Problème pop-up
thewwws57
Messages postés
40
Statut
Membre
-
Nic00 Messages postés 1751 Statut Membre -
Nic00 Messages postés 1751 Statut Membre -
Bonjour,
Je suis sur le pc de mon amie, je souhaite lui régler son problème de pop up. J'attends des consignes (scan...) Merci.
Je suis sur le pc de mon amie, je souhaite lui régler son problème de pop up. J'attends des consignes (scan...) Merci.
Configuration: Windows XP Internet Explorer 7.0
31 réponses
- 1
- 2
Suivant
-
-
Bonjour,
▶ Télécharge random's system information tool (RSIT)
http://images.malwareremoval.com/random/RSIT.exe
▶Enregistre le sur ton Bureau
▶ Double clique sur RSIT.exe pour l’exécuter.
▶ Clique sur "continue" à l'écran Disclaimer.
▶ Si l'outil HIjackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu n’auras qu’à accepter la licence.
▶ Une fois le scan terminé , 2 rapports vont apparaitre.
▶ Poste les dans ton prochain message
▶ Note : les rapports se trouvent aussi ici : ( log.txt & info.txt )
▶Tuto : https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
-
info.txt logfile of random's system information tool 1.06 2009-07-06 14:56:39
======Uninstall list======
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Apple Mobile Device Support-->MsiExec.exe /I{659B48CD-0608-4ED5-94C0-0B6C87114F10}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6CDD9FB-9F79-440B-9BE6-20DBA8B5BB93}\Setup.exe" -l0x40c
Architecture 3D - 2.1.3 (version gratuite)-->"C:\Program Files\LiveCAD\Architecture 3D - 2 (version gratuite)\unins000.exe"
Archiveur WinRAR-->C:\Documents and Settings\LAURA\Mes documents\Ma musique\uninstall.exe
Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Ask.com Search Assistant 1.0.1-->C:\Program Files\Ask Search Assistant\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
BitComet 1.02-->C:\Program Files\BitComet\uninst.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Browser Optimizer Dcads-->C:\WINDOWS\system32\dcads-remove.exe
Browser Optimizer Superiorads-->C:\WINDOWS\system32\superiorads-uninst.exe
BrowsingProgram-->C:\Program Files\BrowsingProgram\uninstall.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Code de la Route - Version d'évaluation-->MsiExec.exe /X{D4029236-4428-4BA0-A8AE-201DD4FB5A0D}
Contextual Tool Dcads-->C:\WINDOWS\system32\cont_dcads-remove.exe
Contextual Tool Dcads-->C:\WINDOWS\system32\ff1a494a-93a0-28e3-f029-272d284b1a0d.exe
DartyBox WiFi Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40ACE18D-D5B4-40AF-81E8-2816A8AED029}\Setup.exe" -l0x40c
DartyBox-->C:\Program Files\InstallShield Installation Information\{5ABD53CC-6182-40DF-9663-EBC9E6F3AE7C}\Setup.exe -runfromtemp -l0x040c -removeonly
Dcads Games Collection-->C:\Program Files\Dcads Games Collection\uninstall.exe
Favorit-->"c:\windows\system32\ayqqm.exe" -uninstall
FBrowsingAdvisor-->"C:\Program Files\FBrowsingAdvisor\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
iTunes-->MsiExec.exe /I{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
K-Lite Mega Codec Pack 1.53-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFU33.inf
L'Assistant DartyBox-->C:\Program Files\Assistant Dartybox\Uninstall_ADBox.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire PRO 5.1.2-->"C:\Program Files\LimeWire\uninstall.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft LifeCam-->MsiExec.exe /X{3C137BCF-8ADC-430D-B01C-A45593AC512B}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
MyFreeCodec-->C:\Program Files\MyFree Codec\09b beta\uninstall.exe
Nero 7 Essentials-->MsiExec.exe /X{B28B351F-1232-46EA-85EF-B8EA91641036}
Nero 9 Trial-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-A098-TC9C-CZPE-8HE4-T757-014K-1C1T"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\NSSSetup\{1E86581C-2858-4094-AB8B-D005EF96D4AC}_2_0_0\NSSSetup.exe" /X
Norton Security Scan-->MsiExec.exe /X{1E86581C-2858-4094-AB8B-D005EF96D4AC}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Ressources Windows Mobile-->C:\Program Files\Ressources Windows Mobile\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Safari-->MsiExec.exe /I{C5C649A8-1D21-4C83-9B08-7B3752E580F4}
Samsung Media Studio-->C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe -runfromtemp -l0x040c -removeonly
Search Assistant Dcads-->C:\WINDOWS\system32\dcads_sidebar_uninstall.exe
Search Assistant Mysidesearch-->C:\WINDOWS\system32\ygdyyfrxotqjaigsv.dll-uninst.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Socialnetworking Helper Dcads-->C:\WINDOWS\system32\DcadsSocial-uninstall.exe
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SurfingProgram-->C:\Program Files\SurfingProgram\uninstall.exe
UxTheme Multipatcher Fr-->C:\Program Files\UxTheme Multipatcher Fr\uninstall.exe
webHancer Customer Companion-->C:\Program Files\webHancer\Programs\whInstaller.exe -uninstall
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Messenger-->MsiExec.exe /X{52B40F14-A731-47BF-BAA2-BBD1227C90A2}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinFast(R) Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F69FD33C-8815-46BF-9134-A643DE68F3C0}\setup.exe" -l0x40c -removeonly
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
======System event log======
Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Record Number: 52258
Source Name: DCOM
Time Written: 20090705161203.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA
Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Record Number: 52257
Source Name: DCOM
Time Written: 20090705161143.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA
Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Record Number: 52256
Source Name: DCOM
Time Written: 20090705161123.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA
Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Record Number: 52255
Source Name: DCOM
Time Written: 20090705161103.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA
Computer Name: FAUCON-ADEA95E8
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service NMIndexingService avec les arguments ""
pour démarrer le serveur :
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Record Number: 52254
Source Name: DCOM
Time Written: 20090705161043.000000+120
Event Type: erreur
User: FAUCON-ADEA95E8\LAURA
=====Application event log=====
Computer Name: FAUCON-ADEA95E8
Event Code: 0
Message: Le service s'est arrêté avec succès.
Record Number: 25661
Source Name: idsvc
Time Written: 20090417195306.000000+120
Event Type: Informations
User:
Computer Name: FAUCON-ADEA95E8
Event Code: 518
Message: The Windows CardSpace service has been idle for some time. It has been shut down to make resources available for other programs.
Record Number: 25660
Source Name: CardSpace 3.0.0.0
Time Written: 20090417195306.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: FAUCON-ADEA95E8
Event Code: 0
Message: Le service a démarré avec succès.
