Sujet Précédent Sujet Suivant

Problème pop-up

Fermé
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009 - 6 juil. 2009 à 14:50
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 - 20 juil. 2009 à 16:22
Bonjour,
Je suis sur le pc de mon amie, je souhaite lui régler son problème de pop up. J'attends des consignes (scan...) Merci.
A voir également:

31 réponses

  • 1
  • 2
Réponse 1 / 31
Utilisateur anonyme
6 juil. 2009 à 14:54
Salut,

Quels sont les problèmes remarqués ?
0
Réponse 2 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 14:54
Bonjour,

▶ Télécharge random's system information tool (RSIT)
http://images.malwareremoval.com/random/RSIT.exe
▶Enregistre le sur ton Bureau
▶ Double clique sur RSIT.exe pour l’exécuter.

▶ Clique sur "continue" à l'écran Disclaimer.

▶ Si l'outil HIjackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu n’auras qu’à accepter la licence.

▶ Une fois le scan terminé , 2 rapports vont apparaitre.
▶ Poste les dans ton prochain message
▶ Note : les rapports se trouvent aussi ici : ( log.txt & info.txt )
Tuto : https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
0
Réponse 3 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 14:57
info.txt logfile of random's system information tool 1.06 2009-07-06 14:56:39

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Apple Mobile Device Support-->MsiExec.exe /I{659B48CD-0608-4ED5-94C0-0B6C87114F10}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6CDD9FB-9F79-440B-9BE6-20DBA8B5BB93}\Setup.exe" -l0x40c
Architecture 3D - 2.1.3 (version gratuite)-->"C:\Program Files\LiveCAD\Architecture 3D - 2 (version gratuite)\unins000.exe"
Archiveur WinRAR-->C:\Documents and Settings\LAURA\Mes documents\Ma musique\uninstall.exe
Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Ask.com Search Assistant 1.0.1-->C:\Program Files\Ask Search Assistant\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
BitComet 1.02-->C:\Program Files\BitComet\uninst.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Browser Optimizer Dcads-->C:\WINDOWS\system32\dcads-remove.exe
Browser Optimizer Superiorads-->C:\WINDOWS\system32\superiorads-uninst.exe
BrowsingProgram-->C:\Program Files\BrowsingProgram\uninstall.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Code de la Route - Version d'évaluation-->MsiExec.exe /X{D4029236-4428-4BA0-A8AE-201DD4FB5A0D}
Contextual Tool Dcads-->C:\WINDOWS\system32\cont_dcads-remove.exe
Contextual Tool Dcads-->C:\WINDOWS\system32\ff1a494a-93a0-28e3-f029-272d284b1a0d.exe
DartyBox WiFi Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40ACE18D-D5B4-40AF-81E8-2816A8AED029}\Setup.exe" -l0x40c
DartyBox-->C:\Program Files\InstallShield Installation Information\{5ABD53CC-6182-40DF-9663-EBC9E6F3AE7C}\Setup.exe -runfromtemp -l0x040c -removeonly
Dcads Games Collection-->C:\Program Files\Dcads Games Collection\uninstall.exe
Favorit-->"c:\windows\system32\ayqqm.exe" -uninstall
FBrowsingAdvisor-->"C:\Program Files\FBrowsingAdvisor\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
iTunes-->MsiExec.exe /I{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
K-Lite Mega Codec Pack 1.53-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFU33.inf
L'Assistant DartyBox-->C:\Program Files\Assistant Dartybox\Uninstall_ADBox.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire PRO 5.1.2-->"C:\Program Files\LimeWire\uninstall.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft LifeCam-->MsiExec.exe /X{3C137BCF-8ADC-430D-B01C-A45593AC512B}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
MyFreeCodec-->C:\Program Files\MyFree Codec\09b beta\uninstall.exe
Nero 7 Essentials-->MsiExec.exe /X{B28B351F-1232-46EA-85EF-B8EA91641036}
Nero 9 Trial-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-A098-TC9C-CZPE-8HE4-T757-014K-1C1T"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\NSSSetup\{1E86581C-2858-4094-AB8B-D005EF96D4AC}_2_0_0\NSSSetup.exe" /X
Norton Security Scan-->MsiExec.exe /X{1E86581C-2858-4094-AB8B-D005EF96D4AC}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Ressources Windows Mobile-->C:\Program Files\Ressources Windows Mobile\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Safari-->MsiExec.exe /I{C5C649A8-1D21-4C83-9B08-7B3752E580F4}
Samsung Media Studio-->C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe -runfromtemp -l0x040c -removeonly
Search Assistant Dcads-->C:\WINDOWS\system32\dcads_sidebar_uninstall.exe
Search Assistant Mysidesearch-->C:\WINDOWS\system32\ygdyyfrxotqjaigsv.dll-uninst.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Socialnetworking Helper Dcads-->C:\WINDOWS\system32\DcadsSocial-uninstall.exe
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SurfingProgram-->C:\Program Files\SurfingProgram\uninstall.exe
UxTheme Multipatcher Fr-->C:\Program Files\UxTheme Multipatcher Fr\uninstall.exe
webHancer Customer Companion-->C:\Program Files\webHancer\Programs\whInstaller.exe -uninstall
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Messenger-->MsiExec.exe /X{52B40F14-A731-47BF-BAA2-BBD1227C90A2}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinFast(R) Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F69FD33C-8815-46BF-9134-A643DE68F3C0}\setup.exe" -l0x40c -removeonly
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

======System event log======

Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}

Record Number: 52258
Source Name: DCOM
Time Written: 20090705161203.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA

Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}

Record Number: 52257
Source Name: DCOM
Time Written: 20090705161143.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA

Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}

Record Number: 52256
Source Name: DCOM
Time Written: 20090705161123.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA

Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}

Record Number: 52255
Source Name: DCOM
Time Written: 20090705161103.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA

Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}

Record Number: 52254
Source Name: DCOM
Time Written: 20090705161043.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA

=====Application event log=====

Computer Name: FAUCON-ADEA95E8
Event Code: 0
Message: Le service s'est arrêté avec succès.

Record Number: 25661
Source Name: idsvc
Time Written: 20090417195306.000000+120
Event Type: Informations
User:

Computer Name: FAUCON-ADEA95E8
Event Code: 518
Message: The Windows CardSpace service has been idle for some time. It has been shut down to make resources available for other programs.

Record Number: 25660
Source Name: CardSpace 3.0.0.0
Time Written: 20090417195306.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: FAUCON-ADEA95E8
Event Code: 0
Message: Le service a démarré avec succès.

