Keygen+ pub intempestives !! help plz

kenseii -  
 gen-hackman -
bonsoir tout le monde,
voila depuis peu, il y a des pop-up de pub qui apparaissent sans arret
je voudrais savoir comme y fallait s'y prendre pour les supprimées, je sais pas si c'est dû aux cookies ou a un spywares mais ca devient vite ennervant.
je crois que c'était suite a l'instalation d'un keygen .
m'enfin vous allez surement me demander un scan de Hijackthis donc le voila :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:53:59, on 27/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\XP\LOCALS~1\Temp\b.exe
C:\WINDOWS\msa.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=duxet&e=com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-510] C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [BVRPLiveUpdate] C:\Program Files\Avanquest update\Engine\Setup.exe -s /PATCH,/SRCUPDATEC:\DOCUME~1\ALLUSE~1\APPLIC~1\SONYER~1\SONYER~1\LIVEUP~1\LISTOF~1.DAT
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [PopRock] C:\DOCUME~1\XP\LOCALS~1\Temp\b.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MSI" TRANSFORMS="C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MST" WISE_SETUP_EXE_PATH="c:\documents and settings\xp\bureau\nv18206_win2kxp\nv18206_win2kxp\PhysX_9.09.0203_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\Player\__CDS2.DLL (file missing)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 14546 bytes

voili voilou, si quelqu'un peut m'aider ca serait sympas :)

merci
Configuration: Windows XP
Opera 9.64

9 réponses

  1. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    REDEMARRE EN MODE SANS ECHEC , puis :

    ▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

    mais cette fois-ci :

    ▶ choisis l'option 2 = Mode Destruction

    laisse travailler l'outil

    apres les verifications , un rapport va s'ouvrir.

    ▶ ferme-le.

    un deuxieme rapport va s'ouvrir ,

    ▶ colle son contenu dans ta reponse apres avoir redemarré en mode normal
    1
  2. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    Salut, commence par faire ceci :

    -+-+-+-> AD-Remover <-+-+-+-

    [x] Télécharge Ad-remover (de C_XX) sur ton bureau.

    [x] Lance l'installation avec les paramètres par défaut..

    ▶ Déconnecte toi et ferme toutes applications en cours !

    [x] Double-clique sur le raccourci Ad-Remover sur ton Bureau. (Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista))

    [x] Séléctionne l'option F pour français

    [x] A la fenêtre qui s'affiche clique sur " oui "

    [x] Séléctionne l'option L

    [x] Laisse l'outil travailler.

    [x] Une fois le scan fini, appuie sur une touche, le rapport s'ouvre

    [x] Copie/colle le dans ton prochain post
    0
  3. gen-hackman
     
    salut :

    Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

    ▶ Télécharge List&Kill'em et enregistre le sur ton bureau

    Il ne necessite pas d'installation

    ▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

    choisis la langue puis choisis l'option 1 = Mode Recherche

    ▶laisse travailler l'outil

    le rapport va s'afficher , une fois le scan fini

    ▶colle le contenu dans ta prochaine réponse
    0
  4. kenseii Messages postés 23 Statut Membre
     
    re, voila comme prévu :)

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_A | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 18.10.2009 à 19:05
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 17:59:35, 27/10/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: ANTHONY | Utilisateur actuel: XP
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    HKCU\Software\Search Settings
    HKLM\Software\Classes\SearchSettings.BHO
    HKLM\Software\Classes\SearchSettings.BHO.1
    HKLM\Software\Dealio
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
    HKLM\Software\Search Settings
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
    HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
    .
    C:\DOCUME~1\XP\APPLIC~1\Dealio
    C:\DOCUME~1\XP\APPLIC~1\Search Settings ... [b]ERREUR SUPPRESSION !!/b
    C:\Program Files\Dealio Toolbar
    C:\Program Files\Search Settings
    C:\Windows\Installer\e7c93.msi
    C:\Windows\Installer\e7c9a.msi
    C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
    C:\DOCUME~1\XP\Cookies\xp@rotator.adjuggler[1].txt

