[Résolu]Firefox ouverture pages publicitaires intempestives

[ZEBULON]

Bonjour

Depuis quelque temps lorsque que je clique sur un lien internet dans Firefox , ça m' ouvre un autre onglet qui me redirige vers une page publicitaire bien entendu . J' ai regardé dans les paramétres de Firefox tout me semble correct . Avast n' a rien détecté , mais je pense quand meme à un virus , vu que j' ai eu un trojan récemment .

Vous avez une idée ?

Merci d' avance

@+

[nardino]

Bonjour.

Télécharge RSIT de random/random, sur le Bureau :
http://images.malwareremoval.com/random/RSIT.exe

Double-clique sur RSIT.exe afin de lancer l'outil, il ne nécessite pas d'installation.
Clique Continue à l'écran Disclaimer si tu acceptes les conditions.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et accepte la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt, celui qui va s'ouvrir et ferme info.txt qui est réduit dans la Barre des Tâches.

NB :
Ces rapports sont enregistrés dans le dossier C:\rsit
Sous Vista/Sept, il faut lancer le fichier en cliquant droit dessus et par Exécuter en tant qu'administrateur.

Télécharge et installe Malwarebytes Anti-Malware de RubbeR DuckY
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée. Clique sur "Terminer"
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free, clique sur OK.
Laisse les Mises à jour se télécharger et referme le programme.

Lance Malwarebytes Anti-Malware par clic droit sur l'icône du bureau et "Exécuter en tant qu'administrateur"
Onglet "Recherche", coche Exécuter un examen complet et Rechercher
Sélectionne ton disque dur et clique sur Lancer l'examen

A la fin du scan, sélectionne tout et clique sur Supprimer la sélection
Poste le rapport qui s'ouvre après cette suppression.
Redémarre le pc.
Il se trouve dans l'onglet Rapports/Logs avec la date et l'heure d'exécution

@+

[ZEBULON]

Bonjour

Donc voici le contenu de log.txt :

Logfile of random's system information tool 1.06 (written by random/random)
Run by admin at 2009-12-15 14:30:25
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 286 GB (39%) free of 735 GB
Total RAM: 4094 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:30:38, on 15/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Winsudate\gibusr.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Translate Client\translateclient.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\MFP Server\App\Common\MFPAgent.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Kiwee Toolbar\2.9.201\kwtbaim.exe
c:\PROGRA~2\CYBERL~1\SHARED~1\RICHVI~1.EXE
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\admin\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.translateclient.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files (x86)\AGI\common\agcutils.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\ACEIEAddOn.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\CPAIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files (x86)\Web Search Operator\3.1.0.1800\wso.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MFP Manager] C:\Program Files (x86)\MFP Server\MFPAgent.exe -CheckAutoRun
O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files (x86)\MFP Server\App\Common\MFPAgent.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files (x86)\Internet Today\1.1.0.1090\InternetToday.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [WinUsr] C:\Program Files (x86)\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [vegas] rundll32.exe C:\Windows\system32\sshnas.dll,DllWork
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Translate Client.lnk = C:\Program Files (x86)\Translate Client\translateclient.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/ ... _5_1_0.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files (x86)\AGI\common\win32\PythonService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: lxbv_device - - C:\Windows\system32\lxbvcoms.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files (x86)\Winsudate\gibsvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12996 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3208050702-2130847328-3497521281-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3208050702-2130847328-3497521281-1000UA.job
C:\Windows\tasks\PCDRScheduledMaintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}]
Automated Content Enhancer - C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\ACEIEAddOn.dll [2009-11-12 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}]
Customized Platform Advancer - C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\CPAIEAddOn.dll [2009-11-13 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
Kiwee Toolbar - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-06-28 277648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}]
Web Search Operator - C:\Program Files (x86)\Web Search Operator\3.1.0.1800\wso.dll [2009-11-09 221184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-06-28 277648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE [2008-07-21 12288]
"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"UpdateP2GoShortCut"=c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [2008-09-11 210216]
"TSMAgent"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2008-10-17 1152296]
"CLMLServer for HP TouchSmart"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2008-10-17 189736]
"DVDAgent"=c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2008-09-26 1148200]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"MFP Manager"=C:\Program Files (x86)\MFP Server\MFPAgent.exe -CheckAutoRun []
"Server Application"=C:\Windows\system32\ServoApp.exe []
"GDI Manager"=C:\Program Files (x86)\MFP Server\App\Common\MFPAgent.exe [2008-05-06 741376]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-10-10 203264]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Internet Today Task"=C:\Program Files (x86)\Internet Today\1.1.0.1090\InternetToday.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinUsr"=C:\Program Files (x86)\Winsudate\gibusr.exe [2009-07-27 88304]
"Google Update"=C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-14 133104]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2009-12-08 289584]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"vegas"=C:\Windows\system32\sshnas.dll,DllWork []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Translate Client.lnk - C:\Program Files (x86)\Translate Client\translateclient.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.cpl - cplopen - C:\Windows\rundll32.exe shell32.dll,Control_RunDLL "%1",%*

