Plusieur cheval troie type TR/CryptXpack.gen

Résolu
teknicool -  
teknicool Messages postés 16 Statut Membre -
Bonjour,
depuis un bon moment j'ai plusieur chevaux de troie de type TR/Crypt X pack.gen
ses trojans font mouliné et on entend un brui de ventilo ou disque dur en continu, un genre de vroum!!
a chaque scan avec antivir ou avast je fait : mettre en quarantaine ou supprimer ou refuser l'accé , mais il sont toujours present .
pouvez vous m'aider a les suprimer merci d'avance
cordialement
Configuration: Windows XP Internet Explorer 8.0

25 réponses

  • 1
  • 2
  1. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    Salut, commence par faire ceci pour un diagnostic complet de ton PC :

    -+-+-+-> RSIT <-+-+-+-

    [x] Télécharge Random's System Information Tool à cette adresse : http://images.malwareremoval.com/random/RSIT.exe

    [x] Double clique sur " RSIT.exe ".

    [x] Clique sur " Continue ".

    [x] Si hijackthis n'est pas présent il sera automatiquement téléchargé et tu devras accepter la license.

    [x] Une fois l'analyse finie, deux fichiers ( info.txt & log.txt ) s'ouvriront.

    [x] Copie colle le contenu des deux rapports dans ton prochain message

    [o] Si jamais tu as fermé les rapports sans faire attention, ils sont sous C:\rsit
    0
  2. teknicool Messages postés 16 Statut Membre
     
    merci voila ce que tu m'a demandé

    info.txt logfile of random's system information tool 1.06 2009-10-11 12:16:48

    ======Uninstall list======

    -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}
    Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    Burn4Free CD and DVD-->"C:\Program Files\Burn4Free\uninstall.exe"
    Burn4Free Toolbar-->"C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_5421.exe" _?=C:\Program Files\Burn4Free Toolbar
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    DiMAGE Viewer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{976EA7B1-7562-483D-88DA-4323D263B7CD}\Setup.exe" -l0x40c anything
    DivX Author 1.5-->C:\Program Files\DivX\DivX Author 1.5\DivXAuthorUninstall.exe /DIVX_AUTHOR
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe
    GamesBar 2.0.1.12-->C:\Program Files\GamesBar\uninst.exe
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
    HP PSC & OfficeJet 3.5-->"C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat
    HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Jeu de Tarot-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23A32D12-5C71-46F3-801D-A2896C2B6792}\SETUP.EXE" -l0x40c
    K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Kookabonga-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4982795-D635-47C3-9D08-0B72491F1D08}\setup.exe" -l0x40c -removeonly
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
    Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
    Micro Application - MediaDICO Les 4 Dictionnaires Utiles-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Uninst.isu"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
    Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4}
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Motus Junior-->C:\PROGRA~1\MOTUSJ~1\UNWISE.EXE C:\PROGRA~1\MOTUSJ~1\INSTALL.LOG
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
    Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_fre_web.exe
    Nokia PC Suite-->MsiExec.exe /I{3D39E775-DDDA-4327-B747-0BDC5F191331}
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI
    OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C7A451815AD6A55564D6F47B5A12C61D8B4DCFD1\amdk8.inf
    Package de pilotes Windows - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf
    Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
    PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
    Pilote Webcam pour DiMAGE KONICA_MINOLTA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99E67091-D392-4031-AD2A-E9547F3615F8}\setup.exe" -l0x40c
    PokerStars.net-->"C:\Program Files\PokerStars.NET\PokerStarsUninstall.exe" /u:PokerStars.net
    PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
    PowerArchiver-->C:\Program Files\PowerArchiver\UNINST.EXE
    QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Shareaza 2.4.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    Winamp Toolbar-->"C:\Program Files\Winamp Toolbar\uninstall.exe"
    Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    WinZip 12.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: Avira AntiVir PersonalEdition Classic
    AV: avast! antivirus 4.8.1229 [VPS 091010-0]

    ======System event log======

    Computer Name: PASTORI-D829BBF
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

    Record Number: 104076
    Source Name: Service Control Manager
    Time Written: 20090817195502.000000+120
    Event Type: Informations
    User:

    Computer Name: PASTORI-D829BBF
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 104075
    Source Name: Service Control Manager
    Time Written: 20090817195502.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: PASTORI-D829BBF
    Event Code: 3005
    Message: Windows Defender Real-Time Protection agent has taken action to protect this machine from spyware or other potentially unwanted software.