Record Number: 25659
Source Name: idsvc
Time Written: 20090417185306.000000+120
Event Type: Informations
User:
Computer Name: FAUCON-ADEA95E8
Event Code: 0
Message:
Record Number: 25658
Source Name: gusvc
Time Written: 20090417182446.000000+120
Event Type: Informations
User:
Computer Name: FAUCON-ADEA95E8
Event Code: 0
Message:
Record Number: 25657
Source Name: iPod Service
Time Written: 20090417182416.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by LAURA at 2009-07-06 14:56:13
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 52 GB (34%) free of 153 GB
Total RAM: 1023 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:56:37, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\ayqqm.exe
C:\Program Files\DartyBox Wifi\SAGEM WiFi manager\WLANUTL.exe
C:\Documents and Settings\LAURA\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitComet\BitComet.exe
C:\Documents and Settings\LAURA\Bureau\RSIT.exe
C:\Program Files\trend micro\LAURA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: dcads - {733716E1-76D2-4003-AC39-845281C0EF85} - C:\WINDOWS\system32\nsu1C.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: (no name) - {CAFCBB0F-D6F3-465B-FAFC-2E31894B95AE} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [warn default inter for] C:\Documents and Settings\All Users\Application Data\Time Dead Warn Default\Plan Drive.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [L'Assistant DartyBox] C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ayqqm] "c:\windows\system32\ayqqm.exe" ayqqm
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\LAURA\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mesvacancesenphoto.com/Components/Upload/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
-
Multiples infections...
Va dans ajout/suppression de programmes puis cherche si tu as des programmes comme :
" CID Help", "Circle Developement" , "Adverts"( ou "CiD-quelquechose")
--->s’ils s'y trouvent, supprime les.
▶Télécharges Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
▶Installe-le en double-cliquant dessus
/!\ si tu as Vista, désactive l’UAC le temps de la désinfection : Panneau de configuration>comptes utilisateurs>activer/désactiver le contrôle des comptes utilisateurs>décoche la cas puis fais OK
/!\ si tu as TeaTimer (le résident de Spybot), désactive-le sinon il va gêner la désinfection en empêchant la modification des BHO et la réparation du registre :
*Démarre Spybot, clique sur Mode, coche Mode avancé
*A gauche, clique sur Outils, puis sur Résident
*Décoche la case devant Résident "TeaTimer" puis quitte Spybot :
▶ Une fois la désinfection terminée ( et pas avant ), réactiver le " TeaTimer " .
▶ Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
▶Une fois le scan terminé, enregistrez le rapport généré, poste-le.
▶ Le rapport se trouve aussi sous la racine du disque: C:\lopR.txt.
▶Télécharge Toolbar S&D:
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
▶ Lances l'installation en exécutant le fichier téléchargé...
▶ Double-clique sur le raccourci de Toolbar, qui se trouve sur ton bureau, pour lancer l'application.
▶sélectionnes la langue, puis valides par la touche '' Entrée '' de ton clavier...
▶ Au menu, choisis l'option1 (recherche) et patientes jusqu'à la fin de la recherche.
▶ Un rapport sera généré à la fin. Poste-le stp.
-
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
J'allais oublié:
il manque la fin du rapport. Reposte en entier stp. -
Logfile of random's system information tool 1.06 (written by random/random)
Run by LAURA at 2009-07-06 15:22:38
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 52 GB (34%) free of 153 GB
Total RAM: 1023 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:43, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\ayqqm.exe
C:\Program Files\DartyBox Wifi\SAGEM WiFi manager\WLANUTL.exe
C:\Documents and Settings\LAURA\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\system32\service.exe
C:\Documents and Settings\LAURA\Bureau\RSIT.exe
C:\Program Files\trend micro\LAURA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: dcads - {733716E1-76D2-4003-AC39-845281C0EF85} - C:\WINDOWS\system32\nsu1C.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: (no name) - {CAFCBB0F-D6F3-465B-FAFC-2E31894B95AE} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [warn default inter for] C:\Documents and Settings\All Users\Application Data\Time Dead Warn Default\Plan Drive.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [L'Assistant DartyBox] C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ayqqm] "c:\windows\system32\ayqqm.exe" ayqqm
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\LAURA\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mesvacancesenphoto.com/Components/Upload/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
-
-
-
-
Ben je t'ai expliqué:
http://www.commentcamarche.net/forum/affich 13225546 probleme pop up?#4
Utilise ce Tuto si tu préfères :
http://www.malekal.com/tutorial_Lop_SD.php
Ne passe pas à l'option 2 avant d'avoir posté le rapport. -
Voici le rapport toolbar :
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 06/07/2009|15:43 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\SrchAstt
C:\Program Files\AskTBar\bar\1.bin
C:\Program Files\AskTBar\bar\Cache
C:\Program Files\AskTBar\bar\History
C:\Program Files\AskTBar\bar\Settings
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\AskTBar\bar\Cache\00E1C79F
C:\Program Files\AskTBar\bar\Cache\02A5C045.bin
C:\Program Files\AskTBar\bar\Cache\02A5D3CD.bin
C:\Program Files\AskTBar\bar\Cache\02A5DE5C.bin
C:\Program Files\AskTBar\bar\Cache\02A5E31F.bin
C:\Program Files\AskTBar\bar\Cache\files.ini
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskTBar\PopSwatr\History