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version [Impossible d'obtenir la version] *
    .
    Nom du profil: (XP)
    .
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Search Bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ============== Suspect (Cracks, Serials ... ) ==============
    .
    C:\Documents and Settings\XP\Bureau\keygen.exe
    .
    ===================================
    .
    3014 Octet(s) - C:\Ad-Report-CLEAN[1].log
    .
    318 Fichier(s) - C:\DOCUME~1\XP\LOCALS~1\Temp
    13 Fichier(s) - C:\WINDOWS\Temp
    .
    17 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    40 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 18:11:24 | 27/10/2009 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    Bien, peux-tu passer list'em comme l'a demandé gen-hackman ici
    0
  7. kenseii Messages postés 23 Statut Membre
     
    voila comme tu m'a demander =),

    List'em by g3n-h@ckm@n 1.0.4.7

    updated on 27.10.2009 ::::: 11.30

    Windows_NT

    Microsoft Windows XP [version 5.1.2600]

    27/10/2009 21:19:28,70

    Nom de l'h“te: ANTHONY
    Nom du systŠme d'exploitation: Microsoft Windows XP Professionnel
    Version du systŠme: 5.1.2600 Service Pack 3 version 2600
    Fabricant du systŠme d'exploitation: Microsoft Corporation
    Configuration du systŠme d'exploitation: Station de travail autonome
    Type de version du systŠme d'exploitation: Multiprocessor Free
    Propri‚taire enregistr‚ÿ:
    Organisation enregistr‚eÿ:
    Identificateur de produit: 76413-OEM-0027291-78487
    Date d'installation originale: 20/06/2009, 18:22:21
    Dur‚e d'activit‚ systŠme: 0 jours, 6 heures, 33 minutes, 4 secondes
    Fabricant du systŠme: ASUSTek Computer INC.
    ModŠle du systŠme: P5PL2-E
    Type du systŠme: X86-based PC
    Processeur(s): 1 processeur(s) install‚(s).
    [01]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3211 MHz
    Version du BIOS: A_M_I_ - 4000713
    R‚pertoire Windows: C:\WINDOWS
    R‚pertoire systŠme: C:\WINDOWS\system32
    P‚riph‚rique d'amor‡age: \Device\HarddiskVolume1
    Option r‚gionale du systŠme: fr;Fran‡ais (France)
    ParamŠtres r‚gionaux d'entr‚eÿ: fr;Fran‡ais (France)
    Fuseau horaire: N/D
    M‚moire physique totale: 1ÿ023 Mo
    M‚moire physique disponible: 358 Mo
    M‚moire virtuelle : taille maximale: 2ÿ048 Mo
    M‚moire virtuelle : disponible: 2ÿ008 Mo
    M‚moire virtuelle : en cours d'utilisation: 40 Mo
    Emplacements des fichiers d'‚change: C:\pagefile.sys
    Domaine: WORKGROUP
    Serveur d'ouverture de session: \\ANTHONY
    Correctif(s): 143 Corrections install‚es.
    [01]: File 1
    [02]: File 1
    [03]: File 1
    [04]: File 1
    [05]: File 1
    [06]: File 1
    [07]: File 1
    [08]: File 1
    [09]: File 1
    [10]: File 1
    [11]: File 1
    [12]: File 1
    [13]: File 1
    [14]: File 1
    [15]: File 1
    [16]: File 1
    [17]: File 1
    [18]: File 1
    [19]: File 1
    [20]: File 1
    [21]: File 1
    [22]: File 1
    [23]: File 1
    [24]: File 1
    [25]: File 1
    [26]: File 1
    [27]: File 1
    [28]: File 1
    [29]: File 1
    [30]: File 1
    [31]: File 1
    [32]: File 1
    [33]: File 1
    [34]: File 1
    [35]: File 1
    [36]: File 1