    For more information please see the following:
    https://www.microsoft.com/fr-fr/security?rtc=1

    Scan ID: {A0994B13-337F-47C1-9A5C-84881EBCA7F0}

    User: PASTORI-D829BBF\ADMIN

    Name: Unknown

    ID:

    Severity: Non encore classifié

    Category: Non encore classifié

    Alert Type: Logiciel non classifié

    Action: Ignorer

    Record Number: 104074
    Source Name: WinDefend
    Time Written: 20090817195452.000000+120
    Event Type: Informations
    User:

    Computer Name: PASTORI-D829BBF
    Event Code: 3004
    Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.

    For more information please see the following:
    https://www.microsoft.com/fr-fr/security?rtc=1

    Scan ID: {A0994B13-337F-47C1-9A5C-84881EBCA7F0}

    User: PASTORI-D829BBF\ADMIN

    Name: Unknown

    ID:

    Severity: Non encore classifié

    Category: Non encore classifié

    Path Found: regkey:HKCU@S-1-5-21-725345543-412668190-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\MediaDICO4Ut;runkey:HKCU@S-1-5-21-725345543-412668190-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\MediaDICO4Ut;file:C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe

    Alert Type: Logiciel non classifié

    Detection Type:

    Record Number: 104073
    Source Name: WinDefend
    Time Written: 20090817195451.000000+120
    Event Type: Avertissement
    User:

    Computer Name: PASTORI-D829BBF
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

    Record Number: 104072
    Source Name: Service Control Manager
    Time Written: 20090817195251.000000+120
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: PASTORI-D829BBF
    Event Code: 11707
    Message: Product: MSXML 4.0 SP2 (KB954430) -- Installation completed successfully.

    Record Number: 523
    Source Name: MsiInstaller
    Time Written: 20081113030038.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: PASTORI-D829BBF
    Event Code: 1025
    Message: Produit : MSXML 4.0 SP2 (KB954430). Le fichier C:\WINDOWS\system32\msxml4.dll est actuellement utilisé par le processus de nom 'hpcmpmgr' et d'identificateur '488'.

    Record Number: 522
    Source Name: MsiInstaller
    Time Written: 20081113030037.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: PASTORI-D829BBF
    Event Code: 11704
    Message: Product: MSXML 4.0 SP2 (KB954430) -- Error 1704. An installation for Java(TM) 6 Update 7 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

    Record Number: 521
    Source Name: MsiInstaller
    Time Written: 20081113030030.000000+060
    Event Type: erreur
    User: AUTORITE NT\SYSTEM

    Computer Name: PASTORI-D829BBF
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 520
    Source Name: SecurityCenter
    Time Written: 20081111112435.000000+060
    Event Type: Informations
    User:

    Computer Name: PASTORI-D829BBF
    Event Code: 4096
    Message: Le service AntiVir a bien démarré!

    Record Number: 519
    Source Name: Avira AntiVir
    Time Written: 20081111112415.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=4b02
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP

    -----------------EOF-----------------
    et la suite

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by ADMIN at 2009-10-11 12:16:43
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 60 GB (60%) free of 100 GB
    Total RAM: 1007 MB (36% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:16:45, on 11/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\vVX3000.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\DNA\btdna.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Electronic Arts\EADM\Core.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Documents and Settings\ADMIN\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    c:\program files\winamp toolbar\WinampTbServer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\ADMIN\Mes documents\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\ADMIN.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll
    O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
    O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
    O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\ADMIN\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
    O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7DDBD150-81C3-4CF9-8854-393E76A793BD}: NameServer = 91.121.59.36 91.121.59.46
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    0
  3. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    Tu as avast et antivir , deux antivirus = conflits

    Désinstalle avast à l'aide de cet outil et laisse antivir : https://www.avast.com/fr-fr/uninstall-utility

    --------------

    -+-+-+-> R-Hosts <-+-+-+-

    Télécharge R-Hosts ( de S!ri ) à cette adresse : http://siri.urz.free.fr/RHosts.php

    Clique sur " download " , puis télécharge le sur ton bureau

    Execute le puis clique sur restaurer

    Confirme, puis quitte le programme, et supprime le.

