AIDEZ MOI http://www.hide-my-ip.com/403.shtml

Utilisateur anonyme -  
 gen-hackman -
Bonjour,
j'ai installer HIDE-MY-IP sur mon pc (pour pouvoir avoir access a des sites qui se trouve aux Etats Unis car mon IP ne me le permettait pas vu que je suis en ukrain....)
tout a bien fonctionne, je suis bien alle dans ces sites et fini le travail que j'avais a finir mais apres avoir ferme mon navigateur, je le relance un peu plus tard et la surprise general et que lorsque j'entre une URL de n'importe quel site, elle me dirige automqtique sur cette URL: https://www.hide-my-ip.com/premium.shtml je suis depasse, j'ai tous fais ANTI-virus, anti trojan.... RIEN je DIS BIEN RIEN!!! j'ai meme installe d'autres navigateurs pour tester RIEN toujours redirige automatiquement vers cette URL: https://www.hide-my-ip.com/premium.shtml ......j'ai meme eu a bloque les COOKIES venan de ce site mais helas!!! toujours >>>https://www.hide-my-ip.com/premium.shtml je suis desepere la et je tiens avoir l'aide des membres de la communaute CCM.

merci d'avance de votre comprehension.

--
"La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK
Configuration: AMD CORE DUO + INTEL CORE TRIO/ 10Go RAM/ 5Go VIDEO /7T DD/ Ecran 30"

16 réponses

  1. gen-hackman
     
    redemarres , puis :

    Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

    ! Déconnecte toi et ferme toutes tes applications en cours !

    Double-clique sur " RSIT.exe " pour le lancer .

    -> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

    * Devant l'option "List files/folders created ..." , tu choisis : 2 months

    * clique ensuite sur " Continue " pour lancer l'analyse ...

    -> laisse faire le scan et ne touche pas au PC ...

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

    Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

    Important : poste un rapport, puis l'autre dans la réponse suivante
    Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

    ( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
    1
    1. Utilisateur anonyme
       
      voila le scanner LOG:




      <code>Logfile of random's system information tool 1.06 (written by random/random)
      Run by Admin at 2009-05-25 14:29:22
      Microsoft Windows XP Professional Service Pack 3
      System drive C: has 5 GB (9%) free of 50 GB
      Total RAM: 1014 MB (60% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 14:30:29, on 25.05.2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v8.00 (8.00.6001.18702)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir Desktop\sched.exe
      C:\WINDOWS\system32\agrsmsvc.exe
      C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\Program Files\ICQ6Toolbar\ICQ Service.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Power Translator 11\LogoMedia TranslateDotNet Server.exe
      C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\Program Files\Common Files\NMSAccessU.exe
      C:\WINDOWS\System32\TUProgSt.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\wbem\wmiapsrv.exe
      C:\WINDOWS\system32\wscntfy.exe
      C:\Documents and Settings\Admin\Рабочий стол\RSIT.exe
      C:\Program Files\USB Disk Security\USBGuard.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      C:\WINDOWS\system32\igfxsrvc.exe
      C:\Archivos de Programa\Sys_Kl\sys_kl.exe
      C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
      C:\Program Files\Mail.Ru\Agent\MAgent.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\KillSoft\KillWatcher\kwatch.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Trend Micro\HijackThis\Admin.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
      C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbox.digsby.com/ie
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://searchbox.digsby.com/search?q=%s
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 74.55.63.27:58258
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
      R3 - URLSearchHook: Live-Foot Toolbar - {8f81d798-5b23-4832-abc3-a4f94b2f3d94} - C:\Program Files\Live-Foot\tbLive.dll
      R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
      F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe
      O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
      O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
      O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (file missing)
      O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
      O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
      O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O2 - BHO: Live-Foot Toolbar - {8f81d798-5b23-4832-abc3-a4f94b2f3d94} - C:\Program Files\Live-Foot\tbLive.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
      O2 - BHO: AIEBHO.SiteWatcherBHO - {d9d423dd-80d0-48d8-9e8c-43ae08cf1ed8} - mscoree.dll (file missing)
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
      O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
      O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 11\Applications\LEC IE Translation Extension.dll
      O3 - Toolbar: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll
      O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
      O4 - HKLM\..\Run: [Sys_Kl] C:\Archivos de Programa\Sys_Kl\sys_kl.exe 1
      O4 - HKLM\..\Run: [MAgent] C:\Program Files\Mail.Ru\Agent\MAgent.exe -LM
      O4 - HKLM\..\Run: [FBI] C:\Program Files\BPK\FBI.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\Run: [KillWatcher] C:\Program Files\KillSoft\KillWatcher\kwatch.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
      O4 - HKCU\..\Run: [GridinSoft Trojan Killer] "C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" 0
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-19\..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-19\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-19\..\RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-20\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - HKUS\.DEFAULT\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'Default user')
      O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O8 - Extra context menu item: &Dйfinition Encarta - http://fr.encarta.msn.com/encnet/features/dictionary/quickDictionary.htm
      O8 - Extra context menu item: &Tout tйlйcharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
      O8 - Extra context menu item: &Tйlйcharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
      O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Поиск@Mail.Ru - res://c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll/282
      O8 - Extra context menu item: Словари@Mail.Ru - res://c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll/283
      O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
      O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
      O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
      O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
      O9 - Extra button: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
      O9 - Extra 'Tools' menuitem: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
      O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
      O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\DOCUMENTS\DOCUMENTS AISULUU\ICQ6.5\ICQ.exe
      O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\DOCUMENTS\DOCUMENTS AISULUU\ICQ6.5\ICQ.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/russian/partner/rus/kavwebscan_unicode.cab
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) -
      O17 - HKLM\System\CCS\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
      O17 - HKLM\System\CS1\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
      O17 - HKLM\System\CS2\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
      O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O20 - AppInit_DLLs: C:\WINDOWS\system32\rserver30\newtstop.dll, C:\WINDOWS\system32\vksaver.dll
      O23 - Service: McAfee Application Installer Cleanup (0276901237425767) (0276901237425767mcinstcleanup) - Unknown owner - C:\DOCUME~1\Admin\LOCALS~1\Temp\027690~1.EXE (file missing)
      O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
      O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
      O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
      O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator 11\LogoMedia TranslateDotNet Server.exe
      O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
      O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
      O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
      O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe
      O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
      O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
      O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:\WINDOWS\System32\SCardSvr.exe
      O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
      O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
      O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
      O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
      O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe
      0
  2. gen-hackman
     
    ######## | XP _ Instal & recherche | #######

    Telecharge et install UsbFix (de C_XX & Chiquitine29)

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

    # Double clic sur le raccourci UsbFix présent sur ton bureau .

    # Choisi l option 1 ( Recherche )

    # Laisse travailler l outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra.

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    1
  3. Utilisateur anonyme
     
    voila le rapport USB::
    comment desinfecter maintenant?