======List of files/folders created in the last 1 months======

2009-12-15 14:30:26 ----D---- C:\Program Files (x86)\trend micro
2009-12-15 14:30:25 ----D---- C:\rsit
2009-12-13 14:20:26 ----D---- C:\Program Files (x86)\Focus
2009-12-09 03:01:43 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-09 03:01:32 ----A---- C:\Windows\system32\httpapi.dll
2009-12-08 21:38:06 ----A---- C:\Windows\system32\wininet.dll
2009-12-08 21:38:05 ----A---- C:\Windows\system32\mshtml.dll
2009-12-08 21:38:04 ----A---- C:\Windows\system32\urlmon.dll
2009-12-08 21:38:03 ----A---- C:\Windows\system32\ieframe.dll
2009-12-08 21:38:01 ----A---- C:\Windows\system32\ieui.dll
2009-12-08 21:38:00 ----A---- C:\Windows\system32\ieencode.dll
2009-12-08 21:37:59 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-08 21:35:09 ----A---- C:\Windows\system32\rastls.dll
2009-12-07 21:19:02 ----D---- C:\Users\admin\AppData\Roaming\Opera
2009-12-04 05:22:39 ----A---- C:\Windows\system32\aswBoot.exe
2009-12-03 17:47:33 ----D---- C:\Program Files (x86)\Maxis
2009-11-28 20:36:48 ----D---- C:\Users\admin\AppData\Roaming\My Games
2009-11-28 20:29:57 ----D---- C:\Program Files (x86)\Firaxis Games
2009-11-27 18:12:10 ----A---- C:\Windows\system32\tzres.dll
2009-11-27 13:46:44 ----A---- C:\Windows\system32\msxml6.dll
2009-11-27 13:46:44 ----A---- C:\Windows\system32\msxml3.dll
2009-11-27 13:43:22 ----A---- C:\Windows\system32\javaws.exe
2009-11-27 13:43:22 ----A---- C:\Windows\system32\javaw.exe
2009-11-27 13:43:22 ----A---- C:\Windows\system32\java.exe
2009-11-23 16:12:47 ----D---- C:\Program Files (x86)\Windows Portable Devices
2009-11-23 16:04:42 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-23 16:04:39 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-23 16:04:39 ----A---- C:\Windows\system32\d2d1.dll
2009-11-23 16:04:38 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\dxgi.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-23 16:04:37 ----A---- C:\Windows\system32\d3d11.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-23 16:04:37 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-23 16:04:36 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-23 16:04:36 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-23 16:04:36 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-23 16:04:36 ----A---- C:\Windows\system32\DWrite.dll
2009-11-23 16:04:36 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-23 16:04:36 ----A---- C:\Windows\system32\d3d10.dll
2009-11-23 16:04:01 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-23 16:03:50 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-23 16:03:50 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-23 16:03:50 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-23 16:03:50 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-23 16:03:50 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-23 16:03:50 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-23 16:03:50 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-23 16:03:50 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-23 16:02:37 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-23 16:02:37 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-23 16:02:37 ----A---- C:\Windows\system32\oleacc.dll