    -+-+-+-> Toolbar S&D <-+-+-+-

    [x]Télécharge Toolbar S&D Ici : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

    [x] Suis le tutoriel disponible à cette adresse : https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/

    [x] Lance l'option 1 ( Recherche )

    [x] Puis copie/colle le rapport dans ton prochain message ( Il se trouve sous C:\TB.txt )
    0
  4. teknicool Messages postés 16 Statut Membre
     
    VOILA J'AI FAIS TOUS CE QUE TU M'A DEMANDE

    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : ADMIN ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
    C:\ (Local Disk) - NTFS - Total:97 Go (Free:58 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (Local Disk) - NTFS - Total:200 Go (Free:200 Go)
    K:\ (USB)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [1] ( 11/10/2009|13:05 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\AskBarDis
    C:\Program Files\AskBarDis\bar
    C:\Program Files\AskBarDis\PopSwatter
    C:\Program Files\AskBarDis\unins000.dat
    C:\Program Files\AskBarDis\unins000.exe
    C:\Program Files\AskBarDis\bar\bin
    C:\Program Files\AskBarDis\bar\Cache
    C:\Program Files\AskBarDis\bar\History
    C:\Program Files\AskBarDis\bar\Settings
    C:\Program Files\AskBarDis\bar\bin\askBar.dll
    C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
    C:\Program Files\AskBarDis\bar\bin\psvince.dll
    C:\Program Files\AskBarDis\bar\Cache\0099D921.bin
    C:\Program Files\AskBarDis\bar\Cache\0099DCBB.bin
    C:\Program Files\AskBarDis\bar\Cache\0099DE03.bin
    C:\Program Files\AskBarDis\bar\Cache\0099DF5B.bin
    C:\Program Files\AskBarDis\bar\Cache\0099E0D2.bin
    C:\Program Files\AskBarDis\bar\Cache\0099E21A.bin
    C:\Program Files\AskBarDis\bar\Cache\09930202
    C:\Program Files\AskBarDis\bar\Cache\193B525D
    C:\Program Files\AskBarDis\bar\Cache\files.ini
    C:\Program Files\AskBarDis\bar\History\search
    C:\Program Files\AskBarDis\bar\Settings\config.dat
    C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
    C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
    C:\Program Files\AskBarDis\PopSwatter\History
    C:\Program Files\AskBarDis\PopSwatter\History\allowed
    C:\Program Files\AskBarDis\PopSwatter\History\notallow
    C:\Program Files\Burn4Free
    C:\Program Files\Burn4Free\bass.dll
    C:\Program Files\Burn4Free\basscd.dll
    C:\Program Files\Burn4Free\bassflac.dll
    C:\Program Files\Burn4Free\basswma.dll
    C:\Program Files\Burn4Free\basswv.dll
    C:\Program Files\Burn4Free\bass_ape.dll
    C:\Program Files\Burn4Free\bass_mpc.dll
    C:\Program Files\Burn4Free\BURN4FREE.CFG
    C:\Program Files\Burn4Free\Burn4Free.exe
    C:\Program Files\Burn4Free\languages
    C:\Program Files\Burn4Free\license.txt
    C:\Program Files\Burn4Free\queue
    C:\Program Files\Burn4Free\temp
    C:\Program Files\Burn4Free\uninstall.exe
    C:\Program Files\Burn4Free\wav
    C:\Program Files\Burn4Free\languages\ARABIC.INI
    C:\Program Files\Burn4Free\languages\BELARUSSIAN.INI
    C:\Program Files\Burn4Free\languages\CATALAN.INI
    C:\Program Files\Burn4Free\languages\CHINESEBIG5.INI
    C:\Program Files\Burn4Free\languages\CHINESEGB.INI
    C:\Program Files\Burn4Free\languages\CROATIAN_FUN.INI
    C:\Program Files\Burn4Free\languages\CZECH.INI
    C:\Program Files\Burn4Free\languages\DUTCH.INI
    C:\Program Files\Burn4Free\languages\ENGLISH.INI
    C:\Program Files\Burn4Free\languages\FRENCH.INI
    C:\Program Files\Burn4Free\languages\GALEGO.INI
    C:\Program Files\Burn4Free\languages\GERMAN.INI
    C:\Program Files\Burn4Free\languages\GERMAN_2.INI
    C:\Program Files\Burn4Free\languages\HEBREW.INI
    C:\Program Files\Burn4Free\languages\HELLENIC.INI
    C:\Program Files\Burn4Free\languages\ITALIANO.INI
    C:\Program Files\Burn4Free\languages\JAPANESE.INI
    C:\Program Files\Burn4Free\languages\KOREAN.INI
    C:\Program Files\Burn4Free\languages\LITHUANIAN.INI
    C:\Program Files\Burn4Free\languages\MACEDONIAN.INI
    C:\Program Files\Burn4Free\languages\MAGYAR.INI
    C:\Program Files\Burn4Free\languages\NORSK.INI
    C:\Program Files\Burn4Free\languages\POLISH.INI
    C:\Program Files\Burn4Free\languages\PORTUGUESE.INI
    C:\Program Files\Burn4Free\languages\ROMANA.INI
    C:\Program Files\Burn4Free\languages\RUSSIAN.INI
    C:\Program Files\Burn4Free\languages\RUSSIAN_2.INI
    C:\Program Files\Burn4Free\languages\SERBIAN.INI
    C:\Program Files\Burn4Free\languages\SLOVAK.INI
    C:\Program Files\Burn4Free\languages\SLOVENIAN.INI
    C:\Program Files\Burn4Free\languages\SPANISH.INI
    C:\Program Files\Burn4Free\languages\SUOMI.INI
    C:\Program Files\Burn4Free\languages\SVENSKA.INI
    C:\Program Files\Burn4Free\languages\TURKISH.INI
    C:\Program Files\Burn4Free\languages\UKRAINIAN.INI
    C:\Program Files\Burn4Free\languages\VALENCIAN.INI
    C:\DOCUME~1\ALLUSE~1\Bureau\Burn4Free.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Burn4Free CD and DVD
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Burn4Free Toolbar
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Burn4Free CD and DVD
    C:\Program Files\Burn4Free Toolbar
    C:\Program Files\Burn4Free Toolbar\settings.dat
    C:\Program Files\Burn4Free Toolbar\uninstall.txt
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\installer.ico
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\beruby
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\checkmark.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\configure.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\configure_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\cookies.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\cookies_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\favorites.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\favorites_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\find.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\find_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\go1.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\go1_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\go2.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\go2_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\help.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\help_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\highlight.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\highlight_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\history.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\history_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\images.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\images_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\mag.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\magnifying_glass.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\magnifying_glass_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\multi_home_page.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\multi_home_page_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\panic.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\panic_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\popup_blocker_off.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\popup_blocker_on.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\radiodot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\run_application.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\run_application_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\save_web_pages_urls.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\save_web_pages_urls_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\searchbg.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\source.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\source_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\temporary_internet_files.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\temporary_internet_files_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\Thumbs.db