Record Number: 25659
Source Name: idsvc
Time Written: 20090417185306.000000+120
Event Type: Informations
User:

Computer Name: FAUCON-ADEA95E8
Event Code: 0
Message:
Record Number: 25658
Source Name: gusvc
Time Written: 20090417182446.000000+120
Event Type: Informations
User:

Computer Name: FAUCON-ADEA95E8
Event Code: 0
Message:
Record Number: 25657
Source Name: iPod Service
Time Written: 20090417182416.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------



Logfile of random's system information tool 1.06 (written by random/random)
Run by LAURA at 2009-07-06 14:56:13
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 52 GB (34%) free of 153 GB
Total RAM: 1023 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:56:37, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\ayqqm.exe
C:\Program Files\DartyBox Wifi\SAGEM WiFi manager\WLANUTL.exe
C:\Documents and Settings\LAURA\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitComet\BitComet.exe
C:\Documents and Settings\LAURA\Bureau\RSIT.exe
C:\Program Files\trend micro\LAURA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: dcads - {733716E1-76D2-4003-AC39-845281C0EF85} - C:\WINDOWS\system32\nsu1C.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: (no name) - {CAFCBB0F-D6F3-465B-FAFC-2E31894B95AE} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [warn default inter for] C:\Documents and Settings\All Users\Application Data\Time Dead Warn Default\Plan Drive.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [L'Assistant DartyBox] C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ayqqm] "c:\windows\system32\ayqqm.exe" ayqqm
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\LAURA\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mesvacancesenphoto.com/Components/Upload/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 4 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 15:05
Multiples infections...


Va dans ajout/suppression de programmes puis cherche si tu as des programmes comme :

" CID Help", "Circle Developement" , "Adverts"( ou "CiD-quelquechose")

--->s’ils s'y trouvent, supprime les.

Télécharges Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

▶Installe-le en double-cliquant dessus
/!\ si tu as Vista, désactive l’UAC le temps de la désinfection : Panneau de configuration>comptes utilisateurs>activer/désactiver le contrôle des comptes utilisateurs>décoche la cas puis fais OK
/!\ si tu as TeaTimer (le résident de Spybot), désactive-le sinon il va gêner la désinfection en empêchant la modification des BHO et la réparation du registre :
*Démarre Spybot, clique sur Mode, coche Mode avancé
*A gauche, clique sur Outils, puis sur Résident
*Décoche la case devant Résident "TeaTimer" puis quitte Spybot :
▶ Une fois la désinfection terminée ( et pas avant ), réactiver le " TeaTimer " .
▶ Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
▶Une fois le scan terminé, enregistrez le rapport généré, poste-le.
▶ Le rapport se trouve aussi sous la racine du disque: C:\lopR.txt.





▶Télécharge Toolbar S&D:
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

▶ Lances l'installation en exécutant le fichier téléchargé...

▶ Double-clique sur le raccourci de Toolbar, qui se trouve sur ton bureau, pour lancer l'application.

▶sélectionnes la langue, puis valides par la touche '' Entrée '' de ton clavier...

▶ Au menu, choisis l'option1 (recherche) et patientes jusqu'à la fin de la recherche.

▶ Un rapport sera généré à la fin. Poste-le stp.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 15:11
J'allais oublié:

il manque la fin du rapport. Reposte en entier stp.
0
Réponse 6 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 15:23
Logfile of random's system information tool 1.06 (written by random/random)
Run by LAURA at 2009-07-06 15:22:38
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 52 GB (34%) free of 153 GB
Total RAM: 1023 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:43, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\ayqqm.exe
C:\Program Files\DartyBox Wifi\SAGEM WiFi manager\WLANUTL.exe
C:\Documents and Settings\LAURA\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\system32\service.exe
C:\Documents and Settings\LAURA\Bureau\RSIT.exe
C:\Program Files\trend micro\LAURA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: dcads - {733716E1-76D2-4003-AC39-845281C0EF85} - C:\WINDOWS\system32\nsu1C.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: (no name) - {CAFCBB0F-D6F3-465B-FAFC-2E31894B95AE} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [warn default inter for] C:\Documents and Settings\All Users\Application Data\Time Dead Warn Default\Plan Drive.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [L'Assistant DartyBox] C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ayqqm] "c:\windows\system32\ayqqm.exe" ayqqm
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\LAURA\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mesvacancesenphoto.com/Components/Upload/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 7 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 15:28
j'ail d/l loopS&D j'attends la suite des instructions...
0
Réponse 8 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 15:29
*EDIT*

Tu as quoi ?
0
Réponse 9 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 15:35
Oui c'est ok j'attends que tu me guides ds le menu...
0
Réponse 10 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 15:38
Ben je t'ai expliqué:

http://www.commentcamarche.net/forum/affich 13225546 probleme pop up?#4

Utilise ce Tuto si tu préfères :

http://www.malekal.com/tutorial_Lop_SD.php

Ne passe pas à l'option 2 avant d'avoir posté le rapport.
0
Réponse 11 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 15:44
Voici le rapport toolbar :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 06/07/2009|15:43 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\SrchAstt
C:\Program Files\AskTBar\bar\1.bin
C:\Program Files\AskTBar\bar\Cache
C:\Program Files\AskTBar\bar\History
C:\Program Files\AskTBar\bar\Settings
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\AskTBar\bar\Cache\00E1C79F
C:\Program Files\AskTBar\bar\Cache\02A5C045.bin
C:\Program Files\AskTBar\bar\Cache\02A5D3CD.bin
C:\Program Files\AskTBar\bar\Cache\02A5DE5C.bin
C:\Program Files\AskTBar\bar\Cache\02A5E31F.bin
C:\Program Files\AskTBar\bar\Cache\files.ini
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskTBar\PopSwatr\History
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\Program Files\AskTBar\SrchAstt\1.bin
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
C:\Program Files\BrowsingProgram
C:\Program Files\BrowsingProgram\BrowsingProgram.dat
C:\Program Files\BrowsingProgram\pcre3.dll
C:\Program Files\BrowsingProgram\uninstall.exe
C:\Program Files\Dcads Games Collection
C:\Program Files\Dcads Games Collection\BattlesOfHelicopters.exe
C:\Program Files\Dcads Games Collection\BobAndBill.exe
C:\Program Files\Dcads Games Collection\CrazyBlocks.exe
C:\Program Files\Dcads Games Collection\Lines.exe
C:\Program Files\Dcads Games Collection\uninstall.exe
C:\Program Files\Dcads Games Collection\VideoPool.exe
C:\DOCUME~1\LAURA\MENUDM~1\PROGRA~1\Dcads Games Collection
C:\Program Files\FBrowserAdvisor
C:\Program Files\FBrowsingAdvisor
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
C:\Program Files\FBrowsingAdvisor\Logo.png
C:\Program Files\FBrowsingAdvisor\main.db
C:\Program Files\FBrowsingAdvisor\unins000.dat
C:\Program Files\FBrowsingAdvisor\unins000.exe
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
C:\DOCUME~1\LAURA\Cookies\laura@mysearch[1].txt
C:\WINDOWS\System32\Dcads-remove.exe
C:\WINDOWS\system32\dcads_sidebar.dll
C:\WINDOWS\system32\dcads_sidebar_uninstall.exe
C:\WINDOWS\System32\DcadsSocial-uninstall.exe
C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
C:\WINDOWS\system32\superiorads-uninst.exe
C:\WINDOWS\System32\WinNB67.dll