    [37]: File 1
    [38]: File 1
    [39]: File 1
    [40]: File 1
    [41]: File 1
    [42]: File 1
    [43]: File 1
    [44]: File 1
    [45]: File 1
    [46]: File 1
    [47]: File 1
    [48]: File 1
    [49]: File 1
    [50]: File 1
    [51]: File 1
    [52]: File 1
    [53]: File 1
    [54]: File 1
    [55]: File 1
    [56]: File 1
    [57]: File 1
    [58]: File 1
    [59]: File 1
    [60]: File 1
    [61]: File 1
    [62]: File 1
    [63]: File 1
    [64]: File 1
    [65]: Q147222
    [66]: M953297 - Update
    [67]: S867460 - Update
    [68]: KB929399
    [69]: KB952069_WM9
    [70]: KB954155_WM9
    [71]: KB968816_WM9
    [72]: KB973540_WM9
    [73]: KB936782_WMP11
    [74]: KB939683
    [75]: KB954154_WM11
    [76]: KB959772_WM11
    [77]: KB941569
    [78]: KB969897-IE8 - Update
    [79]: KB971180-IE8 - Update
    [80]: KB971961-IE8 - Update
    [81]: KB972260-IE8 - Update
    [82]: KB974455-IE8 - Update
    [83]: MSCompPackV1 - Update
    [84]: KB888111WXPSP2 - Update
    [85]: KB936929 - Service Pack
    [86]: KB923561 - Update
    [87]: KB938464-v2 - Update
    [88]: KB946648 - Update
    [89]: KB950760 - Update
    [90]: KB950762 - Update
    [91]: KB950974 - Update
    [92]: KB951066 - Update
    [93]: KB951376-v2 - Update
    [94]: KB951748 - Update
    [95]: KB951978 - Update
    [96]: KB952004 - Update
    [97]: KB952287 - Update
    [98]: KB952954 - Update
    [99]: KB954459 - Update
    [100]: KB954550-v5 - Update
    [101]: KB954600 - Update
    [102]: KB955069 - Update
    [103]: KB955839 - Update
    [104]: KB956572 - Update
    [105]: KB956744 - Update
    [106]: KB956802 - Update
    [107]: KB956803 - Update
    [108]: KB956844 - Update
    [109]: KB957097 - Update
    [110]: KB958644 - Update
    [111]: KB958687 - Update
    [112]: KB958869 - Update
    [113]: KB959426 - Update
    [114]: KB960225 - Update
    [115]: KB960803 - Update
    [116]: KB960859 - Update
    [117]: KB961118 - Update
    [118]: KB961371 - Update
    [119]: KB961373 - Update
    [120]: KB961501 - Update
    [121]: KB961503 - Update
    [122]: KB967715 - Update
    [123]: KB968389 - Update
    [124]: KB968537 - Update
    [125]: KB969059 - Update
    [126]: KB969897 - Update
    [127]: KB969898 - Update
    [128]: KB970238 - Update
    [129]: KB970653-v3 - Update
    [130]: KB971486 - Update
    [131]: KB971557 - Update
    [132]: KB971633 - Update
    [133]: KB971657 - Update
    [134]: KB973346 - Update
    [135]: KB973354 - Update
    [136]: KB973507 - Update
    [137]: KB973525 - Update
    [138]: KB973815 - Update
    [139]: KB973869 - Update
    [140]: KB974112 - Update
    [141]: KB974571 - Update
    [142]: KB975025 - Update
    [143]: KB975467 - Update
    Carte(s) r‚seau: 3 carte(s) r‚seau install‚e(s).
    [01]: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
    Nom de la connexion : Connexion au r‚seau local
    tat : Support d‚connect‚
    [02]: Pilote de serveur d'accŠs au r‚seau local Bluetooth
    Nom de la connexion : Bluetooth Network
    tat : Support d‚connect‚
    [03]: D-Link Wireless G DWA-510 Desktop Adapter
    Nom de la connexion : Connexion r‚seau sans fil 2
    DHCP activ‚ : Oui
    Serveur DHCP : 82.240.8.254
    Adresse(s) IP
    [01] : 82.240.9.199