    ############################## [ UsbFix V3.025 | Scan ]
    
    # User : Admin (&#1040;&#1076;&#1084;&#1080;&#1085;&#1080;&#1089;&#1090;&#1088;&#1072;&#1090;&#1086;&#1088;&#1099;) # CK2
    # Update on 22/05/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 15:02:09 | 25.05.2009
    
    # Intel(R) Pentium(R) Dual  CPU  T2370  @ 1.73GHz
    # Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 8.0.6001.18702
    # Windows Firewall Status : Enabled
    # AV : AntiVir Desktop 9.0.1.26 [ Enabled | Updated ]
    
    # C:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 48,84 Go (4,46 Go free) [WIN XP SP3] # NTFS
    # D:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 48,84 Go (22,02 Go free) [MULTIMEDIA] # NTFS
    # E:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 21,97 Go (1,55 Go free) [PROGRAM & GAMES] # NTFS
    # F:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 29,39 Go (19,03 Go free) [Win 7even] # NTFS
    # G:\ # &#1050;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;
    # H:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 981,72 Mo (328,94 Mo free) [AISULUU] # FAT
    # I:\ # &#1050;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;
    # J:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 1,95 Mo (1,42 Mo free) [AISULUU 2] # FAT
    # K:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 3,67 Go (144,84 Mo free) [CK7UP] # FAT32
    
    ############################## [ Processus actifs ]
    
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\TUProgSt.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    
    ################## [  Registre Startup ]
    
    HKCU_Main:   "Local Page"="C:\\WINDOWS\\SYSTEM32\\blank.htm" 
    HKCU_Main:   "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" 
    HKCU_Main:   "Start Page"="about:blank" 
    HKCU_Main:   "Window Title"="" 
    HKLM_logon:  "Userinit"="C:\\WINDOWS\\SYSTEM32\\Userinit.exe," 
    HKLM_logon:  "DefaultUserName"="Admin" 
    HKLM_logon:  "AltDefaultUserName"="Admin" 
    HKLM_Run:    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= 
    
    ################## [ Fichiers # Dossiers infectieux ]
    
    Found ! D:\update.exe  
    Found ! H:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini  
    Found ! J:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini  
    
    ################## [ Registre # Cl&#1081;s Run infectieuses ]
    
    Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe    
    
    ################## [ Registre # Mountpoints2 ]
    
    HKCU\...\Explorer\MountPoints2\{1e5de7ea-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
    HKCU\...\Explorer\MountPoints2\{1e5de7eb-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
    HKCU\...\Explorer\MountPoints2\{1e5de7ec-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
    HKCU\...\Explorer\MountPoints2\{1e5de7ed-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
    HKCU\...\Explorer\MountPoints2\{759f7b26-027b-11de-930e-001e334514d3}\Shell\AutoRun\Command  
    HKCU\...\Explorer\MountPoints2\{b3fe87b3-3099-11de-b463-001e334514d3}\Shell\AutoRun\Command  
    
    ################## [ Informations # Fichier Suspect ]
    
    
    ################## [ Cracks # Keygens # Serials ]
    
    # -> Nothing found !  
    
    ################## [ ! Fin du rapport # UsbFix V3.025 ! ] 
    
    
    1
  4. gen-hackman
     
    ######## | Suppression | ########

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

    # Double clic sur le raccourci UsbFix présent sur ton bureau

    # choisi l option 2 ( Suppression )

    # Ton bureau disparaitra et le pc redémarrera .

    # Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    ######### | Désinstallation | #######

    # Double clic sur le raccourci UsbFix présent sur ton bureau

    # Choisi l option Désinstaller ....
    1
    1. Utilisateur anonyme
       
      voila le resultat que faire maintenant ???


      ############################## [ UsbFix V3.025 | Cleaning ]
      
      # User : Admin (&#1040;&#1076;&#1084;&#1080;&#1085;&#1080;&#1089;&#1090;&#1088;&#1072;&#1090;&#1086;&#1088;&#1099;) # CK2
      # Update on 22/05/09 by Chiquitine29, C_XX & Chimay8
      # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
      # Start at: 16:32:56 | 25.05.2009
      
      # Intel(R) Pentium(R) Dual  CPU  T2370  @ 1.73GHz
      # Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
      # Internet Explorer 8.0.6001.18702
      # Windows Firewall Status : Enabled
      # AV : AntiVir Desktop 9.0.1.26 [ Enabled | Updated ]
      
      # C:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 48,84 Go (4,47 Go free) [WIN XP SP3] # NTFS
      # D:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 48,84 Go (22,02 Go free) [MULTIMEDIA] # NTFS
      # E:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 21,97 Go (1,55 Go free) [PROGRAM & GAMES] # NTFS
      # F:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 29,39 Go (19,03 Go free) [Win 7even] # NTFS
      # G:\ # &#1050;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;
      # H:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 981,72 Mo (328,94 Mo free) [AISULUU] # FAT
      # I:\ # &#1050;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;
      # J:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 1,95 Mo (1,42 Mo free) [AISULUU 2] # FAT
      # K:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 3,67 Go (144,84 Mo free) [CK7UP] # FAT32
      
      ############################## [ Processus actifs ]
      
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir Desktop\sched.exe
      C:\WINDOWS\system32\agrsmsvc.exe
      C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\WINDOWS\System32\TUProgSt.exe
      C:\WINDOWS\system32\wbem\wmiapsrv.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\WINDOWS\system32\wscntfy.exe
      C:\WINDOWS\SYSTEM32\Userinit.exe
      C:\WINDOWS\Explorer.EXE
      
      ################## [ Fichiers # Dossiers infectieux ]
      
      Deleted ! D:\update.exe    
      Deleted ! H:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini    
      Deleted ! J:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini    
      Deleted ! K:\autorun.inf    
      Deleted ! K:\start.exe    
      Deleted ! K:\recycler\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx    
      
      ################## [ Registre # Cl&#1081;s Run infectieuses ]
      
      Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe    
      
      ################## [ Registre # Mountpoints2 ]
      
      Deleted ! HKCU\...\Explorer\MountPoints2\{1e5de7ea-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
      Deleted ! HKCU\...\Explorer\MountPoints2\{1e5de7eb-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
      Deleted ! HKCU\...\Explorer\MountPoints2\{1e5de7ec-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
      Deleted ! HKCU\...\Explorer\MountPoints2\{1e5de7ed-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
      Deleted ! HKCU\...\Explorer\MountPoints2\{b3fe87b3-3099-11de-b463-001e334514d3}\Shell\AutoRun\Command  
      
      ################## [ Listing des fichiers pr&#1081;sent ]
      