-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(LAURA) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(LAURA) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
"Search Bar"="http://www.yahoo.com/search/ie.html"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf

C:\WINDOWS\System32\aexsqzddu.dat
C:\WINDOWS\System32\aexsqzddu_nav.dat
C:\WINDOWS\System32\aexsqzddu_navps.dat
C:\WINDOWS\System32\ayqqm.dat
C:\WINDOWS\System32\ayqqm.exe
C:\WINDOWS\System32\ayqqm_nav.dat
C:\WINDOWS\System32\ayqqm_navps.dat
C:\WINDOWS\System32\lhrbory_navtmp.dat
C:\WINDOWS\System32\suywuoy.dat
C:\WINDOWS\System32\suywuoy_nav.dat
C:\WINDOWS\System32\suywuoy_navps.dat
C:\WINDOWS\System32\uyvivtv.dat
C:\WINDOWS\System32\uyvivtv_nav.dat
C:\WINDOWS\System32\uyvivtv_navps.dat
C:\WINDOWS\System32\wzylyuejp.dat
C:\WINDOWS\System32\wzylyuejp_nav.dat
C:\WINDOWS\System32\wzylyuejp_navps.dat
C:\WINDOWS\System32\ykakg.dat
C:\WINDOWS\System32\ykakg_nav.dat
C:\WINDOWS\System32\ykakg_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3



1 - "C:\ToolBar SD\TB_1.txt" - 06/07/2009|15:43 - Option : [1]

-----------\\ Fin du rapport a 15:43:55,98
0
Réponse 12 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 15:45
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 06/07/2009|15:42 )

--------------------\\ Listing des dossiers dans APPLIC~1

[30/09/2007|21:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[20/04/2009|21:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/04/2009|21:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla

[16/04/2009|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/11/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[19/05/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/06/2008|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/05/2009|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/07/2007|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[20/04/2009|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/07/2009|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[03/12/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[18/04/2009|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/11/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[20/04/2009|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2007|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[09/12/2007|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[07/06/2009|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[07/06/2009|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[17/07/2007|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[27/07/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[27/07/2008|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[10/11/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SongbirdVLC
[06/07/2009|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[10/08/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/02/2009|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
[27/07/2008|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[13/03/2009|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[07/08/2007|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/07/2007|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[17/12/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[04/12/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[30/09/2007|21:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[17/07/2007|16:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/04/2008|20:49] C:\DOCUME~1\LAURA\APPLIC~1\Adobe
[18/07/2007|00:27] C:\DOCUME~1\LAURA\APPLIC~1\AdobeUM
[26/08/2008|19:24] C:\DOCUME~1\LAURA\APPLIC~1\Ahead
[10/11/2008|16:42] C:\DOCUME~1\LAURA\APPLIC~1\Apple Computer
[12/12/2008|16:15] C:\DOCUME~1\LAURA\APPLIC~1\axis fast
[21/04/2008|18:36] C:\DOCUME~1\LAURA\APPLIC~1\BitTorrent
[17/07/2007|17:50] C:\DOCUME~1\LAURA\APPLIC~1\CyberLink
[11/01/2008|21:06] C:\DOCUME~1\LAURA\APPLIC~1\DataCast
[03/12/2008|22:39] C:\DOCUME~1\LAURA\APPLIC~1\DivX
[25/02/2008|22:36] C:\DOCUME~1\LAURA\APPLIC~1\Google
[17/07/2007|16:36] C:\DOCUME~1\LAURA\APPLIC~1\Identities
[17/07/2007|19:30] C:\DOCUME~1\LAURA\APPLIC~1\InstallShield
[19/06/2009|01:19] C:\DOCUME~1\LAURA\APPLIC~1\LimeWire
[16/06/2009|22:10] C:\DOCUME~1\LAURA\APPLIC~1\LiveCAD2
[17/07/2007|19:33] C:\DOCUME~1\LAURA\APPLIC~1\Macromedia
[02/03/2008|18:22] C:\DOCUME~1\LAURA\APPLIC~1\Media Player Classic
[18/11/2008|14:15] C:\DOCUME~1\LAURA\APPLIC~1\Micro Application
[24/05/2009|15:19] C:\DOCUME~1\LAURA\APPLIC~1\Microsoft
[27/08/2008|19:33] C:\DOCUME~1\LAURA\APPLIC~1\Mozilla
[17/07/2007|19:45] C:\DOCUME~1\LAURA\APPLIC~1\MSNInstaller
[15/06/2008|19:54] C:\DOCUME~1\LAURA\APPLIC~1\muvee Technologies
[31/05/2009|22:58] C:\DOCUME~1\LAURA\APPLIC~1\Nero
[10/11/2008|20:30] C:\DOCUME~1\LAURA\APPLIC~1\OpenOffice.org
[02/03/2008|12:01] C:\DOCUME~1\LAURA\APPLIC~1\Real
[10/11/2007|17:12] C:\DOCUME~1\LAURA\APPLIC~1\Songbird1
[02/02/2008|20:13] C:\DOCUME~1\LAURA\APPLIC~1\Sun
[01/09/2007|23:11] C:\DOCUME~1\LAURA\APPLIC~1\Talkback
[09/02/2009|11:13] C:\DOCUME~1\LAURA\APPLIC~1\TigerPlayer
[11/08/2008|18:36] C:\DOCUME~1\LAURA\APPLIC~1\U3
[25/09/2007|17:47] C:\DOCUME~1\LAURA\APPLIC~1\vlc
[17/06/2008|23:31] C:\DOCUME~1\LAURA\APPLIC~1\Windows Live Writer
[27/08/2007|12:54] C:\DOCUME~1\LAURA\APPLIC~1\WinRAR