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\Program Files\AskTBar\SrchAstt\1.bin
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
C:\Program Files\BrowsingProgram
C:\Program Files\BrowsingProgram\BrowsingProgram.dat
C:\Program Files\BrowsingProgram\pcre3.dll
C:\Program Files\BrowsingProgram\uninstall.exe
C:\Program Files\Dcads Games Collection
C:\Program Files\Dcads Games Collection\BattlesOfHelicopters.exe
C:\Program Files\Dcads Games Collection\BobAndBill.exe
C:\Program Files\Dcads Games Collection\CrazyBlocks.exe
C:\Program Files\Dcads Games Collection\Lines.exe
C:\Program Files\Dcads Games Collection\uninstall.exe
C:\Program Files\Dcads Games Collection\VideoPool.exe
C:\DOCUME~1\LAURA\MENUDM~1\PROGRA~1\Dcads Games Collection
C:\Program Files\FBrowserAdvisor
C:\Program Files\FBrowsingAdvisor
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
C:\Program Files\FBrowsingAdvisor\Logo.png
C:\Program Files\FBrowsingAdvisor\main.db
C:\Program Files\FBrowsingAdvisor\unins000.dat
C:\Program Files\FBrowsingAdvisor\unins000.exe
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
C:\DOCUME~1\LAURA\Cookies\laura@mysearch[1].txt
C:\WINDOWS\System32\Dcads-remove.exe
C:\WINDOWS\system32\dcads_sidebar.dll
C:\WINDOWS\system32\dcads_sidebar_uninstall.exe
C:\WINDOWS\System32\DcadsSocial-uninstall.exe
C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
C:\WINDOWS\system32\superiorads-uninst.exe
C:\WINDOWS\System32\WinNB67.dll
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(LAURA) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(LAURA) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
"Search Bar"="http://www.yahoo.com/search/ie.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf
C:\WINDOWS\System32\aexsqzddu.dat
C:\WINDOWS\System32\aexsqzddu_nav.dat
C:\WINDOWS\System32\aexsqzddu_navps.dat
C:\WINDOWS\System32\ayqqm.dat
C:\WINDOWS\System32\ayqqm.exe
C:\WINDOWS\System32\ayqqm_nav.dat
C:\WINDOWS\System32\ayqqm_navps.dat
C:\WINDOWS\System32\lhrbory_navtmp.dat
C:\WINDOWS\System32\suywuoy.dat
C:\WINDOWS\System32\suywuoy_nav.dat
C:\WINDOWS\System32\suywuoy_navps.dat
C:\WINDOWS\System32\uyvivtv.dat
C:\WINDOWS\System32\uyvivtv_nav.dat
C:\WINDOWS\System32\uyvivtv_navps.dat
C:\WINDOWS\System32\wzylyuejp.dat
C:\WINDOWS\System32\wzylyuejp_nav.dat
C:\WINDOWS\System32\wzylyuejp_navps.dat
C:\WINDOWS\System32\ykakg.dat
C:\WINDOWS\System32\ykakg_nav.dat
C:\WINDOWS\System32\ykakg_navps.dat
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3
1 - "C:\ToolBar SD\TB_1.txt" - 06/07/2009|15:43 - Option : [1]
-----------\\ Fin du rapport a 15:43:55,98 -
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 06/07/2009|15:42 )
--------------------\\ Listing des dossiers dans APPLIC~1
[30/09/2007|21:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[20/04/2009|21:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/04/2009|21:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[16/04/2009|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/11/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[19/05/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/06/2008|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/05/2009|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/07/2007|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[20/04/2009|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/07/2009|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[03/12/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[18/04/2009|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/11/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[20/04/2009|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2007|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[09/12/2007|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[07/06/2009|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[07/06/2009|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[17/07/2007|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[27/07/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[27/07/2008|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[10/11/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SongbirdVLC
[06/07/2009|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[10/08/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/02/2009|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
[27/07/2008|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[13/03/2009|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[07/08/2007|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/07/2007|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[17/12/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[04/12/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[30/09/2007|21:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[17/07/2007|16:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[25/04/2008|20:49] C:\DOCUME~1\LAURA\APPLIC~1\Adobe
[18/07/2007|00:27] C:\DOCUME~1\LAURA\APPLIC~1\AdobeUM
[26/08/2008|19:24] C:\DOCUME~1\LAURA\APPLIC~1\Ahead
[10/11/2008|16:42] C:\DOCUME~1\LAURA\APPLIC~1\Apple Computer
[12/12/2008|16:15] C:\DOCUME~1\LAURA\APPLIC~1\axis fast
[21/04/2008|18:36] C:\DOCUME~1\LAURA\APPLIC~1\BitTorrent
[17/07/2007|17:50] C:\DOCUME~1\LAURA\APPLIC~1\CyberLink
[11/01/2008|21:06] C:\DOCUME~1\LAURA\APPLIC~1\DataCast
[03/12/2008|22:39] C:\DOCUME~1\LAURA\APPLIC~1\DivX
[25/02/2008|22:36] C:\DOCUME~1\LAURA\APPLIC~1\Google
[17/07/2007|16:36] C:\DOCUME~1\LAURA\APPLIC~1\Identities
[17/07/2007|19:30] C:\DOCUME~1\LAURA\APPLIC~1\InstallShield
[19/06/2009|01:19] C:\DOCUME~1\LAURA\APPLIC~1\LimeWire
[16/06/2009|22:10] C:\DOCUME~1\LAURA\APPLIC~1\LiveCAD2
[17/07/2007|19:33] C:\DOCUME~1\LAURA\APPLIC~1\Macromedia
[02/03/2008|18:22] C:\DOCUME~1\LAURA\APPLIC~1\Media Player Classic
[18/11/2008|14:15] C:\DOCUME~1\LAURA\APPLIC~1\Micro Application