      [25.05.2009 13:42|--a------|13472] - C:\Ad-Report-25.05.2009.log
      [24.02.2009 16:46|---------|0] - C:\AUTOEXEC.BAT
      [11.04.2009 19:25|---h-----|379] - C:\Boot.BAK
      [24.05.2009 14:42|-r-hs----|523] - C:\boot.ini
      [15.04.2008 15:00|-r-hs----|4952] - C:\Bootfont.bin
      [13.12.2008 10:03|-rahs----|377151] - C:\bootmgr
      [22.04.2009 03:13|-rahs----|8192] - C:\BOOTSECT.BAK
      [24.02.2009 16:46|---------|0] - C:\CONFIG.SYS
      [24.02.2009 17:17|---------|3218] - C:\instLog.txt
      [24.02.2009 16:46|-r-hs----|0] - C:\IO.SYS
      [08.12.1992 06:00|--a------|17728] - C:\LISEZMOI
      [08.12.1992 06:00|--a------|4895] - C:\LISEZMOI.COM
      [08.12.1992 06:00|--a------|12438] - C:\LISTEFIC.DOC
      [12.05.2009 15:03|--a------|0] - C:\Logfile.txt
      [24.02.2009 16:46|-r-hs----|0] - C:\MSDOS.SYS
      [15.04.2008 15:00|-r-hs----|47564] - C:\NTDETECT.COM
      [15.04.2008 15:00|-r-hs----|251152] - C:\ntldr
      [26.02.2009 10:11|---h-----|21] - C:\qpmd8378.bin
      [13.04.2009 07:19|--a------|959] - C:\rollback.ini
      [08.12.1992 06:00|--a------|23044] - C:\UNZIP.EXE
      [25.05.2009 16:34|--a------|4266] - C:\UsbFix.txt
      [21.04.2009 15:49|--a------|70] - D:\dual boot tuto.txt
      [21.04.2009 15:41|--a------|43584264] - D:\kavwks8.0.0.1015en.exe
      [05.02.2009 22:22|-rahs----|0] - D:\khs
      [?|?|?] - D:\pagefile.sys
      [21.04.2009 20:02|--a------|76705704] - D:\pavp2009cw7.exe
      [24.04.2009 13:34|--ahs----|32256] - D:\Thumbs.db
      [23.05.2009 08:51|--a------|188416] - D:\Vista-ShutdownTimer.exe
      [11.12.2006 13:56|--a------|180224] - D:\Vista-ShutdownTimer.exe.old
      [04.03.2009 12:56|--a------|22065576] - E:\ccm-2.0.7.exe
      [23.03.2009 08:27|--a------|102400] - E:\chromechannel-2.0.exe
      [28.04.2009 10:50|--a------|8810992] - E:\chrome_installer.exe
      [08.01.2009 18:06|--a------|15885067] - E:\digsby_setup.exe
      [19.03.2009 03:22|--a------|707080] - E:\FMZsetup.exe
      [19.03.2009 23:14|--a------|967928] - E:\Fraps 2.9.2 [Par Ratiatum.com].exe
      [19.03.2009 23:08|--a------|1444697] - E:\GAG 4.9 [Par Ratiatum.com].zip
      [19.03.2009 23:12|--a------|2085262] - E:\highgrow420[Par.Ratiatum.com].zip
      [05.02.2009 22:22|-rahs----|0] - E:\khs
      [17.01.2009 12:09|--a------|3639966] - E:\MusicMP3Get-2.0.1.2.Setup.exe
      [06.01.2009 22:54|--a------|2351003] - E:\notebook-hardware-control_notebook_hardware_control_v2.0_anglais_38491.zip
      [?|?|?] - E:\pagefile.sys
      [19.03.2009 22:45|--a------|13334000] - E:\RealPlayer11GOLD (1).exe
      [23.05.2009 08:58|--a------|1140701] - E:\rssomnifero.exe
      [09.05.2009 11:08|--a------|359935] - E:\SafeXP.zip
      [19.03.2009 23:02|--a------|11297508] - E:\Seven_Remix_XP_1_01_by_Niwradsoft.exe
      [30.03.2009 14:48|--a------|23552808] - E:\SkypeSetup.exe
      [19.03.2009 03:23|--a------|66531] - E:\vksaver-install.exe
      [09.05.2009 11:08|--a------|414745] - E:\xp-AntiSpy_setup-french.exe
      [15.10.2008 19:11|--a------|24] - F:\autoexec.bat
      [15.10.2008 19:11|--a------|10] - F:\config.sys
      [09.05.2009 07:25|--ahs----|797413376] - F:\hiberfil.sys
      [?|?|?] - F:\pagefile.sys
      [07.12.2008 17:46|--a------|1342] - H:\BOOTEX.LOG
      [10.04.2009 15:19|--a------|77] - H:\history.data
      [02.09.2008 11:03|--a------|46080] - H:\JavaLab2-PZ.doc
      [01.03.2009 15:56|--a------|540768256] - H:\ROSE_ENTERPRISE.iso
      [21.11.2008 17:52|--a------|126976] - H:\‡&#1118;_&#1074; § &#1031;&#1072; &#1028;&#1074;&#1025;&#1028;&#1025;.doc
      [15.04.2008 14:00|--a------|36222] - H:\README.HTM
      [15.04.2008 14:00|--a------|98665] - H:\SETUPXP.HTM
      [18.11.2006 12:22|--a------|64512] - H:\JavaLab5-PZ.doc
      [12.10.2008 13:26|--a------|19258] - H:\‹ &#1038;1.docx
      [05.10.2006 15:04|--a------|53248] - H:\JavaLab3-PZ.doc
      [12.10.2006 15:58|--a------|28672] - H:\JavaLab4-PZ.doc
      [02.09.2008 11:03|--a------|46080] - H:\JavaLab1-PZ.doc
      [21.11.2008 17:45|--a------|24064] - H:\Co¤&#1168;&#1072;¦ ­&#1025;&#1168;.doc
      [21.11.2008 17:37|--a------|24064] - H:\‘&#1031;&#1025;&#1073;®&#1028; «&#1025;&#1074;&#1168;&#1072; &#1074;&#1075;&#1072;&#1083;.doc
      [18.03.2009 13:02|--a------|197418] - H:\&#1039;&#1072;&#1025;¬&#1168;&#1072;(&#1026;&#1039;&#1033;‘&#1028;&#1075;&#1072;&#1073; &#1028; ).mdl
      [22.12.2008 13:22|--a------|508416] - H:\&#1033;&#1075;&#1072;&#1073; &#1028; &#1119;&#1033;€&#1034;“&#1033;!.doc
      [11.03.2009 13:12|--a------|183973] - H:\&#1039;&#1072;&#1025;¬&#1168;&#1072;(&#1026;&#1039;&#1033;‘&#1028;&#1075;&#1072;&#1073; &#1028; ).md~
      [16.02.2009 10:59|--a------|119808] - H:\&#1106;&#1107;&#1106;_&#1033;&#1034;-507.doc
      [18.03.2009 21:52|--a------|1912] - H:\Metelab.RAR
      [25.03.2009 12:53|--a------|179010] - H:\&#1039;&#1072;&#1025;¬&#1168;&#1072;(&#1026;&#1039;&#1033;‘ &#1073;&#1074;&#1075;¤&#1168;­&#1074;).md~.mdl
      [25.03.2009 12:48|--a------|179010] - H:\&#1039;&#1072;&#1025;¬&#1168;&#1072;(&#1026;&#1039;&#1033;‘ &#1073;&#1074;&#1075;¤&#1168;­&#1074;).md~.md~
      [09.05.2009 10:00|--a------|154112] - H:\&#1034; &#1072;&#1028;&#1168;&#1074;&#1025;­&#1032;.doc referat.doc
      [12.10.2008 13:26|--a------|19258] - H:\‹ &#1038;1 - &#1028;®&#1031;&#1025;&#1087;.docx
      [22.04.2009 19:45|--a------|372736] - J:\”&#1072; &#1032;¬&#1168;­&#1074;.shs
      [25.02.2009 23:37|--a------|41] - J:\pmp_usb.ini
      [03.12.2008 21:14|--a------|26112] - J:\524354.doc
      [18.11.2008 20:23|--a------|109568] - J:\laba 3.doc
      [25.02.2009 23:37|-r-h-----|474] - J:\winamp_cache_0001.xml
      [22.05.2009 13:58|--a------|1377] - K:\start.ini
      [08.07.2008 20:19|--a------|23708] - K:\Licence-fr.txt
      