[24/05/2009|15:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/05/2009|15:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/07/2009 11:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{24906363-E082-4B08-8725-5F11B6737CC7}.job
[08/05/2009 21:13][--a------] C:\WINDOWS\tasks\Norton Security Scan for LAURA.job
[06/07/2009 15:40][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{5BE79D06-B1CB-4875-BD21-0234683C42F2}.job
[06/07/2009 12:55][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[02/07/2009 10:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/07/2009 15:00][--ah-----] C:\WINDOWS\tasks\AA820E2A9181826A.job
[06/07/2009 11:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AA820E2A9181826A.job )=( c:\docume~1\laura\applic~1\axisfa~1\defaultdownloadcity.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[12/11/2008|22:28] C:\Program Files\Adobe
[30/08/2008|18:45] C:\Program Files\AIST
[09/09/2007|19:36] C:\Program Files\Alwil Software
[17/07/2007|17:13] C:\Program Files\Analog Devices
[15/09/2008|08:15] C:\Program Files\Apple Software Update
[20/04/2009|21:59] C:\Program Files\Ask Search Assistant
[01/06/2009|22:43] C:\Program Files\AskTBar
[30/06/2008|11:41] C:\Program Files\Assistant Dartybox
[24/05/2009|15:04] C:\Program Files\AVG
[29/03/2008|20:52] C:\Program Files\axis fast
[06/07/2008|16:47] C:\Program Files\BitComet
[08/06/2008|10:13] C:\Program Files\BitTorrent
[18/12/2008|12:02] C:\Program Files\Bonjour
[20/09/2008|16:48] C:\Program Files\BrowsingProgram
[06/07/2009|14:04] C:\Program Files\CCleaner
[17/07/2007|16:28] C:\Program Files\ComPlus Applications
[17/07/2007|17:49] C:\Program Files\CyberLink
[30/06/2008|11:46] C:\Program Files\DartyBox Wifi
[20/01/2008|18:22] C:\Program Files\Dcads Games Collection
[17/07/2007|17:13] C:\Program Files\DIFX
[04/12/2008|23:46] C:\Program Files\DivX
[31/08/2008|23:21] C:\Program Files\eMule
[19/05/2008|11:55] C:\Program Files\FBrowserAdvisor
[19/05/2008|11:55] C:\Program Files\FBrowsingAdvisor
[31/05/2009|22:20] C:\Program Files\Fichiers communs
[21/04/2009|20:30] C:\Program Files\Google
[17/07/2007|17:27] C:\Program Files\Grisoft
[11/09/2008|19:27] C:\Program Files\InstallShield Installation Information
[10/06/2009|03:04] C:\Program Files\Internet Explorer
[04/06/2009|11:01] C:\Program Files\iPod
[20/04/2009|21:45] C:\Program Files\iPod(2)
[04/06/2009|11:01] C:\Program Files\iTunes
[23/04/2009|22:18] C:\Program Files\Java
[02/03/2008|18:50] C:\Program Files\K-Lite Codec Pack
[11/01/2008|20:58] C:\Program Files\Lame MP3 Codec
[22/04/2009|18:41] C:\Program Files\LimeWire
[16/06/2009|22:08] C:\Program Files\LiveCAD
[05/04/2008|20:36] C:\Program Files\Macrogaming
[11/01/2008|20:58] C:\Program Files\MarkAny
[24/12/2008|12:47] C:\Program Files\Messenger
[20/04/2009|21:59] C:\Program Files\Messenger Plus! Live
[18/11/2008|14:14] C:\Program Files\Micro Application
[17/12/2008|18:49] C:\Program Files\Microsoft
[20/12/2008|01:23] C:\Program Files\Microsoft ActiveSync
[17/07/2007|16:30] C:\Program Files\microsoft frontpage
[04/08/2007|23:51] C:\Program Files\Microsoft LifeCam
[02/03/2008|11:46] C:\Program Files\Microsoft Office
[21/04/2009|11:14] C:\Program Files\Microsoft Silverlight
[17/06/2008|22:53] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|18:48] C:\Program Files\Microsoft Sync Framework
[24/12/2008|12:44] C:\Program Files\Movie Maker
[20/04/2009|22:40] C:\Program Files\Mozilla Firefox
[20/04/2009|21:53] C:\Program Files\MpcStar
[26/11/2008|18:08] C:\Program Files\MSBuild
[02/03/2008|11:46] C:\Program Files\MSECache
[17/07/2007|19:45] C:\Program Files\MSN
[17/07/2007|16:27] C:\Program Files\MSN Gaming Zone
[12/01/2008|01:01] C:\Program Files\MSXML 4.0
[26/11/2008|18:05] C:\Program Files\MSXML 6.0
[18/05/2008|10:56] C:\Program Files\muvee Technologies
[11/12/2007|18:31] C:\Program Files\muvee Technologies(2)
[08/06/2008|10:17] C:\Program Files\My Photo Calendars & Cards
[12/01/2008|00:40] C:\Program Files\MyFree Codec
[31/05/2009|22:37] C:\Program Files\Nero
[24/12/2008|12:39] C:\Program Files\NetMeeting
[08/05/2009|15:00] C:\Program Files\Norton Security Scan
[20/04/2009|21:46] C:\Program Files\Norton Security Scan(2)
[07/06/2009|14:40] C:\Program Files\NOS
[17/07/2007|16:27] C:\Program Files\Online Services
[10/11/2008|17:21] C:\Program Files\OpenOffice.org 3
[24/12/2008|12:39] C:\Program Files\Outlook Express
[07/08/2008|21:55] C:\Program Files\Pinnacle
[04/06/2009|11:00] C:\Program Files\QuickTime
[20/04/2009|21:46] C:\Program Files\QuickTime(2)
[02/03/2008|11:58] C:\Program Files\Real
[26/11/2008|18:08] C:\Program Files\Reference Assemblies
[11/09/2008|19:19] C:\Program Files\Ressources Windows Mobile
[11/06/2009|10:55] C:\Program Files\Safari
[11/01/2008|20:58] C:\Program Files\Samsung
[17/07/2007|16:29] C:\Program Files\Services en ligne
[07/06/2009|10:44] C:\Program Files\Spybot - Search & Destroy
[20/09/2008|16:48] C:\Program Files\SurfingProgram
[06/07/2009|15:22] C:\Program Files\trend micro
[17/07/2007|16:36] C:\Program Files\Uninstall Information
[07/01/2008|22:58] C:\Program Files\UxTheme Multipatcher Fr
[25/09/2007|17:38] C:\Program Files\VideoLAN
[21/05/2008|19:21] C:\Program Files\webHancer
[20/04/2009|21:50] C:\Program Files\Winamp Toolbar
[20/04/2009|22:14] C:\Program Files\Windows Live
[30/06/2009|19:47] C:\Program Files\Windows Live Safety Center
[17/12/2008|18:46] C:\Program Files\Windows Live SkyDrive
[05/04/2008|20:34] C:\Program Files\Windows Live Toolbar
[07/08/2007|21:25] C:\Program Files\Windows Media Connect 2
[24/12/2008|12:39] C:\Program Files\Windows Media Player
[24/12/2008|12:39] C:\Program Files\Windows NT
[31/05/2009|22:35] C:\Program Files\Windows Sidebar
[17/07/2007|16:29] C:\Program Files\WindowsUpdate
[10/08/2008|12:24] C:\Program Files\WinRAR
[17/07/2007|16:30] C:\Program Files\xerox
[08/06/2008|10:29] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[12/11/2008|22:29] C:\Program Files\Fichiers communs\Adobe
[17/07/2007|17:23] C:\Program Files\Fichiers communs\Ahead
[04/06/2009|11:01] C:\Program Files\Fichiers communs\Apple
[17/07/2007|17:47] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2007|17:49] C:\Program Files\Fichiers communs\InstallShield
[19/01/2008|19:40] C:\Program Files\Fichiers communs\Java
[17/07/2007|17:23] C:\Program Files\Fichiers communs\LightScribe
[20/04/2009|22:10] C:\Program Files\Fichiers communs\Microsoft Shared
[17/07/2007|16:28] C:\Program Files\Fichiers communs\MSSoap
[10/11/2008|16:46] C:\Program Files\Fichiers communs\muvee Technologies
[31/05/2009|22:53] C:\Program Files\Fichiers communs\Nero
[17/07/2007|17:58] C:\Program Files\Fichiers communs\ODBC
[02/03/2008|11:58] C:\Program Files\Fichiers communs\Real
[17/07/2007|16:28] C:\Program Files\Fichiers communs\Services
[17/07/2007|17:58] C:\Program Files\Fichiers communs\SpeechEngines
[08/05/2009|15:00] C:\Program Files\Fichiers communs\Symantec Shared
[24/12/2008|12:39] C:\Program Files\Fichiers communs\System
[17/12/2008|18:34] C:\Program Files\Fichiers communs\Windows Live
[17/06/2008|22:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[02/03/2008|11:58] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 61 Processes )