[24/05/2009|15:19] C:\DOCUME~1\LAURA\APPLIC~1\Microsoft
[27/08/2008|19:33] C:\DOCUME~1\LAURA\APPLIC~1\Mozilla
[17/07/2007|19:45] C:\DOCUME~1\LAURA\APPLIC~1\MSNInstaller
[15/06/2008|19:54] C:\DOCUME~1\LAURA\APPLIC~1\muvee Technologies
[31/05/2009|22:58] C:\DOCUME~1\LAURA\APPLIC~1\Nero
[10/11/2008|20:30] C:\DOCUME~1\LAURA\APPLIC~1\OpenOffice.org
[02/03/2008|12:01] C:\DOCUME~1\LAURA\APPLIC~1\Real
[10/11/2007|17:12] C:\DOCUME~1\LAURA\APPLIC~1\Songbird1
[02/02/2008|20:13] C:\DOCUME~1\LAURA\APPLIC~1\Sun
[01/09/2007|23:11] C:\DOCUME~1\LAURA\APPLIC~1\Talkback
[09/02/2009|11:13] C:\DOCUME~1\LAURA\APPLIC~1\TigerPlayer
[11/08/2008|18:36] C:\DOCUME~1\LAURA\APPLIC~1\U3
[25/09/2007|17:47] C:\DOCUME~1\LAURA\APPLIC~1\vlc
[17/06/2008|23:31] C:\DOCUME~1\LAURA\APPLIC~1\Windows Live Writer
[27/08/2007|12:54] C:\DOCUME~1\LAURA\APPLIC~1\WinRAR
[24/05/2009|15:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/05/2009|15:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/07/2009 11:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{24906363-E082-4B08-8725-5F11B6737CC7}.job
[08/05/2009 21:13][--a------] C:\WINDOWS\tasks\Norton Security Scan for LAURA.job
[06/07/2009 15:40][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{5BE79D06-B1CB-4875-BD21-0234683C42F2}.job
[06/07/2009 12:55][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[02/07/2009 10:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/07/2009 15:00][--ah-----] C:\WINDOWS\tasks\AA820E2A9181826A.job
[06/07/2009 11:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AA820E2A9181826A.job )=( c:\docume~1\laura\applic~1\axisfa~1\defaultdownloadcity.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[12/11/2008|22:28] C:\Program Files\Adobe
[30/08/2008|18:45] C:\Program Files\AIST
[09/09/2007|19:36] C:\Program Files\Alwil Software
[17/07/2007|17:13] C:\Program Files\Analog Devices
[15/09/2008|08:15] C:\Program Files\Apple Software Update
[20/04/2009|21:59] C:\Program Files\Ask Search Assistant
[01/06/2009|22:43] C:\Program Files\AskTBar
[30/06/2008|11:41] C:\Program Files\Assistant Dartybox
[24/05/2009|15:04] C:\Program Files\AVG
[29/03/2008|20:52] C:\Program Files\axis fast
[06/07/2008|16:47] C:\Program Files\BitComet
[08/06/2008|10:13] C:\Program Files\BitTorrent
[18/12/2008|12:02] C:\Program Files\Bonjour
[20/09/2008|16:48] C:\Program Files\BrowsingProgram
[06/07/2009|14:04] C:\Program Files\CCleaner
[17/07/2007|16:28] C:\Program Files\ComPlus Applications
[17/07/2007|17:49] C:\Program Files\CyberLink
[30/06/2008|11:46] C:\Program Files\DartyBox Wifi
[20/01/2008|18:22] C:\Program Files\Dcads Games Collection
[17/07/2007|17:13] C:\Program Files\DIFX
[04/12/2008|23:46] C:\Program Files\DivX
[31/08/2008|23:21] C:\Program Files\eMule
[19/05/2008|11:55] C:\Program Files\FBrowserAdvisor
[19/05/2008|11:55] C:\Program Files\FBrowsingAdvisor
[31/05/2009|22:20] C:\Program Files\Fichiers communs
[21/04/2009|20:30] C:\Program Files\Google
[17/07/2007|17:27] C:\Program Files\Grisoft
[11/09/2008|19:27] C:\Program Files\InstallShield Installation Information
[10/06/2009|03:04] C:\Program Files\Internet Explorer
[04/06/2009|11:01] C:\Program Files\iPod
[20/04/2009|21:45] C:\Program Files\iPod(2)
[04/06/2009|11:01] C:\Program Files\iTunes
[23/04/2009|22:18] C:\Program Files\Java
[02/03/2008|18:50] C:\Program Files\K-Lite Codec Pack
[11/01/2008|20:58] C:\Program Files\Lame MP3 Codec
[22/04/2009|18:41] C:\Program Files\LimeWire
[16/06/2009|22:08] C:\Program Files\LiveCAD
[05/04/2008|20:36] C:\Program Files\Macrogaming
[11/01/2008|20:58] C:\Program Files\MarkAny
[24/12/2008|12:47] C:\Program Files\Messenger
[20/04/2009|21:59] C:\Program Files\Messenger Plus! Live
[18/11/2008|14:14] C:\Program Files\Micro Application
[17/12/2008|18:49] C:\Program Files\Microsoft
[20/12/2008|01:23] C:\Program Files\Microsoft ActiveSync
[17/07/2007|16:30] C:\Program Files\microsoft frontpage
[04/08/2007|23:51] C:\Program Files\Microsoft LifeCam
[02/03/2008|11:46] C:\Program Files\Microsoft Office
[21/04/2009|11:14] C:\Program Files\Microsoft Silverlight
[17/06/2008|22:53] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|18:48] C:\Program Files\Microsoft Sync Framework
[24/12/2008|12:44] C:\Program Files\Movie Maker
[20/04/2009|22:40] C:\Program Files\Mozilla Firefox
[20/04/2009|21:53] C:\Program Files\MpcStar
[26/11/2008|18:08] C:\Program Files\MSBuild
[02/03/2008|11:46] C:\Program Files\MSECache
[17/07/2007|19:45] C:\Program Files\MSN
[17/07/2007|16:27] C:\Program Files\MSN Gaming Zone
[12/01/2008|01:01] C:\Program Files\MSXML 4.0
[26/11/2008|18:05] C:\Program Files\MSXML 6.0
[18/05/2008|10:56] C:\Program Files\muvee Technologies
[11/12/2007|18:31] C:\Program Files\muvee Technologies(2)
[08/06/2008|10:17] C:\Program Files\My Photo Calendars & Cards
[12/01/2008|00:40] C:\Program Files\MyFree Codec
[31/05/2009|22:37] C:\Program Files\Nero
[24/12/2008|12:39] C:\Program Files\NetMeeting
[08/05/2009|15:00] C:\Program Files\Norton Security Scan
[20/04/2009|21:46] C:\Program Files\Norton Security Scan(2)
[07/06/2009|14:40] C:\Program Files\NOS
[17/07/2007|16:27] C:\Program Files\Online Services
[10/11/2008|17:21] C:\Program Files\OpenOffice.org 3
[24/12/2008|12:39] C:\Program Files\Outlook Express
[07/08/2008|21:55] C:\Program Files\Pinnacle
[04/06/2009|11:00] C:\Program Files\QuickTime
[20/04/2009|21:46] C:\Program Files\QuickTime(2)
[02/03/2008|11:58] C:\Program Files\Real
[26/11/2008|18:08] C:\Program Files\Reference Assemblies
[11/09/2008|19:19] C:\Program Files\Ressources Windows Mobile
[11/06/2009|10:55] C:\Program Files\Safari
[11/01/2008|20:58] C:\Program Files\Samsung
[17/07/2007|16:29] C:\Program Files\Services en ligne
[07/06/2009|10:44] C:\Program Files\Spybot - Search & Destroy
[20/09/2008|16:48] C:\Program Files\SurfingProgram