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\Toolbar.js
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\Toolbar4Free.exe
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\toolbar_logo.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\typed_urls.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\typed_urls_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\zoom_in.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\zoom_in_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\zoom_out.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\zoom_out_hot.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\beruby\beruby.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\beruby\downloads_logo_small.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\beruby\shopping_logo_small.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\beruby\travel_logo_small.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\beruby\webmasters_logo_small.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\bin
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\css
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\dropdown.htm
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\models.sm
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\preferences.htm
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\bin\CSA.dll
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\css\main.css
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\cancel.png
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\compare.png
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\dollar1.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\dollar2.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\dollar3.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\empty.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\gradient.jpg
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\prontologo.png
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\update.png
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_bg.png
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_feature_bracket.gif
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_logo.gif
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_search_bracket.gif
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_star_bullet.png
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_toolbar.png
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\Thumbs.db
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\toolbar_intro.htm
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\accuweather.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\amazon.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\dictionary.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\ebay.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\flickr.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\google_groups.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\google_images.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\google_maps.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\google_news.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\shopping.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\technorati.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\Thumbs.db
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\wikipedia.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\yahoo.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\yahoo_answers.bmp
    C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\youtube.bmp
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Burn4Free Toolbar
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\brickquest_216x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\burger_island_216x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cake_shop16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\call_of_atlantis16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\color_cross16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dream_day_wedding_216x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dr_lynch_grave_secrets16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\kids.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\my_tribe16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\saqqarah16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\season_match_216x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sherlock_holmes16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\time_quest16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\treasures_of_mystery_island16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtual_pool316x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\womens_murder_club_fr16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\about.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\feedback.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\help.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\highlight.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\partner.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\popup_off.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\popup_on.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\search.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\sendafriend.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\uninstall.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27\update.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload\loading.gif
    C:\Program Files\GamesBar
    C:\Program Files\GamesBar\Localization-French.ini
    C:\Program Files\GamesBar\Localization2-French.ini
    C:\Program Files\GamesBar\oberontb.dll
    C:\Program Files\GamesBar\uninst.exe
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\GamesBar
    C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_2296.exe
    C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_4000.exe
    C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_5421.exe
    C:\DOCUME~1\ADMIN\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk
    C:\DOCUME~1\ALLUSE~1\Bureau\Burn4Free.lnk