    Nom de l'image PIDÿ Nom de la sessio Num‚ro d Utilisation
    ========================= ====== ================ ======== ============
    System Idle Process 0 Console 0 16 Ko
    System 4 Console 0 48 Ko
    smss.exe 796 Console 0 64 Ko
    csrss.exe 844 Console 0 3ÿ460 Ko
    winlogon.exe 872 Console 0 3ÿ492 Ko
    services.exe 916 Console 0 3ÿ664 Ko
    lsass.exe 928 Console 0 3ÿ160 Ko
    svchost.exe 1108 Console 0 2ÿ084 Ko
    svchost.exe 1156 Console 0 2ÿ012 Ko
    svchost.exe 1248 Console 0 13ÿ248 Ko
    svchost.exe 1292 Console 0 1ÿ200 Ko
    svchost.exe 1344 Console 0 1ÿ992 Ko
    svchost.exe 1548 Console 0 1ÿ552 Ko
    ccSetMgr.exe 1700 Console 0 2ÿ124 Ko
    ccEvtMgr.exe 1724 Console 0 1ÿ096 Ko
    AAWService.exe 1824 Console 0 27ÿ964 Ko
    spoolsv.exe 1904 Console 0 1ÿ552 Ko
    svchost.exe 1964 Console 0 1ÿ040 Ko
    AppleMobileDeviceService. 2028 Console 0 700 Ko
    AdskScSrv.exe 200 Console 0 796 Ko
    mDNSResponder.exe 436 Console 0 1ÿ248 Ko
    svchost.exe 468 Console 0 980 Ko
    btwdins.exe 484 Console 0 1ÿ380 Ko
    CDANTSRV.EXE 520 Console 0 888 Ko
    gearsec.exe 596 Console 0 884 Ko
    jqs.exe 716 Console 0 1ÿ380 Ko
    McSACore.exe 748 Console 0 4ÿ924 Ko
    mcmscsvc.exe 772 Console 0 1ÿ460 Ko
    McNASvc.exe 848 Console 0 8ÿ092 Ko
    McProxy.exe 1336 Console 0 340 Ko
    Mcshield.exe 1436 Console 0 36ÿ752 Ko
    raysat_3dsmax9_32server.e 1676 Console 0 1ÿ000 Ko
    MpfSrv.exe 2060 Console 0 5ÿ288 Ko
    VProSvc.exe 2132 Console 0 1ÿ272 Ko
    nvsvc32.exe 2428 Console 0 2ÿ152 Ko
    symlcsvc.exe 2524 Console 0 160 Ko
    Tablet.exe 2644 Console 0 900 Ko
    svchost.exe 2688 Console 0 11ÿ496 Ko
    unsecapp.exe 3552 Console 0 904 Ko
    wmiprvse.exe 3652 Console 0 2ÿ712 Ko
    alg.exe 3744 Console 0 768 Ko
    mcagent.exe 2480 Console 0 7ÿ344 Ko
    AAWTray.exe 3932 Console 0 968 Ko
    TabUserW.exe 272 Console 0 948 Ko
    Tablet.exe 2884 Console 0 1ÿ820 Ko
    smax4pnp.exe 2268 Console 0 1ÿ080 Ko
    mcsysmon.exe 1644 Console 0 7ÿ548 Ko
    SMax4.exe 2408 Console 0 1ÿ228 Ko
    ccApp.exe 3124 Console 0 1ÿ200 Ko
    GhostTray.exe 168 Console 0 7ÿ424 Ko
    WZCSLDR2.exe 240 Console 0 5ÿ536 Ko
    AirGCFG.exe 3004 Console 0 1ÿ828 Ko
    iTunesHelper.exe 380 Console 0 1ÿ828 Ko
    jusched.exe 2372 Console 0 660 Ko
    realsched.exe 2708 Console 0 196 Ko
    ctfmon.exe 3680 Console 0 1ÿ384 Ko
    SEPCSuite.exe 2936 Console 0 7ÿ248 Ko
    BTTray.exe 2720 Console 0 2ÿ496 Ko
    soffice.exe 732 Console 0 652 Ko
    iPodService.exe 2640 Console 0 1ÿ304 Ko
    BTSTAC~1.EXE 3244 Console 0 2ÿ392 Ko
    soffice.bin 4164 Console 0 4ÿ024 Ko
    msa.exe 4828 Console 0 12ÿ752 Ko
    b.exe 5400 Console 0 19ÿ396 Ko
    explorer.exe 1380 Console 0 8ÿ952 Ko
    opera.exe 2812 Console 0 127ÿ916 Ko
    msnmsgr.exe 3728 Console 0 65ÿ236 Ko
    wlcomm.exe 4156 Console 0 33ÿ868 Ko
    mcshell.exe 2668 Console 0 15ÿ044 Ko
    List_Killem.exe 5308 Console 0 5ÿ168 Ko
    cmd.exe 4036 Console 0 1ÿ984 Ko
    wmiprvse.exe 172 Console 0 8ÿ292 Ko
    tasklist.exe 5388 Console 0 4ÿ656 Ko
    ======================
    Cles de demarrage "Run"
    ======================
    Windows Registry Editor Version 5.00