[06/07/2009|15:22] C:\Program Files\trend micro
[17/07/2007|16:36] C:\Program Files\Uninstall Information
[07/01/2008|22:58] C:\Program Files\UxTheme Multipatcher Fr
[25/09/2007|17:38] C:\Program Files\VideoLAN
[21/05/2008|19:21] C:\Program Files\webHancer
[20/04/2009|21:50] C:\Program Files\Winamp Toolbar
[20/04/2009|22:14] C:\Program Files\Windows Live
[30/06/2009|19:47] C:\Program Files\Windows Live Safety Center
[17/12/2008|18:46] C:\Program Files\Windows Live SkyDrive
[05/04/2008|20:34] C:\Program Files\Windows Live Toolbar
[07/08/2007|21:25] C:\Program Files\Windows Media Connect 2
[24/12/2008|12:39] C:\Program Files\Windows Media Player
[24/12/2008|12:39] C:\Program Files\Windows NT
[31/05/2009|22:35] C:\Program Files\Windows Sidebar
[17/07/2007|16:29] C:\Program Files\WindowsUpdate
[10/08/2008|12:24] C:\Program Files\WinRAR
[17/07/2007|16:30] C:\Program Files\xerox
[08/06/2008|10:29] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/11/2008|22:29] C:\Program Files\Fichiers communs\Adobe
[17/07/2007|17:23] C:\Program Files\Fichiers communs\Ahead
[04/06/2009|11:01] C:\Program Files\Fichiers communs\Apple
[17/07/2007|17:47] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2007|17:49] C:\Program Files\Fichiers communs\InstallShield
[19/01/2008|19:40] C:\Program Files\Fichiers communs\Java
[17/07/2007|17:23] C:\Program Files\Fichiers communs\LightScribe
[20/04/2009|22:10] C:\Program Files\Fichiers communs\Microsoft Shared
[17/07/2007|16:28] C:\Program Files\Fichiers communs\MSSoap
[10/11/2008|16:46] C:\Program Files\Fichiers communs\muvee Technologies
[31/05/2009|22:53] C:\Program Files\Fichiers communs\Nero
[17/07/2007|17:58] C:\Program Files\Fichiers communs\ODBC
[02/03/2008|11:58] C:\Program Files\Fichiers communs\Real
[17/07/2007|16:28] C:\Program Files\Fichiers communs\Services
[17/07/2007|17:58] C:\Program Files\Fichiers communs\SpeechEngines
[08/05/2009|15:00] C:\Program Files\Fichiers communs\Symantec Shared
[24/12/2008|12:39] C:\Program Files\Fichiers communs\System
[17/12/2008|18:34] C:\Program Files\Fichiers communs\Windows Live
[17/06/2008|22:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[02/03/2008|11:58] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 61 Processes )
iexplore.exe ~ [PID:2720]
iexplore.exe ~ [PID:1332]
iexplore.exe ~ [PID:3228]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\Plan Drive.exe
C:\DOCUME~1\LAURA\APPLIC~1\axisfa~1
C:\Program Files\axisfa~1
C:\WINDOWS\Tasks\AA820E2A9181826A.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="C:\\Documents and Settings\\All Users\\Application Data\\Time Dead Warn Default\\Plan Drive.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 10598 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 15:43:57
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 175
--------------------\\ Recherche d'autres infections
C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf
C:\WINDOWS\System32\aexsqzddu.dat
C:\WINDOWS\System32\aexsqzddu_nav.dat
C:\WINDOWS\System32\aexsqzddu_navps.dat
C:\WINDOWS\System32\ayqqm.dat
C:\WINDOWS\System32\ayqqm.exe
C:\WINDOWS\System32\ayqqm_nav.dat
C:\WINDOWS\System32\ayqqm_navps.dat
C:\WINDOWS\System32\lhrbory_navtmp.dat
C:\WINDOWS\System32\suywuoy.dat
C:\WINDOWS\System32\suywuoy_nav.dat
C:\WINDOWS\System32\suywuoy_navps.dat
C:\WINDOWS\System32\uyvivtv.dat
C:\WINDOWS\System32\uyvivtv_nav.dat
C:\WINDOWS\System32\uyvivtv_navps.dat
C:\WINDOWS\System32\wzylyuejp.dat
C:\WINDOWS\System32\wzylyuejp_nav.dat
C:\WINDOWS\System32\wzylyuejp_navps.dat
C:\WINDOWS\System32\ykakg.dat
C:\WINDOWS\System32\ykakg_nav.dat
C:\WINDOWS\System32\ykakg_navps.dat
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3
[F:55][D:7]-> C:\DOCUME~1\LAURA\LOCALS~1\Temp
[F:25][D:0]-> C:\DOCUME~1\LAURA\Cookies
[F:437][D:20]-> C:\DOCUME~1\LAURA\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/07/2009|15:44 - Option : [1]
--------------------\\ Fin du rapport a 15:44:58 -
▶Relances ToolBarSD
▶Choisis l'option2 ( suppression),
▶Ne touche à rien pendant la suppression.
▶A la fin, un rapport est généré, postes le!
/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
▶Relance Lop S&D
▶ Choisis l’option 2
▶ Ne touche à rien lors de la suppression !
▶A la fin un rapport est généré, poste le
▶ Le rapport se trouve aussi sous la racine du disque: C:\lopR.txt.
-
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 06/07/2009|15:47 )
-----------\\ SUPPRESSION
Echec ! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Echec ! - C:\Program Files\AskTBar\SrchAstt
Echec ! - C:\Program Files\AskTBar\bar\1.bin
Echec ! - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
Echec ! - C:\Program Files\AskTBar\SrchAstt\1.bin
Echec ! - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
Supprime! - C:\Program Files\BrowsingProgram\BrowsingProgram.dat
Supprime! - C:\Program Files\BrowsingProgram\pcre3.dll
Supprime! - C:\Program Files\BrowsingProgram\uninstall.exe
Supprime! - C:\Program Files\Dcads Games Collection\BattlesOfHelicopters.exe
Supprime! - C:\Program Files\Dcads Games Collection\BobAndBill.exe
Supprime! - C:\Program Files\Dcads Games Collection\CrazyBlocks.exe
Supprime! - C:\Program Files\Dcads Games Collection\Lines.exe
Supprime! - C:\Program Files\Dcads Games Collection\uninstall.exe
Supprime! - C:\Program Files\Dcads Games Collection\VideoPool.exe
Supprime! - C:\DOCUME~1\LAURA\MENUDM~1\PROGRA~1\Dcads Games Collection
Supprime! - C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
Supprime! - C:\Program Files\FBrowsingAdvisor\Logo.png
Supprime! - C:\Program Files\FBrowsingAdvisor\main.db
Supprime! - C:\Program Files\FBrowsingAdvisor\unins000.dat
Supprime! - C:\Program Files\FBrowsingAdvisor\unins000.exe
Supprime! - C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
Supprime! - C:\DOCUME~1\LAURA\Cookies\laura@mysearch[1].txt