iexplore.exe ~ [PID:2720]
iexplore.exe ~ [PID:1332]
iexplore.exe ~ [PID:3228]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\Plan Drive.exe
C:\DOCUME~1\LAURA\APPLIC~1\axisfa~1
C:\Program Files\axisfa~1
C:\WINDOWS\Tasks\AA820E2A9181826A.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="C:\\Documents and Settings\\All Users\\Application Data\\Time Dead Warn Default\\Plan Drive.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 10598 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 15:43:57
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 175

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf

C:\WINDOWS\System32\aexsqzddu.dat
C:\WINDOWS\System32\aexsqzddu_nav.dat
C:\WINDOWS\System32\aexsqzddu_navps.dat
C:\WINDOWS\System32\ayqqm.dat
C:\WINDOWS\System32\ayqqm.exe
C:\WINDOWS\System32\ayqqm_nav.dat
C:\WINDOWS\System32\ayqqm_navps.dat
C:\WINDOWS\System32\lhrbory_navtmp.dat
C:\WINDOWS\System32\suywuoy.dat
C:\WINDOWS\System32\suywuoy_nav.dat
C:\WINDOWS\System32\suywuoy_navps.dat
C:\WINDOWS\System32\uyvivtv.dat
C:\WINDOWS\System32\uyvivtv_nav.dat
C:\WINDOWS\System32\uyvivtv_navps.dat
C:\WINDOWS\System32\wzylyuejp.dat
C:\WINDOWS\System32\wzylyuejp_nav.dat
C:\WINDOWS\System32\wzylyuejp_navps.dat
C:\WINDOWS\System32\ykakg.dat
C:\WINDOWS\System32\ykakg_nav.dat
C:\WINDOWS\System32\ykakg_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3


[F:55][D:7]-> C:\DOCUME~1\LAURA\LOCALS~1\Temp
[F:25][D:0]-> C:\DOCUME~1\LAURA\Cookies
[F:437][D:20]-> C:\DOCUME~1\LAURA\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/07/2009|15:44 - Option : [1]

--------------------\\ Fin du rapport a 15:44:58
0
Réponse 13 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 15:46
▶Relances ToolBarSD
▶Choisis l'option2 ( suppression),
▶Ne touche à rien pendant la suppression.
▶A la fin, un rapport est généré, postes le!


/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/


▶Relance Lop S&D
▶ Choisis l’option 2
▶ Ne touche à rien lors de la suppression !
▶A la fin un rapport est généré, poste le
▶ Le rapport se trouve aussi sous la racine du disque: C:\lopR.txt.
0
Réponse 14 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 15:50
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 06/07/2009|15:47 )

-----------\\ SUPPRESSION

Echec ! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Echec ! - C:\Program Files\AskTBar\SrchAstt
Echec ! - C:\Program Files\AskTBar\bar\1.bin
Echec ! - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
Echec ! - C:\Program Files\AskTBar\SrchAstt\1.bin
Echec ! - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
Supprime! - C:\Program Files\BrowsingProgram\BrowsingProgram.dat
Supprime! - C:\Program Files\BrowsingProgram\pcre3.dll
Supprime! - C:\Program Files\BrowsingProgram\uninstall.exe
Supprime! - C:\Program Files\Dcads Games Collection\BattlesOfHelicopters.exe
Supprime! - C:\Program Files\Dcads Games Collection\BobAndBill.exe
Supprime! - C:\Program Files\Dcads Games Collection\CrazyBlocks.exe
Supprime! - C:\Program Files\Dcads Games Collection\Lines.exe
Supprime! - C:\Program Files\Dcads Games Collection\uninstall.exe
Supprime! - C:\Program Files\Dcads Games Collection\VideoPool.exe
Supprime! - C:\DOCUME~1\LAURA\MENUDM~1\PROGRA~1\Dcads Games Collection
Supprime! - C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
Supprime! - C:\Program Files\FBrowsingAdvisor\Logo.png
Supprime! - C:\Program Files\FBrowsingAdvisor\main.db
Supprime! - C:\Program Files\FBrowsingAdvisor\unins000.dat
Supprime! - C:\Program Files\FBrowsingAdvisor\unins000.exe
Supprime! - C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
Supprime! - C:\DOCUME~1\LAURA\Cookies\laura@mysearch[1].txt
Supprime! - C:\WINDOWS\System32\Dcads-remove.exe
Supprime! - C:\WINDOWS\system32\dcads_sidebar.dll
Supprime! - C:\WINDOWS\system32\dcads_sidebar_uninstall.exe
Supprime! - C:\WINDOWS\System32\DcadsSocial-uninstall.exe
Supprime! - C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
Supprime! - C:\WINDOWS\system32\superiorads-uninst.exe
Supprime! - C:\WINDOWS\System32\WinNB67.dll
Echec ! - C:\Program Files\AskTBar
Supprime! - C:\Program Files\BrowsingProgram
Supprime! - C:\Program Files\Dcads Games Collection
Supprime! - C:\Program Files\FBrowserAdvisor
Supprime! - C:\Program Files\FBrowsingAdvisor