      ################## [ Vaccination ]
      
      # C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
      # D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
      # E:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
      # F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
      # H:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
      # J:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
      # K:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
      
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. gen-hackman
     
    salut tu as essayé en désinstallant hide my IP ?
    0
    1. Utilisateur anonyme
       
      salut et merci de ta reponse mais oui je l'ai deja desinstale et meme supprime de la base de registre
      0
  7. gen-hackman
     
    ok

    Salut,

    commences par ceci pour voir ce qu'il en est,avoir un diagnostic précis et donc repérer les infections possibles et les neutraliser:

    Télécharges et installes le logiciel de diagnostic :

    ici Hijackthis
    ou ici Hijackthis
    ou ici Hijackthis

    1- Cliques sur le setup pour lancer l'installe : laisses toi guider et ne modifies pas les paramètres d'installation .
    A la fin de l'installe , le prg ce lance automatiquement : fermes le en cliquant sur la croix rouge .
    Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
    "C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .

    tuto pour utilisation :(merci balltrap34)
    Regardes ici, c'est parfaitement expliqué en images ,

    2- !! Déconnectes toi et fermes toute tes applications en cours !!

    Cliques sur le raccourci du bureau pour lancer le prg :

    S'il ne se lance pas clique ici

    fais un scan HijackThis en cliquant sur : "Do a system scan and save a logfile"

    --->copies-colles le rapport généré pour analyse
    0
    1. Utilisateur anonyme
       
      ok je le fais tous de suite je te donne le resultat dans 10min
      0
  8. gen-hackman
     
    ok ca te derangerait de modifier ta signature et la reduire à ceci ? :(par exemple)

    La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE
    0
  9. Utilisateur anonyme
     
    voila le resultat du scanne!! !

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:58:59, on 25.05.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files\Common Files\NMSAccessU.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://secure.tagged.com/index.html?r=%2Fhome.html&logged_out
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://searchbox.digsby.com/search?q=%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 74.55.63.27:58258
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    R3 - URLSearchHook: Live-Foot Toolbar - {8f81d798-5b23-4832-abc3-a4f94b2f3d94} - C:\Program Files\Live-Foot\tbLive.dll
    R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe
    O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
    O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
    O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: &#1057;&#1087;&#1091;&#1090;&#1085;&#1080;&#1082;@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll
    O2 - BHO: Live-Foot Toolbar - {8f81d798-5b23-4832-abc3-a4f94b2f3d94} - C:\Program Files\Live-Foot\tbLive.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: AIEBHO.SiteWatcherBHO - {d9d423dd-80d0-48d8-9e8c-43ae08cf1ed8} - mscoree.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
    O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 11\Applications\LEC IE Translation Extension.dll
    O3 - Toolbar: &#1057;&#1087;&#1091;&#1090;&#1085;&#1080;&#1082;@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll
    O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [Sys_Kl] C:\Archivos de Programa\Sys_Kl\sys_kl.exe 1
    O4 - HKLM\..\Run: [MAgent] C:\Program Files\Mail.Ru\Agent\MAgent.exe -LM
    O4 - HKLM\..\Run: [FBI] C:\Program Files\BPK\FBI.exe
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4248] command /c del "C:\Documents and Settings\Admin\&#1043;&#1083;&#1072;&#1074;&#1085;&#1086;&#1077; &#1084;&#1077;&#1085;&#1102;\&#1055;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1099;\BlazingTools Perfect Keylogger\Order now!.lnk"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7454] cmd /c del "C:\Documents and Settings\Admin\&#1043;&#1083;&#1072;&#1074;&#1085;&#1086;&#1077; &#1084;&#1077;&#1085;&#1102;\&#1055;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1099;\BlazingTools Perfect Keylogger\Order now!.lnk"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA2065] command /c del "C:\Documents and Settings\Admin\&#1043;&#1083;&#1072;&#1074;&#1085;&#1086;&#1077; &#1084;&#1077;&#1085;&#1102;\&#1055;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1099;\BlazingTools Perfect Keylogger\Perfect Keylogger Help.lnk"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC64] cmd /c del "C:\Documents and Settings\Admin\&#1043;&#1083;&#1072;&#1074;&#1085;&#1086;&#1077; &#1084;&#1077;&#1085;&#1102;\&#1055;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1099;\BlazingTools Perfect Keylogger\Perfect Keylogger Help.lnk"
    O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [KillWatcher] C:\Program Files\KillSoft\KillWatcher\kwatch.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [GridinSoft Trojan Killer] "C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" 0
    O4 - HKCU\..\RunOnce: [SpybotDeletingB3635] command /c del "C:\Documents and Settings\Admin\&#1043;&#1083;&#1072;&#1074;&#1085;&#1086;&#1077; &#1084;&#1077;&#1085;&#1102;\&#1055;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1099;\BlazingTools Perfect Keylogger\Order now!.lnk"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6649] cmd /c del "C:\Documents and Settings\Admin\&#1043;&#1083;&#1072;&#1074;&#1085;&#1086;&#1077; &#1084;&#1077;&#1085;&#1102;\&#1055;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1099;\BlazingTools Perfect Keylogger\Order now!.lnk"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB9662] command /c del "C:\Documents and Settings\Admin\&#1043;&#1083;&#1072;&#1074;&#1085;&#1086;&#1077; &#1084;&#1077;&#1085;&#1102;\&#1055;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1099;\BlazingTools Perfect Keylogger\Perfect Keylogger Help.lnk"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD8442] cmd /c del "C:\Documents and Settings\Admin\&#1043;&#1083;&#1072;&#1074;&#1085;&#1086;&#1077; &#1084;&#1077;&#1085;&#1102;\&#1055;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1099;\BlazingTools Perfect Keylogger\Perfect Keylogger Help.lnk"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &D&#1081;finition Encarta - http://fr.encarta.msn.com/encnet/features/dictionary/quickDictionary.htm
    O8 - Extra context menu item: &Tout t&#1081;l&#1081;charger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &T&#1081;l&#1081;charger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: &&#1069;&#1082;&#1089;&#1087;&#1086;&#1088;&#1090; &#1074; Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: &#1055;&#1086;&#1080;&#1089;&#1082;@Mail.Ru - res://c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll/282
    O8 - Extra context menu item: &#1057;&#1083;&#1086;&#1074;&#1072;&#1088;&#1080;@Mail.Ru - res://c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll/283
    O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
    O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
    O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
    O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
    O9 - Extra button: Mail.Ru &#1040;&#1075;&#1077;&#1085;&#1090; - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
    O9 - Extra 'Tools' menuitem: Mail.Ru &#1040;&#1075;&#1077;&#1085;&#1090; - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: &#1057;&#1087;&#1088;&#1072;&#1074;&#1086;&#1095;&#1085;&#1099;&#1077; &#1084;&#1072;&#1090;&#1077;&#1088;&#1080;&#1072;&#1083;&#1099; - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\DOCUMENTS\DOCUMENTS  AISULUU\ICQ6.5\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\DOCUMENTS\DOCUMENTS  AISULUU\ICQ6.5\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/russian/partner/rus/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) - 
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CS1\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CS2\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\WINDOWS\system32\rserver30\newtstop.dll, C:\WINDOWS\system32\vksaver.dll
    O23 - Service: McAfee Application Installer Cleanup (0276901237425767) (0276901237425767mcinstcleanup) - Unknown owner - C:\DOCUME~1\Admin\LOCALS~1\Temp\027690~1.EXE (file missing)
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: &#1046;&#1091;&#1088;&#1085;&#1072;&#1083; &#1089;&#1086;&#1073;&#1099;&#1090;&#1080;&#1081; (Eventlog) - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090; - C:\WINDOWS\system32\services.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
    O23 - Service: &#1057;&#1083;&#1091;&#1078;&#1073;&#1072; COM &#1079;&#1072;&#1087;&#1080;&#1089;&#1080; &#1082;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;&#1086;&#1074; IMAPI (ImapiService) - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090; - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator 11\LogoMedia TranslateDotNet Server.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: Plug and Play (PlugPlay) - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090; - C:\WINDOWS\system32\services.exe
    O23 - Service: &#1057;&#1084;&#1072;&#1088;&#1090;-&#1082;&#1072;&#1088;&#1090;&#1099; (SCardSvr) - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090; - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: &#1046;&#1091;&#1088;&#1085;&#1072;&#1083;&#1099; &#1080; &#1086;&#1087;&#1086;&#1074;&#1077;&#1097;&#1077;&#1085;&#1080;&#1103; &#1087;&#1088;&#1086;&#1080;&#1079;&#1074;&#1086;&#1076;&#1080;&#1090;&#1077;&#1083;&#1100;&#1085;&#1086;&#1089;&#1090;&#1080; (SysmonLog) - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090; - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
    O23 - Service: &#1058;&#1077;&#1085;&#1077;&#1074;&#1086;&#1077; &#1082;&#1086;&#1087;&#1080;&#1088;&#1086;&#1074;&#1072;&#1085;&#1080;&#1077; &#1090;&#1086;&#1084;&#1072; (VSS) - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090; - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: &#1040;&#1076;&#1072;&#1087;&#1090;&#1077;&#1088; &#1087;&#1088;&#1086;&#1080;&#1079;&#1074;&#1086;&#1076;&#1080;&#1090;&#1077;&#1083;&#1100;&#1085;&#1086;&#1089;&#1090;&#1080; WMI (WmiApSrv) - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090; - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    
    --
    End of file - 16755 bytes
    