    -----------\\ Extensions

    (ADMIN) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Url"="http://www.microsoft.com/athome/community/rss.xml"
    "Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
    "Url"="http://www.microsoft.com/atwork/community/rss.xml"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\ADMIN\Menu D‚marrer\Programmes\Avast.Antivirus.Pro.v4.8.1169.FR.Incl-Keygen

    1 - "C:\ToolBar SD\TB_1.txt" - 11/10/2009|13:06 - Option : [1]

    -----------\\ Fin du rapport a 13:06:11,85
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     

    C:\DOCUME~1\ADMIN\Menu D‚marrer\Programmes\Avast.Antivirus.Pro.v4.8.1169.FR.Incl-Keygen


    ---> A supprimer, d'autant plus qu'avast est une vraie passoire, même dans sa version pro.

    -+-+-+-> Toolbar S&D - Nettoyage <-+-+-+-

    [x] Relance Toolbar S&D et choisi l'option 2 ( Suppression ).

    [x] Ne fait rien pendant la procédure.

    [x] Copie/Colle le rapport dans ton prochain message.
    0
  7. teknicool Messages postés 16 Statut Membre
     
    VOILA

    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : ADMIN ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
    C:\ (Local Disk) - NTFS - Total:97 Go (Free:58 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (Local Disk) - NTFS - Total:200 Go (Free:200 Go)
    K:\ (USB)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [2] ( 11/10/2009|13:14 )

    -----------\\ SUPPRESSION

    Echec ! - C:\Program Files\AskBarDis\bar
    Supprime! - C:\Program Files\AskBarDis\PopSwatter
    Supprime! - C:\Program Files\AskBarDis\unins000.dat
    Supprime! - C:\Program Files\AskBarDis\unins000.exe
    Supprime! - C:\Program Files\AskBarDis\bar\bin
    Supprime! - C:\Program Files\AskBarDis\bar\History
    Supprime! - C:\Program Files\Burn4Free\bass.dll
    Supprime! - C:\Program Files\Burn4Free\basscd.dll
    Supprime! - C:\Program Files\Burn4Free\bassflac.dll
    Supprime! - C:\Program Files\Burn4Free\basswma.dll
    Supprime! - C:\Program Files\Burn4Free\basswv.dll
    Supprime! - C:\Program Files\Burn4Free\bass_ape.dll
    Supprime! - C:\Program Files\Burn4Free\bass_mpc.dll
    Supprime! - C:\Program Files\Burn4Free\BURN4FREE.CFG
    Supprime! - C:\Program Files\Burn4Free\Burn4Free.exe
    Supprime! - C:\Program Files\Burn4Free\languages
    Supprime! - C:\Program Files\Burn4Free\license.txt
    Supprime! - C:\Program Files\Burn4Free\queue
    Supprime! - C:\Program Files\Burn4Free\temp
    Supprime! - C:\Program Files\Burn4Free\uninstall.exe
    Supprime! - C:\Program Files\Burn4Free\wav
    Supprime! - C:\DOCUME~1\ALLUSE~1\Bureau\Burn4Free.lnk
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Burn4Free CD and DVD
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Burn4Free Toolbar
    Supprime! - C:\Program Files\Burn4Free Toolbar\settings.dat
    Supprime! - C:\Program Files\Burn4Free Toolbar\uninstall.txt
    Supprime! - C:\Program Files\Burn4Free Toolbar\v3.3.0.1
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-12-08-16-46-27.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\brickquest_216x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\burger_island_216x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cake_shop16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\call_of_atlantis16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\color_cross16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dream_day_wedding_216x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\dr_lynch_grave_secrets16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\kids.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\my_tribe16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\saqqarah16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\season_match_216x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sherlock_holmes16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\time_quest16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\treasures_of_mystery_island16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtual_pool316x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\womens_murder_club_fr16x16.gif
    Supprime! - C:\Program Files\GamesBar\Localization-French.ini
    Supprime! - C:\Program Files\GamesBar\Localization2-French.ini
    Supprime! - C:\Program Files\GamesBar\oberontb.dll
    Supprime! - C:\Program Files\GamesBar\uninst.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\GamesBar
    Supprime! - C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_2296.exe
    Supprime! - C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_4000.exe
    Supprime! - C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_5421.exe
    Supprime! - C:\DOCUME~1\ADMIN\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk
    Supprime! - C:\Program Files\AskBarDis
    Supprime! - C:\Program Files\Burn4Free
    Supprime! - C:\Program Files\Burn4Free Toolbar
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
    Supprime! - C:\Program Files\GamesBar