======List of files/folders modified in the last 1 months======

2009-12-15 14:30:35 ----D---- C:\Users\admin\AppData\Roaming\uTorrent
2009-12-15 14:30:34 ----D---- C:\Windows\Temp
2009-12-15 14:30:26 ----RD---- C:\Program Files (x86)
2009-12-15 14:26:05 ----D---- C:\Users\admin\AppData\Roaming\translateclient
2009-12-15 14:25:16 ----SHD---- C:\System Volume Information
2009-12-15 14:16:57 ----D---- C:\Windows\System32
2009-12-15 14:16:57 ----D---- C:\Windows\inf
2009-12-15 13:29:54 ----D---- C:\Windows
2009-12-14 20:00:53 ----D---- C:\Users\admin\AppData\Roaming\vlc
2009-12-14 16:56:49 ----D---- C:\Windows\SysWOW64
2009-12-14 16:02:57 ----D---- C:\Windows\Tasks
2009-12-12 02:24:19 ----D---- C:\Users\admin\AppData\Roaming\dvdcss
2009-12-09 12:12:06 ----D---- C:\Windows\winsxs
2009-12-09 04:37:59 ----D---- C:\Program Files (x86)\Windows Mail
2009-12-09 03:03:31 ----D---- C:\Windows\Debug
2009-12-06 21:09:21 ----RSD---- C:\Windows\Fonts
2009-12-06 21:09:20 ----D---- C:\Program Files (x86)\Translate Client
2009-12-04 05:22:49 ----D---- C:\Windows\system32\drivers
2009-11-30 16:10:02 ----SHD---- C:\Windows\Installer
2009-11-28 20:30:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-11-28 10:28:43 ----D---- C:\ProgramData\ma-config.com
2009-11-28 10:28:42 ----RD---- C:\Program Files
2009-11-28 10:28:41 ----D---- C:\Program Files (x86)\ma-config.com
2009-11-27 18:49:52 ----RD---- C:\Users
2009-11-27 18:37:30 ----D---- C:\Windows\rescache
2009-11-27 18:16:35 ----D---- C:\Windows\system32\fr-FR
2009-11-27 17:43:52 ----D---- C:\Users\admin\AppData\Roaming\CC
2009-11-27 17:43:16 ----HD---- C:\ProgramData
2009-11-27 13:43:12 ----D---- C:\Program Files (x86)\Java
2009-11-23 16:12:46 ----D---- C:\Windows\system32\wbem
2009-11-23 16:12:42 ----D---- C:\Windows\system32\uk-UA
2009-11-23 16:12:42 ----D---- C:\Windows\system32\sl-SI
2009-11-23 16:12:42 ----D---- C:\Windows\system32\pt-PT
2009-11-23 16:12:42 ----D---- C:\Windows\system32\pt-BR
2009-11-23 16:12:42 ----D---- C:\Windows\system32\pl-PL
2009-11-23 16:12:42 ----D---- C:\Windows\system32\ko-KR
2009-11-23 16:12:42 ----D---- C:\Windows\system32\it-IT
2009-11-23 16:12:42 ----D---- C:\Windows\system32\hu-HU
2009-11-23 16:12:42 ----D---- C:\Windows\system32\hr-HR
2009-11-23 16:12:42 ----D---- C:\Windows\system32\he-IL
2009-11-23 16:12:42 ----D---- C:\Windows\system32\bg-BG
2009-11-23 16:12:41 ----D---- C:\Windows\system32\zh-TW
2009-11-23 16:12:41 ----D---- C:\Windows\system32\zh-HK
2009-11-23 16:12:41 ----D---- C:\Windows\system32\zh-CN
2009-11-23 16:12:41 ----D---- C:\Windows\system32\tr-TR
2009-11-23 16:12:41 ----D---- C:\Windows\system32\th-TH
2009-11-23 16:12:41 ----D---- C:\Windows\system32\sv-SE
2009-11-23 16:12:41 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-23 16:12:41 ----D---- C:\Windows\system32\sk-SK
2009-11-23 16:12:41 ----D---- C:\Windows\system32\ru-RU
2009-11-23 16:12:41 ----D---- C:\Windows\system32\ro-RO
2009-11-23 16:12:41 ----D---- C:\Windows\system32\nl-NL
2009-11-23 16:12:41 ----D---- C:\Windows\system32\nb-NO
2009-11-23 16:12:41 ----D---- C:\Windows\system32\lv-LV
2009-11-23 16:12:41 ----D---- C:\Windows\system32\lt-LT
2009-11-23 16:12:41 ----D---- C:\Windows\system32\ja-JP
2009-11-23 16:12:41 ----D---- C:\Windows\system32\fi-FI
2009-11-23 16:12:41 ----D---- C:\Windows\system32\et-EE
2009-11-23 16:12:41 ----D---- C:\Windows\system32\es-ES
2009-11-23 16:12:41 ----D---- C:\Windows\system32\en-US
2009-11-23 16:12:41 ----D---- C:\Windows\system32\el-GR
2009-11-23 16:12:41 ----D---- C:\Windows\system32\de-DE
2009-11-23 16:12:41 ----D---- C:\Windows\system32\da-DK
2009-11-23 16:12:41 ----D---- C:\Windows\system32\cs-CZ
2009-11-23 16:12:41 ----D---- C:\Windows\system32\ar-SA
2009-11-17 22:44:28 ----D---- C:\Program Files (x86)\Windows Live Safety Center
2009-11-16 15:38:13 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49}; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 27632]
R2 ALIWEHCD;MFP Server Enhanced Controller; C:\Windows\System32\Drivers\mfpec.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS []
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
R3 WUSBVBus;MFP Server Detector; C:\Windows\system32\DRIVERS\mfpvbus.sys []
S2 windrvNT;windrvNT; \??\C:\Windows\system32\windrvNT.sys [2009-08-27 35363]
S3 driverhardwarev2x64;driverhardwarev2x64; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2009-09-23 15872]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [2008-09-10 25888]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-09-28 109056]
R2 AGWinService;AG Windows Service; C:\Program Files (x86)\AGI\common\win32\PythonService.exe [2009-06-28 10240]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-11-03 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe [2008-07-26 255000]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 187928]
R2 lxbv_device;lxbv_device; C:\Windows\system32\lxbvcoms.exe [2007-04-25 537520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files (x86)\Winsudate\gibsvc.exe [2009-07-27 70896]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-30 654848]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 342384]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]