    0
  10. gen-hackman
     
    Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    ! Déconnecte toi et ferme toutes applications en cours !

    Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

    Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    Au menu principal choisis l'option "L" et tape sur [entrée] .

    Laisse travailler l'outil et ne touche à rien ...

    --> Poste le rapport qui apparait à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    Aides en images (Installation)
    Aides en images (Recherche)
    0
  11. Utilisateur anonyme
     
    ok merci reponse dans 10 min
    0
  12. gen-hackman
     
    si tu n as pas encore eu le temps d'executer ad-remover :

    Désactiver le TeaTimer de Spybot (Merci à Nico):

    Pour désactiver le TeaTimer :
    => Ouvrir Spybot S&D
    => Dans le menu "Mode", séléctionner le mode avancé.
    => Une fenêtre demande confirmation cliquer sur "oui".
    => Une fois le mode avancé actif, ouvrir l'onglet "Outils".
    => Cliquer sur Résident.
    => La partie Résident comporte deux lignes qui sont normalement cochées :
    *Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.

    * Résident "TeaTimer" (Protection des réglages système fondamentaux) actif.

    => Décocher la ligne TeaTimer.
    => Redémarrer Spybot (le fermer et le réouvrir)
    => Retourner dans le menu Résident et vérifier qu'il soit bien désactivé.
    0
    1. Utilisateur anonyme
       
      voila le scan AD-remover

      ------- RAPPORT D'AD-REMOVER 1.1.4.3 | UNIQUEMENT XP/VISTA -------
      
      Mit &#1072; jour part C_XX le 24/05/2009 &#1072; 15:20
      Contact: AdRemover.contact@gmail.com
      Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
      
      Lanc&#1081; &#1072;: 13:21:19, 25.05.2009 | Mode Normal
      Ex&#1081;cut&#1081; de: C:\Program Files\Ad-remover\
      Syst&#1080;me d'exploitation: Microsoft® Windows XP™  Service Pack 3 ?????? 5.1.2600
      Nom du PC: CK2
      Utilisateur actuel: Admin - Administrator
      