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ Extensions

    (ADMIN) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Url"="http://www.microsoft.com/athome/community/rss.xml"
    "Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
    "Url"="http://www.microsoft.com/atwork/community/rss.xml"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.msn.com/fr-fr/"

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    1 - "C:\ToolBar SD\TB_1.txt" - 11/10/2009|13:06 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 11/10/2009|13:15 - Option : [2]

    -----------\\ Fin du rapport a 13:15:35,42
    0
  8. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    -+-+-+-> Malwarebyte's Anti-Malware <-+-+-+-

    [x] Télécharge Malwarebyte's anti-malware (MBAM) à cette adresse : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    [x] Installe le.

    [x] Met le à jour.

    [x] Lance un scan complet !

    [x] Coche bien tout les éléments trouvés et supprime les !

    [x] Un tutoriel pour son utilisation est disponible ici : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    [x] Suis les indications données sur le lien précédent puis copie/colle le rapport généré dans ton prochain message
    0
  9. teknicool Messages postés 16 Statut Membre
     
    VOILA AUCUN NUISIBLE TROUVER

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2941
    Windows 5.1.2600 Service Pack 3

    11/10/2009 14:01:19
    mbam-log-2009-10-11 (14-01-19).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|)
    Eléments examinés: 148805
    Temps écoulé: 24 minute(s), 13 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    0
  10. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    Bien, reposte maintenant un log RSIT
    0
  11. teknicool Messages postés 16 Statut Membre
     
    VOILA

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by ADMIN at 2009-10-11 14:09:10
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 60 GB (60%) free of 100 GB
    Total RAM: 1007 MB (8% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:09:32, on 11/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\vVX3000.exe
    C:\Program Files\DNA\btdna.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Electronic Arts\EADM\Core.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Documents and Settings\ADMIN\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    c:\program files\winamp toolbar\WinampTbServer.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\ADMIN\Mes documents\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\ADMIN.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\ADMIN\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7DDBD150-81C3-4CF9-8854-393E76A793BD}: NameServer = 91.121.59.36 91.121.59.46
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    0
  12. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    A désinstaller via ajout/suppression de programmes ( si présents ) :

    winamp toolbar
    Gamesbar
    yahoo toolbar
    spybot S&D


    -+-+-+-> AD-Remover <-+-+-+-

    [x] Si tu es sous vista : Désactive l'UAC (Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le)

    [x] Télécharge Ad-remover (de C_XX) sur ton bureau : https://www.androidworld.fr/

    [x] Lance l'installation avec les paramètres par défaut..

    ! Déconnecte toi et ferme toutes applications en cours !

    [x] Double-clique sur le raccourci Ad-Remover sur ton Bureau. (Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista))

    [x] Séléctionne l'option F pour français

    [x] A la fenêtre qui s'affiche clique sur " oui "

    [x] Séléctionne l'option S

    [x] Laisse l'outil travailler.

    [x] Une fois le scan fini, appuie sur une touche, le rapport s'ouvre

    [x] Copie/colle le dans ton prochain post
    0
  13. teknicool Messages postés 16 Statut Membre
     
    VOILA

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_Y | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 11.10.2009 à 13:06
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 14:25:17, 11/10/2009 | Mode Normal | Option: SCAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: PASTORI-D829BBF | Utilisateur actuel: ADMIN
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .

    HKCU\Software\AppDataLow\AskBarDis
    HKCU\Software\GamesBar
    HKCU\Software\Titan Poker
    HKLM\Software\Titan Poker
    HKU\S-1-5-21-725345543-412668190-682003330-1004\Software\Titan Poker
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\CLSID\{CB0D163C-E9F4-4236-9496-0597E24B23A5}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}
    .
    C:\Program Files\Everest Poker
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\log_lobby.txt
    C:\log_lobby_dumper.txt
    C:\DOCUME~1\ADMIN\Cookies\admin@ask[2].txt
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version [Impossible d'obtenir la version] *
    .
    Nom du profil: (ADMIN)
    .
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://www.msn.com/
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    2390 Octet(s) - C:\Ad-Report-SCAN[1].log
    .
    68 Fichier(s) - C:\DOCUME~1\ADMIN\LOCALS~1\Temp
    35 Fichier(s) - C:\WINDOWS\Temp
    .
    1 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 14:29:08 | 11/10/2009 - SCAN[1]
    .
    ============== E.O.F ==============
    .
    0
  14. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    -+-+-+-> AD-Remover - Nettoyage <-+-+-+-

    [x] Relance Ad-Remover puis séléctionne l'option " L "

    [x] Une fois le nettoyage terminé, le rapport s'affiche.