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Sony Ericsson PC Suite\\SEPCSuite.exe\" /systray /nologon"
    "PopRock"="C:\\DOCUME~1\\XP\\LOCALS~1\\Temp\\b.exe"
    "SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe"
    "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
    "SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "mcagent_exe"="\"C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe\" /runkey"
    "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
    "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
    "Norton Ghost 10.0"="\"C:\\Program Files\\Norton Ghost\\Agent\\GhostTray.exe\""
    "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
    "ANIWZCS2Service"="C:\\Program Files\\ANI\\ANIWZCS2 Service\\WZCSLDR2.exe"
    "D-Link D-Link Wireless G DWA-510"="C:\\Program Files\\D-Link\\D-Link Wireless G DWA-510\\AirGCFG.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
    "Ad-Watch"="C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWTray.exe"
    "BVRPLiveUpdate"="C:\\Program Files\\Avanquest update\\Engine\\Setup.exe -s /PATCH,/SRCUPDATEC:\\DOCUME~1\\ALLUSE~1\\APPLIC~1\\SONYER~1\\SONYER~1\\LIVEUP~1\\LISTOF~1.DAT"
    "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    "Installed"="1"
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    "Installed"="1"
    @=""

    =====================
    cles additionnelles
    =====================
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    ===============
    ===============
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    ======
    BHO :
    ======
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    @="AcroIEHelperStub"
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500BCA15-57A7-4eaf-8143-8C619470B13D}]
    @="XML module"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    @="scriptproxy"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    @="JQSIEStartDetectorImpl"
    "NoExplorer"=dword:00000001

    ==========================

    ===============
    Path : C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\3dsmax5\backburner2\;C:\Program Files\Fichiers communs\Autodesk Shared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Autodesk\Backburner\
    ===============
    ¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
    C:\WINDOWS\msa.exe
    C:\WINDOWS\system32\msxml71.dll
    C:\Documents and Settings\XP\Application Data\Search Settings
    C:\Documents and Settings\XP\LOCAL Settings\Temp\b.exe

    ¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
    HKCU\SOFTWARE\NordBull
    HKCU\SOFTWARE\XML

    ¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

    3DSMAX.EXE-0857C302.pf
    A.EXE-35449839.pf
    AAWTRAY.EXE-1858AE3F.pf
    AAWWSC.EXE-248CAA52.pf
    AD-AWAREADMIN.EXE-102E374C.pf
    ADSKCLEANUP.0001-3AC6AA58.pf
    ADSKSCSRV.EXE-29F824FB.pf
    ADSUBAWARE.EXE-3894F4F2.pf
    AIRGCFG.EXE-07D72D1D.pf
    ALG.EXE-0F138680.pf
    B.EXE-19BA4579.pf
    BACKBURNER.EXE-085273F8.pf
    BTTRAY.EXE-02B509CD.pf
    C.EXE-201148C7.pf
    CCAPP.EXE-164A650A.pf
    CCLEANER.EXE-0BCE437C.pf
    CMD.EXE-087B4001.pf
    CTFMON.EXE-0E17969B.pf
    DEMO32.EXE-0D453361.pf
    DFRGNTFS.EXE-269967DF.pf
    DIVXSM.EXE-3407AB62.pf
    DLLHOST.EXE-205D880D.pf
    DUMPREP.EXE-1B46F901.pf
    DWWIN.EXE-30875ADC.pf
    DXDIAG.EXE-220E128D.pf
    DXSETUP.EXE-23F29D75.pf
    EXPLORER.EXE-082F38A9.pf
    FBX200608_3DSMAX90_WIN_ENU.EX-3338F388.pf
    FILE-JPEG.EXE-1487322E.pf
    FLYFF.EXE-03B200E8.pf
    GAMEGUARD.DES-20501A74.pf
    GAMEGUARD.DES-37DA4813.pf
    GAMEMON.DES-1B4B8B33.pf
    GHOSTTRAY.EXE-0B8EC8A0.pf
    GIMP-2.6.EXE-3800AD20.pf
    HDASHCUT.EXE-1B000CA9.pf
    HELPSVC.EXE-2878DDA2.pf
    HIJACKTHIS.EXE-34A0FC79.pf
    HWUPDCHK.EXE-312E2A54.pf
    IEXPLORE.EXE-27122324.pf
    IPODSERVICE.EXE-3192DE38.pf
    ITUNESHELPER.EXE-15823303.pf
    JUSCHED.EXE-25206883.pf
    LAUNCHER.EXE-387EAD00.pf
    Layout.ini
    LOGONUI.EXE-0AF22957.pf
    LUCOMS~1.EXE-02DB5950.pf
    MCAGENT.EXE-03DA6B71.pf
    MCINFO.EXE-00303134.pf
    MCINSUPD.EXE-09F3CFD8.pf
    MCSMTFWK.EXE-0BFB06B9.pf
    MCSVRCNT.EXE-024F4049.pf
    MCSYNC.EXE-0AD983E7.pf
    MCSYSMON.EXE-01D38930.pf
    MCUICNT.EXE-24F82200.pf
    MCUPDATE.EXE-19916285.pf
    MCUPDMGR.EXE-30842AD8.pf
    MCUPDUI.EXE-1D30DFF9.pf
    MCVSMAP.EXE-280B7A39.pf
    MEDIAINFO.EXE-0D0C8D93.pf
    MEDIAINFO_GUI_0.7.23_WINDOWS_-2894B107.pf
    MPFALERT.EXE-34CE77E8.pf
    MSA.EXE-1E98B210.pf
    MSICF7.TMP-01B769B8.pf
    MSICFE.TMP-2E46A023.pf
    MSIEXEC.EXE-2F8A8CAE.pf
    MSNMSGR.EXE-030AB647.pf
    NDP20-KB918842-X86.EXE-2794B0B5.pf
    NET.EXE-01A53C2F.pf
    NETSTAT.EXE-2B2B4428.pf
    NEUZ.EXE-11B15CCC.pf
    NOTEPAD.EXE-336351A9.pf
    NTOSBOOT-B00DFAAD.pf
    NTVDM.EXE-1A10A423.pf
    NWIZ.EXE-2D0F9FBC.pf
    OPERA.EXE-12085680.pf
