs.

En portant une attention particulière à l'install de la console sous XP uniquement , ( ATTENTION pas sous Vista * / ou Seven7 ) à la demande de sUBs. , concepteur de l'outil utilisé.
Donc on ne se préoccupe pas de la console sous Vista ou Seven.

Toutefois au téléchargement de Combofix.exe,ne l'enregistre pas sous son nom d'origine, en effet certains virus détectent l'outil et le contre.
Donc, enregistre-le sous le nom de scanner.exe sur ton bureau afin de rendre l'outil indétectable.
J'insiste il ne s'agit pas de le renommer une fois télécharger, mais AVANT le téléchargement, sinon l'opération est nulle.
De plus comme sous Vista / ou Windows 7 exécuter toujours les outils de ce genre avec une élévation de droit, en faisant un clic droit dessus ( pour le lancer ) et choisis "éxcuter en tant que Administrateur "
-->clic ici pour faire la manip demandée
Poste le rapport de C:\Combofix.txt. sur le forum.
Note:

La procédure d'install de la console est normalement devenue automatique sous XP...il suffit d'accepter par "oui" à la demande de Combofix.