-----------\\ DEUXIEME PASSAGE

Echec ! - C:\Program Files\AskTBar\bar
Echec ! - C:\Program Files\AskTBar\SrchAstt
Echec ! - C:\Program Files\AskTBar\bar\1.bin
Echec ! - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
Echec ! - C:\Program Files\AskTBar\SrchAstt\1.bin
Echec ! - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
Echec ! - C:\Program Files\AskTBar

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\SrchAstt
C:\Program Files\AskTBar\bar\1.bin
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\AskTBar\SrchAstt\1.bin
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL

-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(LAURA) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(LAURA) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
"Search Bar"="http://www.yahoo.com/search/ie.html"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf

C:\WINDOWS\System32\aexsqzddu.dat
C:\WINDOWS\System32\aexsqzddu_nav.dat
C:\WINDOWS\System32\aexsqzddu_navps.dat
C:\WINDOWS\System32\ayqqm.dat
C:\WINDOWS\System32\ayqqm.exe
C:\WINDOWS\System32\ayqqm_nav.dat
C:\WINDOWS\System32\ayqqm_navps.dat
C:\WINDOWS\System32\lhrbory_navtmp.dat
C:\WINDOWS\System32\suywuoy.dat
C:\WINDOWS\System32\suywuoy_nav.dat
C:\WINDOWS\System32\suywuoy_navps.dat
C:\WINDOWS\System32\uyvivtv.dat
C:\WINDOWS\System32\uyvivtv_nav.dat
C:\WINDOWS\System32\uyvivtv_navps.dat
C:\WINDOWS\System32\wzylyuejp.dat
C:\WINDOWS\System32\wzylyuejp_nav.dat
C:\WINDOWS\System32\wzylyuejp_navps.dat
C:\WINDOWS\System32\ykakg.dat
C:\WINDOWS\System32\ykakg_nav.dat
C:\WINDOWS\System32\ykakg_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3



1 - "C:\ToolBar SD\TB_1.txt" - 06/07/2009|15:43 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/07/2009|15:48 - Option : [2]

-----------\\ Fin du rapport a 15:48:53,90
0
Réponse 15 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 15:53
Au passage...s'agit-il du même PC:

http://www.commentcamarche.net/forum/affich 12739456 probleme pop up promotion mcafee etc

?
0
Réponse 16 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 15:54
non ce n'est pas le même pc. Regarde le début de mon post (je suis sur le pc de mon amie) ;-)


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/07/2009|15:51 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\Plan Drive.exe
Supprime! - C:\WINDOWS\Tasks\AA820E2A9181826A.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
Supprime! - C:\DOCUME~1\LAURA\APPLIC~1\axisfa~1
Supprime! - C:\Program Files\axisfa~1
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[30/09/2007|21:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[20/04/2009|21:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/04/2009|21:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla

[16/04/2009|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/11/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[19/05/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/06/2008|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/05/2009|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/07/2007|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[20/04/2009|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/07/2009|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[03/12/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[18/04/2009|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/11/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[20/04/2009|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2007|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[09/12/2007|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[07/06/2009|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[07/06/2009|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[17/07/2007|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[27/07/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[27/07/2008|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[10/11/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SongbirdVLC
[06/07/2009|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[10/08/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/07/2008|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[13/03/2009|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[07/08/2007|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/07/2007|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[17/12/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[04/12/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[30/09/2007|21:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[17/07/2007|16:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/04/2008|20:49] C:\DOCUME~1\LAURA\APPLIC~1\Adobe
[18/07/2007|00:27] C:\DOCUME~1\LAURA\APPLIC~1\AdobeUM
[26/08/2008|19:24] C:\DOCUME~1\LAURA\APPLIC~1\Ahead
[10/11/2008|16:42] C:\DOCUME~1\LAURA\APPLIC~1\Apple Computer
[21/04/2008|18:36] C:\DOCUME~1\LAURA\APPLIC~1\BitTorrent
[17/07/2007|17:50] C:\DOCUME~1\LAURA\APPLIC~1\CyberLink
[11/01/2008|21:06] C:\DOCUME~1\LAURA\APPLIC~1\DataCast
[03/12/2008|22:39] C:\DOCUME~1\LAURA\APPLIC~1\DivX
[25/02/2008|22:36] C:\DOCUME~1\LAURA\APPLIC~1\Google
[17/07/2007|16:36] C:\DOCUME~1\LAURA\APPLIC~1\Identities
[17/07/2007|19:30] C:\DOCUME~1\LAURA\APPLIC~1\InstallShield
[19/06/2009|01:19] C:\DOCUME~1\LAURA\APPLIC~1\LimeWire
[16/06/2009|22:10] C:\DOCUME~1\LAURA\APPLIC~1\LiveCAD2
[17/07/2007|19:33] C:\DOCUME~1\LAURA\APPLIC~1\Macromedia
[02/03/2008|18:22] C:\DOCUME~1\LAURA\APPLIC~1\Media Player Classic
[18/11/2008|14:15] C:\DOCUME~1\LAURA\APPLIC~1\Micro Application
[24/05/2009|15:19] C:\DOCUME~1\LAURA\APPLIC~1\Microsoft
[27/08/2008|19:33] C:\DOCUME~1\LAURA\APPLIC~1\Mozilla
[17/07/2007|19:45] C:\DOCUME~1\LAURA\APPLIC~1\MSNInstaller
[15/06/2008|19:54] C:\DOCUME~1\LAURA\APPLIC~1\muvee Technologies
[31/05/2009|22:58] C:\DOCUME~1\LAURA\APPLIC~1\Nero
[10/11/2008|20:30] C:\DOCUME~1\LAURA\APPLIC~1\OpenOffice.org
[02/03/2008|12:01] C:\DOCUME~1\LAURA\APPLIC~1\Real
[10/11/2007|17:12] C:\DOCUME~1\LAURA\APPLIC~1\Songbird1
[02/02/2008|20:13] C:\DOCUME~1\LAURA\APPLIC~1\Sun
[01/09/2007|23:11] C:\DOCUME~1\LAURA\APPLIC~1\Talkback
[09/02/2009|11:13] C:\DOCUME~1\LAURA\APPLIC~1\TigerPlayer
[11/08/2008|18:36] C:\DOCUME~1\LAURA\APPLIC~1\U3
[25/09/2007|17:47] C:\DOCUME~1\LAURA\APPLIC~1\vlc
[17/06/2008|23:31] C:\DOCUME~1\LAURA\APPLIC~1\Windows Live Writer
[27/08/2007|12:54] C:\DOCUME~1\LAURA\APPLIC~1\WinRAR