    [x] Copie/Colle le dans ton prochain message
    0
  15. teknicool Messages postés 16 Statut Membre
     
    VOILA

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_Y | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 11.10.2009 à 13:06
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 14:32:29, 11/10/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: PASTORI-D829BBF | Utilisateur actuel: ADMIN
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    HKCU\Software\AppDataLow\AskBarDis
    HKCU\Software\GamesBar
    HKCU\Software\Titan Poker
    HKLM\Software\Titan Poker
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\CLSID\{CB0D163C-E9F4-4236-9496-0597E24B23A5}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}
    .
    C:\Program Files\Everest Poker\data
    C:\Program Files\Everest Poker\history
    C:\Program Files\Everest Poker\var
    C:\Program Files\Everest Poker\data\fonts
    C:\Program Files\Everest Poker\data\mp-lobby
    C:\Program Files\Everest Poker\data\mp-poker
    C:\Program Files\Everest Poker\data\shared
    C:\Program Files\Everest Poker\data\startup
    C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
    C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
    C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
    C:\Program Files\Everest Poker\data\mp-poker\background
    C:\Program Files\Everest Poker\data\mp-poker\fr
    C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
    C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
    C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
    C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
    C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
    C:\Program Files\Everest Poker\data\shared\fr
    C:\Program Files\Everest Poker\data\shared\shared
    C:\Program Files\Everest Poker\data\shared\fr\country.txt
    C:\Program Files\Everest Poker\data\shared\fr\language.txt
    C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
    C:\Program Files\Everest Poker\data\shared\shared\bitmaps
    C:\Program Files\Everest Poker\data\shared\shared\sounds
    C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
    C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
    C:\Program Files\Everest Poker\data\startup\en
    C:\Program Files\Everest Poker\data\startup\fr
    C:\Program Files\Everest Poker\data\startup\shared
    C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
    C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
    C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
    C:\Program Files\Everest Poker\data\startup\shared\bitmaps
    C:\Program Files\Everest Poker\data\startup\shared\icons
    C:\Program Files\Everest Poker\data\startup\shared\sounds
    C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
    C:\Program Files\Everest Poker\history\1.txt
    C:\Program Files\Everest Poker\history\10.txt
    C:\Program Files\Everest Poker\history\11.txt
    C:\Program Files\Everest Poker\history\12.txt
    C:\Program Files\Everest Poker\history\13.txt
    C:\Program Files\Everest Poker\history\15.txt
    C:\Program Files\Everest Poker\history\16.txt
    C:\Program Files\Everest Poker\history\17.txt
    C:\Program Files\Everest Poker\history\19.txt
    C:\Program Files\Everest Poker\history\2.txt
    C:\Program Files\Everest Poker\history\20.txt
    C:\Program Files\Everest Poker\history\21.txt
    C:\Program Files\Everest Poker\history\22.txt
    C:\Program Files\Everest Poker\history\23.txt
    C:\Program Files\Everest Poker\history\24.txt
    C:\Program Files\Everest Poker\history\25.txt
    C:\Program Files\Everest Poker\history\27.txt
    C:\Program Files\Everest Poker\history\28.txt
    C:\Program Files\Everest Poker\history\29.txt
    C:\Program Files\Everest Poker\history\3.txt
    C:\Program Files\Everest Poker\history\30.txt
    C:\Program Files\Everest Poker\history\31.txt
    C:\Program Files\Everest Poker\history\32.txt
    C:\Program Files\Everest Poker\history\34.txt
    C:\Program Files\Everest Poker\history\35.txt
    C:\Program Files\Everest Poker\history\36.txt
    C:\Program Files\Everest Poker\history\37.txt
    C:\Program Files\Everest Poker\history\38.txt
    C:\Program Files\Everest Poker\history\39.txt
    C:\Program Files\Everest Poker\history\4.txt
    C:\Program Files\Everest Poker\history\40.txt
    C:\Program Files\Everest Poker\history\41.txt
    C:\Program Files\Everest Poker\history\42.txt
    C:\Program Files\Everest Poker\history\43.txt
    C:\Program Files\Everest Poker\history\44.txt
    C:\Program Files\Everest Poker\history\45.txt
    C:\Program Files\Everest Poker\history\46.txt
    C:\Program Files\Everest Poker\history\47.txt
    C:\Program Files\Everest Poker\history\48.txt
    C:\Program Files\Everest Poker\history\49.txt
    C:\Program Files\Everest Poker\history\5.txt
    C:\Program Files\Everest Poker\history\50.txt
    C:\Program Files\Everest Poker\history\51.txt
    C:\Program Files\Everest Poker\history\52.txt
    C:\Program Files\Everest Poker\history\54.txt
    C:\Program Files\Everest Poker\history\6.txt
    C:\Program Files\Everest Poker\history\61.txt
    C:\Program Files\Everest Poker\history\64.txt
    C:\Program Files\Everest Poker\history\65.txt
    C:\Program Files\Everest Poker\history\66.txt
    C:\Program Files\Everest Poker\history\67.txt
    C:\Program Files\Everest Poker\history\68.txt
    C:\Program Files\Everest Poker\history\69.txt
    C:\Program Files\Everest Poker\history\7.txt
    C:\Program Files\Everest Poker\history\71.txt
    C:\Program Files\Everest Poker\history\72.txt
    C:\Program Files\Everest Poker\history\73.txt
    C:\Program Files\Everest Poker\history\74.txt
    C:\Program Files\Everest Poker\history\75.txt
    C:\Program Files\Everest Poker\history\76.txt
    C:\Program Files\Everest Poker\history\77.txt
    C:\Program Files\Everest Poker\history\78.txt
    C:\Program Files\Everest Poker\history\8.txt
    C:\Program Files\Everest Poker\history\82.txt
    C:\Program Files\Everest Poker\history\9.txt
    C:\Program Files\Everest Poker\var\content-fr.dat
    C:\Program Files\Everest Poker
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\log_lobby.txt
    C:\log_lobby_dumper.txt
    C:\DOCUME~1\ADMIN\Cookies\admin@ask[2].txt