      .
      ============== &#1049;L&#1049;MENT(S) NEUTRALIS&#1049;(S) ==============
      .
      .
      HKCR\SearchSettings.BHO
      HKCR\SearchSettings.BHO.1
      HKCU\Software\AppDataLow\software\Dealio
      HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
      HKLM\Software\Dealio
      HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
      HKLM\Software\Search Settings
      HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
      .
      C:\Documents and Settings\Admin\Application Data\Dealio\res 
      C:\Documents and Settings\Admin\Application Data\Dealio\temp 
      C:\Documents and Settings\Admin\Application Data\Dealio\res\widgets.xml 
      C:\Documents and Settings\Admin\Application Data\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml 
      C:\Documents and Settings\Admin\Application Data\Dealio 
      C:\Documents and Settings\Admin\Application Data\Search Settings\kb128 
      C:\Documents and Settings\Admin\Application Data\Search Settings\kb128\temp 
      C:\Documents and Settings\Admin\Application Data\Search Settings\kb128\temp\ws-14385.log 
      C:\Documents and Settings\Admin\Application Data\Search Settings\kb128\temp\ws-14388.log 
      C:\Documents and Settings\Admin\Application Data\Search Settings 
      C:\Program Files\Dealio Toolbar\config.ini 
      C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll 
      C:\Program Files\Dealio Toolbar\Res 
      C:\Program Files\Dealio Toolbar\SearchSettingsKit.exe 
      C:\Program Files\Dealio Toolbar\WidgiHelper.exe 
      C:\Program Files\Dealio Toolbar\Res\amazon.gif 
      C:\Program Files\Dealio Toolbar\Res\apple.gif 
      C:\Program Files\Dealio Toolbar\Res\barnes.gif 
      C:\Program Files\Dealio Toolbar\Res\bestbuy.gif 
      C:\Program Files\Dealio Toolbar\Res\dealio_logo.gif 
      C:\Program Files\Dealio Toolbar\Res\dealio_logo_hover.gif 
      C:\Program Files\Dealio Toolbar\Res\ebay.gif 
      C:\Program Files\Dealio Toolbar\Res\icon_settings.gif 
      C:\Program Files\Dealio Toolbar\Res\macys.gif 
      C:\Program Files\Dealio Toolbar\Res\newegg.gif 
      C:\Program Files\Dealio Toolbar\Res\overstock.gif 
      C:\Program Files\Dealio Toolbar\Res\search-button-hover.gif 
      C:\Program Files\Dealio Toolbar\Res\search-button.gif 
      C:\Program Files\Dealio Toolbar\Res\search-chevron-hover.gif 
      C:\Program Files\Dealio Toolbar\Res\search-chevron.gif 
      C:\Program Files\Dealio Toolbar\Res\search_amazon.gif 
      C:\Program Files\Dealio Toolbar\Res\search_dealio.gif 
      C:\Program Files\Dealio Toolbar\Res\search_ebay.gif 
      C:\Program Files\Dealio Toolbar\Res\search_yahoo.gif 
      C:\Program Files\Dealio Toolbar\Res\separator.gif 
      C:\Program Files\Dealio Toolbar\Res\target.gif 
      C:\Program Files\Dealio Toolbar\Res\walmart.gif 
      C:\Program Files\Dealio Toolbar\Res\widgets.xml 
      C:\Program Files\Dealio Toolbar 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\chrome.manifest 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\install.rdf 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\SKIN 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\DStringsUtils.js 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.properties 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFBHOSearch.xpt 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFBHOSearchHelperEngine.xpt 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFHelperPreferences.xpt 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll 
      C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome.manifest 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\install.rdf 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\chevron.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\chevron.xul 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\login.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\login.xul 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\parser.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\RssTickerWidget.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\searchbox.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\searchbox.xul 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgichevron.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgicomm.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgihandling.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgilisteners.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgitoolbarplugin.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgitoolbarplugin.xul 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgiui.js 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US\searchbox.dtd 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US\widgitoolbarplugin.dtd 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US\widgitoolbarplugin.properties 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US\yahoo-search.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\amazon.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\apple.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\barnes.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\bestbuy.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\chevron.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\dealio_logo.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\dealio_logo_hover.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\ebay.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\icon_settings.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\macys.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\newegg.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\overstock.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search-button-hover.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search-button.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search-chevron-hover.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search-chevron.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\searchbox.css 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search_amazon.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search_dealio.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search_ebay.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search_yahoo.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\separator.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\target.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\walmart.gif 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\widgitoolbarplugin.css 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\config.ini 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\IFBHOHelperWidgiToolbar.xpt 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\IFBHOWidgiToolbar.xpt 
      C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} 
      C:\Program Files\Search Settings\kb128 
      C:\Program Files\Search Settings\SearchSettings.exe 
      C:\Program Files\Search Settings\kb128\res 
      C:\Program Files\Search Settings\kb128\SearchSettings.dll 
      C:\Program Files\Search Settings\kb128\SearchSettingsRes409.dll 
      C:\Program Files\Search Settings\kb128\temp 
      C:\Program Files\Search Settings 
      C:\WINDOWS\Installer\48e88.msi 
      C:\WINDOWS\Installer\48e91.msi 
      
      (!) -- Fichiers temporaires supprim&#1081;s.
      
      .
      +-----------------| Scan additionnel:
      .
      
      ---- Mozilla FireFox Version 3.0.10 ----
      
      Nom du profil: ozg1yzim.default (Admin)
      .
      (Prefs.js) user_pref("browser.search.defaultenginename", "ICQ Search"); 
      (Prefs.js) user_pref("browser.search.selectedEngine", "Google"); 
      (Prefs.js) user_pref("browser.search.defaulturl", "hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc7&p="); 
      (Prefs.js) user_pref("browser.startup.homepage", "google.fr"); 
      (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10"); 
      .
      . 
      
      ---- Internet Explorer Version 8.0.6001.18702 ----
      
      [HKEY_CURRENT_USER\..\Internet Explorer\Main]
      
      Default_Page_URL: hxxp://www.microsoft.com
      Search bar: hxxp://www.google.com/ie
      Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Start Page: hxxp:blank
      
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
      
      Default_Page_URL: hxxp://www.microsoft.com
      Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
      Search bar: hxxp://search.msn.com/spbasic.htm
      Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Start Page: hxxp://fr.msn.com/
      
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
      
         Tabs: res://ieframe.dll/tabswelcome.htm
      
      =========== Suspect (Cracks, Serials ... ) ==========
      
      .
      
      +---------------------------------------------------------------------------+
      
      13251 Octet(s) - C:\Ad-Report-25.05.2009.log
      
      18 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
      46 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
      
      Fin &#1072;: 13:42:52 | 25.05.2009
      .
      +-----------------| E.O.F
      .
      
      0
  13. Utilisateur anonyme
     
    et voila le scanne info.txt :