Supprime! - C:\WINDOWS\System32\Dcads-remove.exe
Supprime! - C:\WINDOWS\system32\dcads_sidebar.dll
Supprime! - C:\WINDOWS\system32\dcads_sidebar_uninstall.exe
Supprime! - C:\WINDOWS\System32\DcadsSocial-uninstall.exe
Supprime! - C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
Supprime! - C:\WINDOWS\system32\superiorads-uninst.exe
Supprime! - C:\WINDOWS\System32\WinNB67.dll
Echec ! - C:\Program Files\AskTBar
Supprime! - C:\Program Files\BrowsingProgram
Supprime! - C:\Program Files\Dcads Games Collection
Supprime! - C:\Program Files\FBrowserAdvisor
Supprime! - C:\Program Files\FBrowsingAdvisor
-----------\\ DEUXIEME PASSAGE
Echec ! - C:\Program Files\AskTBar\bar
Echec ! - C:\Program Files\AskTBar\SrchAstt
Echec ! - C:\Program Files\AskTBar\bar\1.bin
Echec ! - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
Echec ! - C:\Program Files\AskTBar\SrchAstt\1.bin
Echec ! - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
Echec ! - C:\Program Files\AskTBar
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\SrchAstt
C:\Program Files\AskTBar\bar\1.bin
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\AskTBar\SrchAstt\1.bin
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(LAURA) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(LAURA) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
"Search Bar"="http://www.yahoo.com/search/ie.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf
C:\WINDOWS\System32\aexsqzddu.dat
C:\WINDOWS\System32\aexsqzddu_nav.dat
C:\WINDOWS\System32\aexsqzddu_navps.dat
C:\WINDOWS\System32\ayqqm.dat
C:\WINDOWS\System32\ayqqm.exe
C:\WINDOWS\System32\ayqqm_nav.dat
C:\WINDOWS\System32\ayqqm_navps.dat
C:\WINDOWS\System32\lhrbory_navtmp.dat
C:\WINDOWS\System32\suywuoy.dat
C:\WINDOWS\System32\suywuoy_nav.dat
C:\WINDOWS\System32\suywuoy_navps.dat
C:\WINDOWS\System32\uyvivtv.dat
C:\WINDOWS\System32\uyvivtv_nav.dat
C:\WINDOWS\System32\uyvivtv_navps.dat
C:\WINDOWS\System32\wzylyuejp.dat
C:\WINDOWS\System32\wzylyuejp_nav.dat
C:\WINDOWS\System32\wzylyuejp_navps.dat
C:\WINDOWS\System32\ykakg.dat
C:\WINDOWS\System32\ykakg_nav.dat
C:\WINDOWS\System32\ykakg_navps.dat
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3
1 - "C:\ToolBar SD\TB_1.txt" - 06/07/2009|15:43 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/07/2009|15:48 - Option : [2]
-----------\\ Fin du rapport a 15:48:53,90 -
Au passage...s'agit-il du même PC:
http://www.commentcamarche.net/forum/affich 12739456 probleme pop up promotion mcafee etc
? -
non ce n'est pas le même pc. Regarde le début de mon post (je suis sur le pc de mon amie) ;-)
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/07/2009|15:51 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\Plan Drive.exe
Supprime! - C:\WINDOWS\Tasks\AA820E2A9181826A.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
Supprime! - C:\DOCUME~1\LAURA\APPLIC~1\axisfa~1
Supprime! - C:\Program Files\axisfa~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[30/09/2007|21:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[20/04/2009|21:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/04/2009|21:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[16/04/2009|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/11/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[19/05/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/06/2008|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/05/2009|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/07/2007|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[20/04/2009|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/07/2009|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[03/12/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[18/04/2009|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/11/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[20/04/2009|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2007|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[09/12/2007|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[07/06/2009|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[07/06/2009|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[17/07/2007|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[27/07/2008|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[27/07/2008|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[10/11/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SongbirdVLC
[06/07/2009|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[10/08/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/07/2008|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[13/03/2009|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[07/08/2007|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/07/2007|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[17/12/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[04/12/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[30/09/2007|21:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[17/07/2007|16:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[25/04/2008|20:49] C:\DOCUME~1\LAURA\APPLIC~1\Adobe
[18/07/2007|00:27] C:\DOCUME~1\LAURA\APPLIC~1\AdobeUM
[26/08/2008|19:24] C:\DOCUME~1\LAURA\APPLIC~1\Ahead
[10/11/2008|16:42] C:\DOCUME~1\LAURA\APPLIC~1\Apple Computer
[21/04/2008|18:36] C:\DOCUME~1\LAURA\APPLIC~1\BitTorrent
[17/07/2007|17:50] C:\DOCUME~1\LAURA\APPLIC~1\CyberLink
[11/01/2008|21:06] C:\DOCUME~1\LAURA\APPLIC~1\DataCast
[03/12/2008|22:39] C:\DOCUME~1\LAURA\APPLIC~1\DivX
[25/02/2008|22:36] C:\DOCUME~1\LAURA\APPLIC~1\Google
[17/07/2007|16:36] C:\DOCUME~1\LAURA\APPLIC~1\Identities
[17/07/2007|19:30] C:\DOCUME~1\LAURA\APPLIC~1\InstallShield
[19/06/2009|01:19] C:\DOCUME~1\LAURA\APPLIC~1\LimeWire
[16/06/2009|22:10] C:\DOCUME~1\LAURA\APPLIC~1\LiveCAD2