-----------------EOF-----------------

Voici le rapport de Malwarebytes :

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3364
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

15/12/2009 14:45:02
mbam-log-2009-12-15 (14-45-02).txt

Type de recherche: Examen rapide
Eléments examinés: 89805
Temps écoulé: 3 minute(s), 14 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 6
Clé(s) du Registre infectée(s): 42
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 30
Fichier(s) infecté(s): 66

Processus mémoire infecté(s):
C:\Program Files (x86)\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Unloaded process successfully.
C:\Program Files (x86)\Winsudate\gibusr.exe (Adware.Gibmedia) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\ACECommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\CPACommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{565dd573-549e-4da9-8cd7-6ae3df25339a} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ZagrebLand (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Videocan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HottieStar Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vegas (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet today task (Adware.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files (x86)\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\faq (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\faq\images (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today\1.1.0.1090 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800 (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\chrome (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\components (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050 (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\chrome (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\components (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520 (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\chrome (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\components (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\HottieStar Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Application Data\Web Search Operator\3.1.0.1800 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files (x86)\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Winsudate\gibusr.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\CPAIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\ACEIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Winsudate\gibcom.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Winsudate\gibidl64.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Winsudate\gibupt.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\faq\images\05.png (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\faq\images\06.png (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\faq\images\07.png (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\faq\images\08.png (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\faq\images\09.png (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\faq\images\10.png (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today\1.1.0.1090\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today\1.1.0.1090\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today\1.1.0.1090\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today\1.1.0.1090\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today\1.1.0.1090\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today\1.1.0.1090\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Today\1.1.0.1090\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\wsopx.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Search Operator\3.1.0.1800\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\ACECommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\ACEIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\ACEIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\acepx.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\CPACommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\CPAHelper.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\CPAIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\CPAIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Customized Platform Advancer\3.1.0.1520\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\admin\Local Settings\Application Data\Web Search Operator\3.1.0.1800\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\CC\agent.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Question : dois je conserver un antivirus , en l' occurence avast , en plus de Malwarebytes ?


Merci pour le coup de main

@+

[nardino]

Bonsoir.

Il faut désinstaller la KiweeToolbar :
C:\Program Files (x86)\Kiwee Toolbar\
Par programmes et fonctionnalités.
Voici où conduit le p2p malheureusement. A toi de voir si le jeu en vaut la chandelle.
Avast est une vraie passoire face à certaines infections.
Mais il faut conserver un antivirus.
Tu peux le remplacer par Antivir
Ou bien par AVG

Pour désinstaller Avast

Une fois l'autre antivirus installé et mis à jour fais un scan complet.
Poste le rapport.
Malwarebytes n'est pas résident en version gratuite.
@+

[ZEBULON]

Bonjour

Effectivement Antivir me semble beaucoup plus efficace qu' Avast . Meme Windows Defender avait trouvé le trojan .

Merci encore

@+