    info.txt logfile of random's system information tool 1.06 2009-05-25 13:58:05
    
    ======Uninstall list======
    
    -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
    Adobe Shockwave Player 11.5-->C:\WINDOWS\system32\Adobe\uninstaller.exe
    Ad-remover-->C:\Program Files\Ad-remover\Uninstall ADR.exe
    AIDA32 v3.93-->"C:\Program Files\AIDA32 - Enterprise System Information\unins000.exe"
    AIMP2-->C:\Program Files\AIMP2\uninst.exe
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Assist TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c 
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x9  -removeonly
    AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    Avira RootKit Detection-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FD25FCD-6F39-4686-AFBB-7056EBAE5E68}\setup.exe" -l0x9 
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0019
    CamStudio-->C:\Program Files\CamStudio\uninstall.exe
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
    CDClose-->C:\WINDOWS\system32\ShellExt\CDClosedel.bat
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    CommentCaMarche 2.0.7-->"C:\Program Files\CommentCaMarche\unins000.exe"
    Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
    Dico-clic MSN Encarta-->MsiExec.exe /I{D632745C-D15E-4F2B-B2F0-F0C542302417}
    Digsby-->C:\Program Files\Digsby\uninstall.exe
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Easy Gif Animator-->C:\Program Files\Easy Gif Animator\Uninstall.exe
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    FastStone Image Viewer 3.5-->"C:\Program Files\FSImgViewer\unins000.exe"
    FlashGet 1.8.6.1008-->C:\Program Files\FlashGet\uninst.exe
    FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
    Free Music Zilla-->"C:\Program Files\Free Music Zilla\unins000.exe"
    Freez FLV to MP3 Converter-->"C:\Program Files\Smallvideosoft\Freez FLV to MP3 Converter\unins000.exe"
    Gamingaccess Community Patch 2.5 - Full Version 2.5-->D:\games\KONAMI\PES2009\Uninstall-GCP.exe
    Glary Utilities Pro 2.4-->"C:\Program Files\Glary Utilities\unins000.exe"
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Google &#1055;&#1083;&#1072;&#1085;&#1077;&#1090;&#1072; &#1047;&#1077;&#1084;&#1083;&#1103;-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    HashTab 2.1.0-->C:\WINDOWS\system32\ShellExt\htdel32.bat
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
    ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
    ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
    IE7Pro-->C:\Program Files\IEPro\uninst.exe
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
    IpTv Player-->MsiExec.exe /I{946C4D10-23F7-4A24-A959-7CE31D81D6AF}
    iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
    Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
    K-Lite Mega Codec Pack 1.65-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    LEC Translate-->MsiExec.exe /X{0C123C63-84FD-4D13-96E7-EEB5C11893F2}
    Live-Foot Toolbar-->C:\PROGRA~1\LIVE-F~1\UNWISE.EXE   /U C:\PROGRA~1\LIVE-F~1\INSTALL.LOG  
    LMSOFT Web Creator Pro 4-->C:\PROGRA~1\LMSOFT~1\UNWISE.EXE C:\PROGRA~1\LMSOFT~1\INSTALL.LOG
    Ma-Config.com-->MsiExec.exe /X{E780E536-16CE-4CD1-8FE0-2D5E52FAA65B}
    Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
    Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
    Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
    Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
    Mail.Ru &#1040;&#1075;&#1077;&#1085;&#1090; 5.4 (&#1089;&#1073;&#1086;&#1088;&#1082;&#1072; 2647, &#1076;&#1083;&#1103; &#1074;&#1089;&#1077;&#1093; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1077;&#1081;)-->C:\Program Files\Mail.Ru\Agent\magentsetup.exe -uninstalllm
    Mail.Ru &#1057;&#1087;&#1091;&#1090;&#1085;&#1080;&#1082; 2.0.1.90-->c:\program files\mail.ru\sputnik\SputnikInstaller.exe  -uninstall
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe"
    McAfee SiteAdvisor-->C:\Program Files\McAfee\SiteAdvisor\Uninstall.exe
    Microsoft .NET Framework 1.1 Russian Language Pack-->MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
    Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
    Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
    Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
    Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
    Microsoft Office - &#1087;&#1088;&#1086;&#1092;&#1077;&#1089;&#1089;&#1080;&#1086;&#1085;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1074;&#1099;&#1087;&#1091;&#1089;&#1082; &#1074;&#1077;&#1088;&#1089;&#1080;&#1080; 2003-->MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Visio Professional 2003-->MsiExec.exe /I{90510409-6000-11D3-8CFE-0150048383C9}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2008 Express Edition - FRA-->MsiExec.exe /X{15473D70-D791-3B5E-B174-2FD19EC0D017}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Express - Fran&#1079;ais-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual C++ 2008 Express Edition - FRA\setup.exe
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
    Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
    Mindjet MindManager Pro 7-->MsiExec.exe /I{BEA0F6C2-EC26-4366-90AE-D5E4CE7FD5EB}
    MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
    Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
    Mozilla ActiveX Control 1.9.0.5-->"C:\Program Files\Mozilla ActiveX Control 1.9.0.5\unins000.exe"
    Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (2.0.0.21)-->H:\Apps\PortableThunderbird\App\thunderbird\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6.0 Parser-->MsiExec.exe /I{8E719AE4-286B-4F01-8DA1-6270B0BF819D}
    Music MP3 Get-->"C:\Program Files\MusicMP3Get\uninst.exe"
    Notebook Hardware Control 2.0 Pre-Release-06-->C:\Program Files\Notebook Hardware Control\uninst.exe
    Notepad Pro v1.4-->C:\Program Files\Notepad Pro\unInstall.exe
    Notepad++-->C:\Program Files\Notepad++\uninstall.exe
    Numedia CD-DVD writing as non-admin user-->MsiExec.exe /X{94056AE8-EF0F-45E4-A1B4-D754115F8A28}
    Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
    Outil de t&#1081;l&#1081;chargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PCDJ Red-->C:\PROGRA~1\VISIOS~1\PCDJRE~1\UNWISE.EXE C:\PROGRA~1\VISIOS~1\PCDJRE~1\INSTALL.LOG
    PDF-XChange 3.0-->"C:\Program Files\Mindjet\MindManager 7\PDF-XChange\unins000.exe"
    Photoshine 2.0-->"C:\Program Files\Photoshine\unins000.exe"
    Pixie 2.0-->"C:\Program Files\Pixie2\Uninstal.exe"
    Power Data Recovery 4.1.1-->C:\Program Files\Power Data Recovery\Uninstall.exe
    PowerGramo Professional-->C:\Program Files\Monsters\PowerGramo\Uninstall.exe
    Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x19  -removeonly
    REALTEK RTL8187B Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}\Install.exe -uninst -l0x19
    Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9  -removeonly
    RS Somn&#1085;fero-->"C:\Program Files\Rico Software\RS Somn&#1085;fero\desinstalar.exe"
    Safari-->MsiExec.exe /I{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Seven Remix XP 1.0.1-->C:\WINDOWS\NiwradSoft Shell Pack\uninst.exe
    Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
    Snagit 9.1-->MsiExec.exe /I{0E6ED660-498C-42F7-9EF4-FB0C96DFC01A}
    Spider-Man 2-->D:\games\d\UNWISE.EXE D:\games\d\INSTALL.LOG
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    StrongDC++-->"C:\Program Files\StrongDC++\unins000.exe"
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    The Best KeyLogger-->MsiExec.exe /I{35CC7AF2-E546-41F3-A214-D1F3AA549940}
    The Sims 2 - Sims 2 Bon Voyage-->"D:\games\The Sims 2 - Sims 2 Bon Voyage\unins000.exe"
    TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
    TOSHIBA Power Saver-->C:\Program Files\InstallShield Installation Information\{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}\setup.exe -runfromtemp -l0x0019 -uninst -removeonly
    TOSHIBA Software Modem-->Tosmreg -U
    Total Commander 7.04 PowerPack-->"C:\Program Files\Total Commander\uninstall.exe"
    Trojan Killer 2.0-->"C:\Program Files\GridinSoft Trojan Killer\unins000.exe"
    TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
    TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
    Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
    USB Disk Security 5.0.0.85-->"C:\Program Files\USB Disk Security\unins000.exe"
    USB Safely Remove 3.3-->"C:\Program Files\USB Safely Remove\unins000.exe"
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VDownloader  0.81-->"C:\Program Files\VDOWNLOADER\unins000.exe"
    VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vista Drive Icon-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\VistaDrv.inf,Uninstall
    Vista Games 1.3 XP-->C:\Program Files\Vista Games\Freecell\uninst.exe
    VKSaver-->"C:\Program Files\VKSaver\uninstall.exe"
    VSO Image Resizer 1.1.16-->"C:\Program Files\VSO\Image Resizer\unins000.exe"
    Wandering IPs-->"C:\Program Files\Wandering IPs\uninstall.exe"
    WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe"
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Player 9 Series TweakMP PowerToy-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tweakmp.inf,DefaultUninstall
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows Presentation Foundation Language Pack (RUS)-->MsiExec.exe /X{D83A3DFC-8528-4E31-93DC-0A41C477109C}
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Rights Management Client Backwards Compatibility SP2-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
    Windows Rights Management Client with Service Pack 2-->MsiExec.exe /X{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    XnView Shell Extension 2.6.0-->"C:\Program Files\XnView\ShellEx\unins000.exe"
    xp-AntiSpy 3.97-2-->C:\Program Files\xp-AntiSpy\Uninstall.exe
    Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~2.DLL
    Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
    Yahoo! Mail Advisor-->C:\PROGRA~1\Yahoo!\Common\UNINST~1.EXE
    Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
    Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    &#1040;&#1088;&#1093;&#1080;&#1074;&#1072;&#1090;&#1086;&#1088; WinRAR (&#1090;&#1086;&#1083;&#1100;&#1082;&#1086; &#1091;&#1076;&#1072;&#1083;&#1077;&#1085;&#1080;&#1077;)-->C:\Program Files\WinRAR\uninstall.exe
    &#1044;&#1086;&#1087;&#1086;&#1083;&#1085;&#1080;&#1090;&#1077;&#1083;&#1100;&#1085;&#1099;&#1077; &#1072;&#1087;&#1087;&#1083;&#1077;&#1090;&#1099;-->"C:\WINDOWS\system32\CPLDAPU\unins000.exe"
    &#1054;&#1073;&#1085;&#1086;&#1074;&#1083;&#1077;&#1085;&#1080;&#1077; &#1073;&#1077;&#1079;&#1086;&#1087;&#1072;&#1089;&#1085;&#1086;&#1089;&#1090;&#1080; &#1076;&#1083;&#1103; Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    &#1054;&#1073;&#1085;&#1086;&#1074;&#1083;&#1077;&#1085;&#1080;&#1077; &#1073;&#1077;&#1079;&#1086;&#1087;&#1072;&#1089;&#1085;&#1086;&#1089;&#1090;&#1080; &#1076;&#1083;&#1103; Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    &#1054;&#1073;&#1085;&#1086;&#1074;&#1083;&#1077;&#1085;&#1080;&#1077; &#1073;&#1077;&#1079;&#1086;&#1087;&#1072;&#1089;&#1085;&#1086;&#1089;&#1090;&#1080; &#1076;&#1083;&#1103; Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    &#1054;&#1073;&#1085;&#1086;&#1074;&#1083;&#1077;&#1085;&#1080;&#1077; &#1076;&#1083;&#1103; Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
    &#1055;&#1072;&#1082;&#1077;&#1090; &#1086;&#1073;&#1077;&#1089;&#1087;&#1077;&#1095;&#1077;&#1085;&#1080;&#1103; &#1089;&#1086;&#1074;&#1084;&#1077;&#1089;&#1090;&#1080;&#1084;&#1086;&#1089;&#1090;&#1080; &#1076;&#1083;&#1103; &#1074;&#1099;&#1087;&#1091;&#1089;&#1082;&#1072; 2007 &#1089;&#1080;&#1089;&#1090;&#1077;&#1084;&#1099; Microsoft Office-->MsiExec.exe /X{90120000-0020-0419-0000-0000000FF1CE}
    