[24/05/2009|15:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/05/2009|15:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/07/2009 11:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{24906363-E082-4B08-8725-5F11B6737CC7}.job
[08/05/2009 21:13][--a------] C:\WINDOWS\tasks\Norton Security Scan for LAURA.job
[06/07/2009 15:50][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{5BE79D06-B1CB-4875-BD21-0234683C42F2}.job
[06/07/2009 12:55][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[02/07/2009 10:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/07/2009 11:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[12/11/2008|22:28] C:\Program Files\Adobe
[30/08/2008|18:45] C:\Program Files\AIST
[09/09/2007|19:36] C:\Program Files\Alwil Software
[17/07/2007|17:13] C:\Program Files\Analog Devices
[15/09/2008|08:15] C:\Program Files\Apple Software Update
[20/04/2009|21:59] C:\Program Files\Ask Search Assistant
[06/07/2009|15:47] C:\Program Files\AskTBar
[30/06/2008|11:41] C:\Program Files\Assistant Dartybox
[24/05/2009|15:04] C:\Program Files\AVG
[06/07/2008|16:47] C:\Program Files\BitComet
[08/06/2008|10:13] C:\Program Files\BitTorrent
[18/12/2008|12:02] C:\Program Files\Bonjour
[06/07/2009|14:04] C:\Program Files\CCleaner
[17/07/2007|16:28] C:\Program Files\ComPlus Applications
[17/07/2007|17:49] C:\Program Files\CyberLink
[30/06/2008|11:46] C:\Program Files\DartyBox Wifi
[17/07/2007|17:13] C:\Program Files\DIFX
[04/12/2008|23:46] C:\Program Files\DivX
[31/08/2008|23:21] C:\Program Files\eMule
[31/05/2009|22:20] C:\Program Files\Fichiers communs
[21/04/2009|20:30] C:\Program Files\Google
[17/07/2007|17:27] C:\Program Files\Grisoft
[11/09/2008|19:27] C:\Program Files\InstallShield Installation Information
[10/06/2009|03:04] C:\Program Files\Internet Explorer
[04/06/2009|11:01] C:\Program Files\iPod
[20/04/2009|21:45] C:\Program Files\iPod(2)
[04/06/2009|11:01] C:\Program Files\iTunes
[23/04/2009|22:18] C:\Program Files\Java
[02/03/2008|18:50] C:\Program Files\K-Lite Codec Pack
[11/01/2008|20:58] C:\Program Files\Lame MP3 Codec
[22/04/2009|18:41] C:\Program Files\LimeWire
[16/06/2009|22:08] C:\Program Files\LiveCAD
[05/04/2008|20:36] C:\Program Files\Macrogaming
[11/01/2008|20:58] C:\Program Files\MarkAny
[24/12/2008|12:47] C:\Program Files\Messenger
[20/04/2009|21:59] C:\Program Files\Messenger Plus! Live
[18/11/2008|14:14] C:\Program Files\Micro Application
[17/12/2008|18:49] C:\Program Files\Microsoft
[20/12/2008|01:23] C:\Program Files\Microsoft ActiveSync
[17/07/2007|16:30] C:\Program Files\microsoft frontpage
[04/08/2007|23:51] C:\Program Files\Microsoft LifeCam
[02/03/2008|11:46] C:\Program Files\Microsoft Office
[21/04/2009|11:14] C:\Program Files\Microsoft Silverlight
[17/06/2008|22:53] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|18:48] C:\Program Files\Microsoft Sync Framework
[24/12/2008|12:44] C:\Program Files\Movie Maker
[20/04/2009|22:40] C:\Program Files\Mozilla Firefox
[20/04/2009|21:53] C:\Program Files\MpcStar
[26/11/2008|18:08] C:\Program Files\MSBuild
[02/03/2008|11:46] C:\Program Files\MSECache
[17/07/2007|19:45] C:\Program Files\MSN
[17/07/2007|16:27] C:\Program Files\MSN Gaming Zone
[12/01/2008|01:01] C:\Program Files\MSXML 4.0
[26/11/2008|18:05] C:\Program Files\MSXML 6.0
[18/05/2008|10:56] C:\Program Files\muvee Technologies
[11/12/2007|18:31] C:\Program Files\muvee Technologies(2)
[08/06/2008|10:17] C:\Program Files\My Photo Calendars & Cards
[12/01/2008|00:40] C:\Program Files\MyFree Codec
[31/05/2009|22:37] C:\Program Files\Nero
[24/12/2008|12:39] C:\Program Files\NetMeeting
[08/05/2009|15:00] C:\Program Files\Norton Security Scan
[20/04/2009|21:46] C:\Program Files\Norton Security Scan(2)
[07/06/2009|14:40] C:\Program Files\NOS
[17/07/2007|16:27] C:\Program Files\Online Services
[10/11/2008|17:21] C:\Program Files\OpenOffice.org 3
[24/12/2008|12:39] C:\Program Files\Outlook Express
[07/08/2008|21:55] C:\Program Files\Pinnacle
[04/06/2009|11:00] C:\Program Files\QuickTime
[20/04/2009|21:46] C:\Program Files\QuickTime(2)
[02/03/2008|11:58] C:\Program Files\Real
[26/11/2008|18:08] C:\Program Files\Reference Assemblies
[11/09/2008|19:19] C:\Program Files\Ressources Windows Mobile
[11/06/2009|10:55] C:\Program Files\Safari
[11/01/2008|20:58] C:\Program Files\Samsung
[17/07/2007|16:29] C:\Program Files\Services en ligne
[07/06/2009|10:44] C:\Program Files\Spybot - Search & Destroy
[20/09/2008|16:48] C:\Program Files\SurfingProgram
[06/07/2009|15:22] C:\Program Files\trend micro
[17/07/2007|16:36] C:\Program Files\Uninstall Information
[07/01/2008|22:58] C:\Program Files\UxTheme Multipatcher Fr
[25/09/2007|17:38] C:\Program Files\VideoLAN
[21/05/2008|19:21] C:\Program Files\webHancer
[20/04/2009|21:50] C:\Program Files\Winamp Toolbar
[20/04/2009|22:14] C:\Program Files\Windows Live
[30/06/2009|19:47] C:\Program Files\Windows Live Safety Center
[17/12/2008|18:46] C:\Program Files\Windows Live SkyDrive
[05/04/2008|20:34] C:\Program Files\Windows Live Toolbar
[07/08/2007|21:25] C:\Program Files\Windows Media Connect 2
[24/12/2008|12:39] C:\Program Files\Windows Media Player
[24/12/2008|12:39] C:\Program Files\Windows NT
[31/05/2009|22:35] C:\Program Files\Windows Sidebar
[17/07/2007|16:29] C:\Program Files\WindowsUpdate
[10/08/2008|12:24] C:\Program Files\WinRAR
[17/07/2007|16:30] C:\Program Files\xerox
[08/06/2008|10:29] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[12/11/2008|22:29] C:\Program Files\Fichiers communs\Adobe
[17/07/2007|17:23] C:\Program Files\Fichiers communs\Ahead
[04/06/2009|11:01] C:\Program Files\Fichiers communs\Apple
[17/07/2007|17:47] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2007|17:49] C:\Program Files\Fichiers communs\InstallShield
[19/01/2008|19:40] C:\Program Files\Fichiers communs\Java
[17/07/2007|17:23] C:\Program Files\Fichiers communs\LightScribe
[20/04/2009|22:10] C:\Program Files\Fichiers communs\Microsoft Shared
[17/07/2007|16:28] C:\Program Files\Fichiers communs\MSSoap
[10/11/2008|16:46] C:\Program Files\Fichiers communs\muvee Technologies
[31/05/2009|22:53] C:\Program Files\Fichiers communs\Nero
[17/07/2007|17:58] C:\Program Files\Fichiers communs\ODBC
[02/03/2008|11:58] C:\Program Files\Fichiers communs\Real
[17/07/2007|16:28] C:\Program Files\Fichiers communs\Services
[17/07/2007|17:58] C:\Program Files\Fichiers communs\SpeechEngines
[08/05/2009|15:00] C:\Program Files\Fichiers communs\Symantec Shared
[24/12/2008|12:39] C:\Program Files\Fichiers communs\System
[17/12/2008|18:34] C:\Program Files\Fichiers communs\Windows Live
[17/06/2008|22:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[02/03/2008|11:58] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 57 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 15:52:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 175