[17/07/2007|19:33] C:\DOCUME~1\LAURA\APPLIC~1\Macromedia
[02/03/2008|18:22] C:\DOCUME~1\LAURA\APPLIC~1\Media Player Classic
[18/11/2008|14:15] C:\DOCUME~1\LAURA\APPLIC~1\Micro Application
[24/05/2009|15:19] C:\DOCUME~1\LAURA\APPLIC~1\Microsoft
[27/08/2008|19:33] C:\DOCUME~1\LAURA\APPLIC~1\Mozilla
[17/07/2007|19:45] C:\DOCUME~1\LAURA\APPLIC~1\MSNInstaller
[15/06/2008|19:54] C:\DOCUME~1\LAURA\APPLIC~1\muvee Technologies
[31/05/2009|22:58] C:\DOCUME~1\LAURA\APPLIC~1\Nero
[10/11/2008|20:30] C:\DOCUME~1\LAURA\APPLIC~1\OpenOffice.org
[02/03/2008|12:01] C:\DOCUME~1\LAURA\APPLIC~1\Real
[10/11/2007|17:12] C:\DOCUME~1\LAURA\APPLIC~1\Songbird1
[02/02/2008|20:13] C:\DOCUME~1\LAURA\APPLIC~1\Sun
[01/09/2007|23:11] C:\DOCUME~1\LAURA\APPLIC~1\Talkback
[09/02/2009|11:13] C:\DOCUME~1\LAURA\APPLIC~1\TigerPlayer
[11/08/2008|18:36] C:\DOCUME~1\LAURA\APPLIC~1\U3
[25/09/2007|17:47] C:\DOCUME~1\LAURA\APPLIC~1\vlc
[17/06/2008|23:31] C:\DOCUME~1\LAURA\APPLIC~1\Windows Live Writer
[27/08/2007|12:54] C:\DOCUME~1\LAURA\APPLIC~1\WinRAR
[24/05/2009|15:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/05/2009|15:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/07/2009 11:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{24906363-E082-4B08-8725-5F11B6737CC7}.job
[08/05/2009 21:13][--a------] C:\WINDOWS\tasks\Norton Security Scan for LAURA.job
[06/07/2009 15:50][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{5BE79D06-B1CB-4875-BD21-0234683C42F2}.job
[06/07/2009 12:55][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[02/07/2009 10:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/07/2009 11:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[12/11/2008|22:28] C:\Program Files\Adobe
[30/08/2008|18:45] C:\Program Files\AIST
[09/09/2007|19:36] C:\Program Files\Alwil Software
[17/07/2007|17:13] C:\Program Files\Analog Devices
[15/09/2008|08:15] C:\Program Files\Apple Software Update
[20/04/2009|21:59] C:\Program Files\Ask Search Assistant
[06/07/2009|15:47] C:\Program Files\AskTBar
[30/06/2008|11:41] C:\Program Files\Assistant Dartybox
[24/05/2009|15:04] C:\Program Files\AVG
[06/07/2008|16:47] C:\Program Files\BitComet
[08/06/2008|10:13] C:\Program Files\BitTorrent
[18/12/2008|12:02] C:\Program Files\Bonjour
[06/07/2009|14:04] C:\Program Files\CCleaner
[17/07/2007|16:28] C:\Program Files\ComPlus Applications
[17/07/2007|17:49] C:\Program Files\CyberLink
[30/06/2008|11:46] C:\Program Files\DartyBox Wifi
[17/07/2007|17:13] C:\Program Files\DIFX
[04/12/2008|23:46] C:\Program Files\DivX
[31/08/2008|23:21] C:\Program Files\eMule
[31/05/2009|22:20] C:\Program Files\Fichiers communs
[21/04/2009|20:30] C:\Program Files\Google
[17/07/2007|17:27] C:\Program Files\Grisoft
[11/09/2008|19:27] C:\Program Files\InstallShield Installation Information
[10/06/2009|03:04] C:\Program Files\Internet Explorer
[04/06/2009|11:01] C:\Program Files\iPod
[20/04/2009|21:45] C:\Program Files\iPod(2)
[04/06/2009|11:01] C:\Program Files\iTunes
[23/04/2009|22:18] C:\Program Files\Java
[02/03/2008|18:50] C:\Program Files\K-Lite Codec Pack
[11/01/2008|20:58] C:\Program Files\Lame MP3 Codec
[22/04/2009|18:41] C:\Program Files\LimeWire
[16/06/2009|22:08] C:\Program Files\LiveCAD
[05/04/2008|20:36] C:\Program Files\Macrogaming
[11/01/2008|20:58] C:\Program Files\MarkAny
[24/12/2008|12:47] C:\Program Files\Messenger
[20/04/2009|21:59] C:\Program Files\Messenger Plus! Live
[18/11/2008|14:14] C:\Program Files\Micro Application
[17/12/2008|18:49] C:\Program Files\Microsoft
[20/12/2008|01:23] C:\Program Files\Microsoft ActiveSync
[17/07/2007|16:30] C:\Program Files\microsoft frontpage
[04/08/2007|23:51] C:\Program Files\Microsoft LifeCam
[02/03/2008|11:46] C:\Program Files\Microsoft Office
[21/04/2009|11:14] C:\Program Files\Microsoft Silverlight
[17/06/2008|22:53] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|18:48] C:\Program Files\Microsoft Sync Framework
[24/12/2008|12:44] C:\Program Files\Movie Maker
[20/04/2009|22:40] C:\Program Files\Mozilla Firefox
[20/04/2009|21:53] C:\Program Files\MpcStar
[26/11/2008|18:08] C:\Program Files\MSBuild
[02/03/2008|11:46] C:\Program Files\MSECache
[17/07/2007|19:45] C:\Program Files\MSN
[17/07/2007|16:27] C:\Program Files\MSN Gaming Zone
[12/01/2008|01:01] C:\Program Files\MSXML 4.0
[26/11/2008|18:05] C:\Program Files\MSXML 6.0
[18/05/2008|10:56] C:\Program Files\muvee Technologies
[11/12/2007|18:31] C:\Program Files\muvee Technologies(2)
[08/06/2008|10:17] C:\Program Files\My Photo Calendars & Cards
[12/01/2008|00:40] C:\Program Files\MyFree Codec
[31/05/2009|22:37] C:\Program Files\Nero
[24/12/2008|12:39] C:\Program Files\NetMeeting
[08/05/2009|15:00] C:\Program Files\Norton Security Scan
[20/04/2009|21:46] C:\Program Files\Norton Security Scan(2)
[07/06/2009|14:40] C:\Program Files\NOS
[17/07/2007|16:27] C:\Program Files\Online Services
[10/11/2008|17:21] C:\Program Files\OpenOffice.org 3
[24/12/2008|12:39] C:\Program Files\Outlook Express
[07/08/2008|21:55] C:\Program Files\Pinnacle
[04/06/2009|11:00] C:\Program Files\QuickTime
[20/04/2009|21:46] C:\Program Files\QuickTime(2)
[02/03/2008|11:58] C:\Program Files\Real
[26/11/2008|18:08] C:\Program Files\Reference Assemblies
[11/09/2008|19:19] C:\Program Files\Ressources Windows Mobile
[11/06/2009|10:55] C:\Program Files\Safari
[11/01/2008|20:58] C:\Program Files\Samsung
[17/07/2007|16:29] C:\Program Files\Services en ligne
[07/06/2009|10:44] C:\Program Files\Spybot - Search & Destroy
[20/09/2008|16:48] C:\Program Files\SurfingProgram
[06/07/2009|15:22] C:\Program Files\trend micro
[17/07/2007|16:36] C:\Program Files\Uninstall Information
[07/01/2008|22:58] C:\Program Files\UxTheme Multipatcher Fr
[25/09/2007|17:38] C:\Program Files\VideoLAN
[21/05/2008|19:21] C:\Program Files\webHancer
[20/04/2009|21:50] C:\Program Files\Winamp Toolbar