    ======Hosts File======
    
    127.0.0.1	www.007guard.com
    127.0.0.1	007guard.com
    127.0.0.1	008i.com
    127.0.0.1	www.008k.com
    127.0.0.1	008k.com
    127.0.0.1	www.00hq.com
    127.0.0.1	00hq.com
    127.0.0.1	010402.com
    127.0.0.1	www.032439.com
    127.0.0.1	032439.com
    
    ======Security center information======
    
    AV: AntiVir Desktop
    
    ======System event log======
    
    Computer Name: CK2
    Event Code: 10005
    Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
    &#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
    {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    
    Record Number: 16120
    Source Name: DCOM
    Time Written: 20090510210639.000000+180
    Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
    User: CK2\Admin
    
    Computer Name: CK2
    Event Code: 10005
    Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
    &#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
    {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    
    Record Number: 16119
    Source Name: DCOM
    Time Written: 20090510210638.000000+180
    Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
    User: CK2\Admin
    
    Computer Name: CK2
    Event Code: 10005
    Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
    &#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
    {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    
    Record Number: 16118
    Source Name: DCOM
    Time Written: 20090510210635.000000+180
    Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
    User: CK2\Admin
    
    Computer Name: CK2
    Event Code: 10005
    Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
    &#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
    {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    
    Record Number: 16117
    Source Name: DCOM
    Time Written: 20090510210633.000000+180
    Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
    User: CK2\Admin
    
    Computer Name: CK2
    Event Code: 10005
    Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
    &#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
    {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    
    Record Number: 16116
    Source Name: DCOM
    Time Written: 20090510210630.000000+180
    Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
    User: CK2\Admin
    
    =====Application event log=====
    
    Computer Name: VORTEX
    Event Code: 1800
    Message: &#1057;&#1083;&#1091;&#1078;&#1073;&#1072; &#1094;&#1077;&#1085;&#1090;&#1088;&#1072; &#1086;&#1073;&#1077;&#1089;&#1087;&#1077;&#1095;&#1077;&#1085;&#1080;&#1103; &#1073;&#1077;&#1079;&#1086;&#1087;&#1072;&#1089;&#1085;&#1086;&#1089;&#1090;&#1080; Windows &#1079;&#1072;&#1087;&#1091;&#1097;&#1077;&#1085;&#1072;.
    
    Record Number: 762
    Source Name: SecurityCenter
    Time Written: 20090307122042.000000+120
    Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
    User: 
    
    Computer Name: VORTEX
    Event Code: 0
    Message: 
    Record Number: 761
    Source Name: PTsup5
    Time Written: 20090307122042.000000+120
    Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
    User: 
    
    Computer Name: VORTEX
    Event Code: 1
    Message: 
    Record Number: 760
    Source Name: Bonjour Service
    Time Written: 20090307122042.000000+120
    Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
    User: 
    
    Computer Name: VORTEX
    Event Code: 0
    Message: 
    Record Number: 759
    Source Name: PTsup5
    Time Written: 20090307122042.000000+120
    Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
    User: 
    
    Computer Name: VORTEX
    Event Code: 1002
    Message: &#1054;&#1073;&#1086;&#1083;&#1086;&#1095;&#1082;&#1072; &#1085;&#1077;&#1086;&#1078;&#1080;&#1076;&#1072;&#1085;&#1085;&#1086; &#1079;&#1072;&#1074;&#1077;&#1088;&#1096;&#1080;&#1083;&#1072; &#1088;&#1072;&#1073;&#1086;&#1090;&#1091;, &#1080; &#1087;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1072; "Explorer.exe" &#1073;&#1099;&#1083;&#1072; &#1087;&#1077;&#1088;&#1077;&#1079;&#1072;&#1087;&#1091;&#1097;&#1077;&#1085;&#1072;.
    
    Record Number: 758
    Source Name: Winlogon
    Time Written: 20090307105720.000000+120
    Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
    User: 
    
    ======Environment variables======
    
    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=C:\JRun4\verity\k2\_nti40\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\K-Lite Codec Pack\QuickTime\QTSystem\;C:\Program Files\Common Files\DivX Shared\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "VS90COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools\
    "VERITY_CFG"=C:\JRun4\verity\k2\common\verity.cfg
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    
    -----------------EOF-----------------
    
    0
  14. Utilisateur anonyme
     
    merde je t'ai file tous les info sur mon Pc j'espere que tu sais se que tu fais ^^?
    0
  15. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Bonjour negrissim,

    Tu eux suivre les indications qu'ils te sont données

    Par contre ta signature est Hors Charte

    Bonne continuation

    ++
    0
  16. gen-hackman
     
    ok supprimes ceci :

    c:\rsit

    redemarre et relances rsit stp
    0
    1. undrentide
       
      alors sa marche?
      0
      1. Utilisateur anonyme > undrentide
         
        non il fallait juste allez sur le paneau de configuration / option internet / et puis dans l'onglet connexion / tous juste en bas de la petite fenetre parametres reseau / et enfin decrocher sever proxy . et puis valider et vos navigateurs sont a nouveaux operationels.

        0