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf

C:\WINDOWS\System32\aexsqzddu.dat
C:\WINDOWS\System32\aexsqzddu_nav.dat
C:\WINDOWS\System32\aexsqzddu_navps.dat
C:\WINDOWS\System32\ayqqm.dat
C:\WINDOWS\System32\ayqqm.exe
C:\WINDOWS\System32\ayqqm_nav.dat
C:\WINDOWS\System32\ayqqm_navps.dat
C:\WINDOWS\System32\lhrbory_navtmp.dat
C:\WINDOWS\System32\suywuoy.dat
C:\WINDOWS\System32\suywuoy_nav.dat
C:\WINDOWS\System32\suywuoy_navps.dat
C:\WINDOWS\System32\uyvivtv.dat
C:\WINDOWS\System32\uyvivtv_nav.dat
C:\WINDOWS\System32\uyvivtv_navps.dat
C:\WINDOWS\System32\wzylyuejp.dat
C:\WINDOWS\System32\wzylyuejp_nav.dat
C:\WINDOWS\System32\wzylyuejp_navps.dat
C:\WINDOWS\System32\ykakg.dat
C:\WINDOWS\System32\ykakg_nav.dat
C:\WINDOWS\System32\ykakg_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3


[F:32][D:7]-> C:\DOCUME~1\LAURA\LOCALS~1\Temp
[F:24][D:0]-> C:\DOCUME~1\LAURA\Cookies
[F:464][D:20]-> C:\DOCUME~1\LAURA\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/07/2009|15:44 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/07/2009|15:53 - Option : [2]

--------------------\\ Fin du rapport a 15:53:24
0
Réponse 17 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 15:59
ok, c'était pour être sûr ;-)


Supprime tes cracks et keygens:

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3




On continue:



>> Télécharge Navilog sur ton bureau:

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

/!\ si tu as Vista, désactive l’UAC le temps de la désinfection : Panneau de configuration>comptes utilisateurs>activer/désactiver le contrôle des comptes utilisateurs>décoche la cas puis fais OK

>> Désactives ton antivirus également.
>> Lance l’application ( clic-droit : exécuter en tant qu'administrateur si tu es sous Vista )
>> Arriver au menu principal, choisis l'option 1 et valide.
>> Patiente jusqu'au message : Analyse Termine le ...
>> Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt)
0
Réponse 18 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 16:27
Je dois m'absenter...

A+
0
Réponse 19 / 31
Nic00 Messages postés 1701 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 30 mars 2010 95
6 juil. 2009 à 19:03
Re,

poste dès que tu peux.
0
Réponse 20 / 31
thewwws57 Messages postés 40 Date d'inscription vendredi 1 août 2008 Statut Membre Dernière intervention 3 août 2009
6 juil. 2009 à 21:07
Excuse moi pour le retard !

Fix Navipromo version 4.0.0 commencé le 06/07/2009 à 16:06:08,59

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 19.06.2009 à 20h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)


Recherche exécutée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
C:\WINDOWS\system32\aexsqzddu.dat supprimé !
C:\WINDOWS\system32\aexsqzddu_nav.dat supprimé !
C:\WINDOWS\system32\aexsqzddu_navps.dat supprimé !
C:\WINDOWS\system32\ayqqm.exe supprimé !
C:\WINDOWS\system32\ayqqm.dat supprimé !
C:\WINDOWS\system32\ayqqm_nav.dat supprimé !
C:\WINDOWS\system32\ayqqm_navps.dat supprimé !
C:\WINDOWS\prefetch\ayqqm*.pf supprimé !
C:\WINDOWS\system32\lhrbory_navtmp.dat supprimé !
C:\WINDOWS\system32\suywuoy.dat supprimé !
C:\WINDOWS\system32\suywuoy_nav.dat supprimé !
C:\WINDOWS\system32\suywuoy_navps.dat supprimé !
C:\WINDOWS\system32\uyvivtv.dat supprimé !
C:\WINDOWS\system32\uyvivtv_nav.dat supprimé !
C:\WINDOWS\system32\uyvivtv_navps.dat supprimé !
C:\WINDOWS\system32\wzylyuejp.dat supprimé !
C:\WINDOWS\system32\wzylyuejp_nav.dat supprimé !
C:\WINDOWS\system32\wzylyuejp_navps.dat supprimé !
C:\WINDOWS\system32\ykakg.dat supprimé !
C:\WINDOWS\system32\ykakg_nav.dat supprimé !
C:\WINDOWS\system32\ykakg_navps.dat supprimé !


Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\LAURA\locals~1\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !



*** Scan terminé le 06/07/2009 à 21:01:51,31 ***
0

Discussions similaires

Comment lire un DVD avec un pop-up mobile external DVD-RW
Anna -
Anna -

2 réponses
Notifications pop UP sous Android 14
Mich -
Panth33ra -

5 réponses
virus pop up avast
ririmeca -
bazfile -

9 réponses
"Mode sécurisé": comment l'enlever ?
skander1615 -
Tito -

2 réponses