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version [Impossible d'obtenir la version] *
    .
    Nom du profil: (ADMIN)
    .
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://fr.msn.com/
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    7869 Octet(s) - C:\Ad-Report-CLEAN[1].log
    2716 Octet(s) - C:\Ad-Report-SCAN[1].log
    .
    26 Fichier(s) - C:\DOCUME~1\ADMIN\LOCALS~1\Temp
    32 Fichier(s) - C:\WINDOWS\Temp
    .
    18 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    68 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 14:35:54 | 11/10/2009 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    0
  16. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    refais maintenant un RSIT
    0
  17. teknicool Messages postés 16 Statut Membre
     
    VOILA

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by ADMIN at 2009-10-11 14:41:52
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 60 GB (60%) free of 100 GB
    Total RAM: 1007 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:41:55, on 11/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\vVX3000.exe
    C:\Program Files\DNA\btdna.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Electronic Arts\EADM\Core.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Documents and Settings\ADMIN\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\ADMIN\Mes documents\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\ADMIN.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\ADMIN\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7DDBD150-81C3-4CF9-8854-393E76A793BD}: NameServer = 91.121.59.36 91.121.59.46
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    0
  18. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    -+-+-+-> Hijackthis <-+-+-+-

    [x] Lance hijackthis ( C:\Program Files\Trend Micro\Hijackthis.exe )

    [x] Clique sur " None of the above, just start the program " puis sur " Scan "

    [x] Coche les lignes en gras ci dessous :

    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7DDBD150-81C3-4CF9-8854-393E76A793BD}: NameServer = 91.121.59.36 91.121.59.46


    [x] Clique ensuite sur " Fix checked "

    --------------

    Comment se porte le PC ?

    Relance hijackthis mais clique cette fois sur " Do a system scan and save a logfile " puis poste le rapport.
    0
  19. teknicool Messages postés 16 Statut Membre
     
    VOILA

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:54:54, on 11/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\vVX3000.exe
    C:\Program Files\Electronic Arts\EADM\Core.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Documents and Settings\ADMIN\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\ADMIN\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    0
  20. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    Passe un scan antivir et poste le rapport.

    On a presque fini.
    0
  21. teknicool Messages postés 16 Statut Membre
     
    XPLODE JE VAIS DEVOIR PARTIR ? QUAND PUIJE TE RECONTACTER POUR FINIR LES MANIPS
    MERCI
    CORDIALEMENT
    0
  • 1
  • 2