[20/04/2009|22:14] C:\Program Files\Windows Live
[30/06/2009|19:47] C:\Program Files\Windows Live Safety Center
[17/12/2008|18:46] C:\Program Files\Windows Live SkyDrive
[05/04/2008|20:34] C:\Program Files\Windows Live Toolbar
[07/08/2007|21:25] C:\Program Files\Windows Media Connect 2
[24/12/2008|12:39] C:\Program Files\Windows Media Player
[24/12/2008|12:39] C:\Program Files\Windows NT
[31/05/2009|22:35] C:\Program Files\Windows Sidebar
[17/07/2007|16:29] C:\Program Files\WindowsUpdate
[10/08/2008|12:24] C:\Program Files\WinRAR
[17/07/2007|16:30] C:\Program Files\xerox
[08/06/2008|10:29] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/11/2008|22:29] C:\Program Files\Fichiers communs\Adobe
[17/07/2007|17:23] C:\Program Files\Fichiers communs\Ahead
[04/06/2009|11:01] C:\Program Files\Fichiers communs\Apple
[17/07/2007|17:47] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2007|17:49] C:\Program Files\Fichiers communs\InstallShield
[19/01/2008|19:40] C:\Program Files\Fichiers communs\Java
[17/07/2007|17:23] C:\Program Files\Fichiers communs\LightScribe
[20/04/2009|22:10] C:\Program Files\Fichiers communs\Microsoft Shared
[17/07/2007|16:28] C:\Program Files\Fichiers communs\MSSoap
[10/11/2008|16:46] C:\Program Files\Fichiers communs\muvee Technologies
[31/05/2009|22:53] C:\Program Files\Fichiers communs\Nero
[17/07/2007|17:58] C:\Program Files\Fichiers communs\ODBC
[02/03/2008|11:58] C:\Program Files\Fichiers communs\Real
[17/07/2007|16:28] C:\Program Files\Fichiers communs\Services
[17/07/2007|17:58] C:\Program Files\Fichiers communs\SpeechEngines
[08/05/2009|15:00] C:\Program Files\Fichiers communs\Symantec Shared
[24/12/2008|12:39] C:\Program Files\Fichiers communs\System
[17/12/2008|18:34] C:\Program Files\Fichiers communs\Windows Live
[17/06/2008|22:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[02/03/2008|11:58] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 57 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 15:52:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 175
--------------------\\ Recherche d'autres infections
C:\WINDOWS\Pack.epk
C:\WINDOWS\System32\nvs2.inf
C:\WINDOWS\System32\aexsqzddu.dat
C:\WINDOWS\System32\aexsqzddu_nav.dat
C:\WINDOWS\System32\aexsqzddu_navps.dat
C:\WINDOWS\System32\ayqqm.dat
C:\WINDOWS\System32\ayqqm.exe
C:\WINDOWS\System32\ayqqm_nav.dat
C:\WINDOWS\System32\ayqqm_navps.dat
C:\WINDOWS\System32\lhrbory_navtmp.dat
C:\WINDOWS\System32\suywuoy.dat
C:\WINDOWS\System32\suywuoy_nav.dat
C:\WINDOWS\System32\suywuoy_navps.dat
C:\WINDOWS\System32\uyvivtv.dat
C:\WINDOWS\System32\uyvivtv_nav.dat
C:\WINDOWS\System32\uyvivtv_navps.dat
C:\WINDOWS\System32\wzylyuejp.dat
C:\WINDOWS\System32\wzylyuejp_nav.dat
C:\WINDOWS\System32\wzylyuejp_navps.dat
C:\WINDOWS\System32\ykakg.dat
C:\WINDOWS\System32\ykakg_nav.dat
C:\WINDOWS\System32\ykakg_navps.dat
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3
[F:32][D:7]-> C:\DOCUME~1\LAURA\LOCALS~1\Temp
[F:24][D:0]-> C:\DOCUME~1\LAURA\Cookies
[F:464][D:20]-> C:\DOCUME~1\LAURA\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/07/2009|15:44 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/07/2009|15:53 - Option : [2]
--------------------\\ Fin du rapport a 15:53:24 -
ok, c'était pour être sûr ;-)
Supprime tes cracks et keygens:
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LAURA\Bureau\Mes fichiers re‡us\Muvee.autoProducer.v6.1.4.4.Multilangages.Incl-Crack.rar
C:\DOCUME~1\LAURA\Mes documents\muvee autoproducer v6 1 4 4 multilangages incl-crack.rar
C:\DOCUME~1\LAURA\Mes documents\Ma musique\Snow Patrol - A Hundred Million Suns [mp3-vbr-2008]\02 - Crack The Shutters.mp3
On continue:
>> Télécharge Navilog sur ton bureau:
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
/!\ si tu as Vista, désactive l’UAC le temps de la désinfection : Panneau de configuration>comptes utilisateurs>activer/désactiver le contrôle des comptes utilisateurs>décoche la cas puis fais OK
>> Désactives ton antivirus également.
>> Lance l’application ( clic-droit : exécuter en tant qu'administrateur si tu es sous Vista )
>> Arriver au menu principal, choisis l'option 1 et valide.
>> Patiente jusqu'au message : Analyse Termine le ...
>> Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt)
-
-
-
Excuse moi pour le retard !
Fix Navipromo version 4.0.0 commencé le 06/07/2009 à 16:06:08,59
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 19.06.2009 à 20h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12
USER : LAURA ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:50 Go)
D:\ (CD or DVD)
Recherche exécutée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
C:\WINDOWS\system32\aexsqzddu.dat supprimé !
C:\WINDOWS\system32\aexsqzddu_nav.dat supprimé !
C:\WINDOWS\system32\aexsqzddu_navps.dat supprimé !
C:\WINDOWS\system32\ayqqm.exe supprimé !
C:\WINDOWS\system32\ayqqm.dat supprimé !
C:\WINDOWS\system32\ayqqm_nav.dat supprimé !
C:\WINDOWS\system32\ayqqm_navps.dat supprimé !
C:\WINDOWS\prefetch\ayqqm*.pf supprimé !
C:\WINDOWS\system32\lhrbory_navtmp.dat supprimé !
C:\WINDOWS\system32\suywuoy.dat supprimé !
C:\WINDOWS\system32\suywuoy_nav.dat supprimé !
C:\WINDOWS\system32\suywuoy_navps.dat supprimé !
C:\WINDOWS\system32\uyvivtv.dat supprimé !
C:\WINDOWS\system32\uyvivtv_nav.dat supprimé !
C:\WINDOWS\system32\uyvivtv_navps.dat supprimé !
C:\WINDOWS\system32\wzylyuejp.dat supprimé !
C:\WINDOWS\system32\wzylyuejp_nav.dat supprimé !
C:\WINDOWS\system32\wzylyuejp_navps.dat supprimé !
C:\WINDOWS\system32\ykakg.dat supprimé !
C:\WINDOWS\system32\ykakg_nav.dat supprimé !
C:\WINDOWS\system32\ykakg_navps.dat supprimé !
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\LAURA\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
*** Scan terminé le 06/07/2009 à 21:01:51,31 ***
- 1
- 2
Suivant