    OSK.EXE-165729D2.pf
    PHOTOSHOP.EXE-1977A377.pf
    QTTASK.EXE-342507FB.pf
    RAYSAT_3DSMAX9_32SERVER.EXE-2DAA579A.pf
    READER_SL.EXE-2B4EA1CB.pf
    REALPLAY.EXE-1BF219BD.pf
    REALSCHED.EXE-04BEC5CC.pf
    REGINI.EXE-2BB3D52B.pf
    REGSVR32.EXE-25EEFE2F.pf
    RUNDLL32.EXE-1340EF7F.pf
    RUNDLL32.EXE-1619A94E.pf
    RUNDLL32.EXE-19365E86.pf
    RUNDLL32.EXE-35A483DA.pf
    RUNDLL32.EXE-415F88EC.pf
    RUNDLL32.EXE-4489B61B.pf
    RUNDLL32.EXE-451FC2C0.pf
    RUNDLL32.EXE-4568F917.pf
    RUNDLL32.EXE-46BA4EAA.pf
    RUNDLL32.EXE-474C8917.pf
    RUNDLL32.EXE-4BD19A5C.pf
    SCRIPT-FU.EXE-1084196D.pf
    SEPCSUITE.EXE-0216DBEB.pf
    SETUP.EXE-1AD934FD.pf
    SETUP.EXE-26CBE1BC.pf
    SETUP.EXE-3585E14A.pf
    SETUP.EXE-393E66AE.pf
    SMAX4.EXE-3ABA87F8.pf
    SMAX4PNP.EXE-381239AF.pf
    SOFFICE.BIN-01E25E9C.pf
    SOFFICE.EXE-358D937C.pf
    SOFTWAREUPDATE.EXE-1415D1B8.pf
    SPYBOTSD162.EXE-1BF55AFE.pf
    SPYBOTSD_INCLUDES.EXE-1005C122.pf
    STREETGEAR.EXE-30AA7885.pf
    SVCHOST.EXE-3530F672.pf
    TABLET.EXE-2796F880.pf
    TABUSERW.EXE-0585BB69.pf
    TEATIMER.EXE-1F57E47A.pf
    UNINSTALL.EXE-1EE2A84A.pf
    UNSECAPP.EXE-1A95A33B.pf
    USERINIT.EXE-30B18140.pf
    UTORRENT.EXE-3888D1B0.pf
    UTORRENT.EXE-39037BE8.pf
    VERCLSID.EXE-3667BD89.pf
    WGATRAY.EXE-0ED38BED.pf
    WINRAR.EXE-39C6DAD9.pf
    WLCOMM.EXE-04AE9009.pf
    WMIAPSRV.EXE-1E2270A5.pf
    WMIPRVSE.EXE-28F301A9.pf
    WMPLAYER.EXE-18DDEFA2.pf
    WMPLAYER.EXE-18DDEFA4.pf
    WSCOMMCNTR1.EXE-073F2ADE.pf
    WUAUCLT.EXE-399A8E72.pf

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  8. kenseii Messages postés 23 Statut Membre
     
    désolé les gars, j'ai du aller sur un autre forum, merci de votre aide et désolé de vous avoir fait perdre votre temps :x
    0
  9. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    eh ben bravo...

    Tu viens demander de l'aide ici, on commence à t'aider et toi tu pars voir ailleurs, c'est pas très sympa ça..
    0
  10. gen-hackman
     
    salut oui esperons qu'ils lui aient fait supprimer ca :

    C:\WINDOWS\msa.exe
    C:\WINDOWS\system32\msxml71.dll
    C:\Documents and Settings\XP\Application Data\Search Settings
    C:\Documents and Settings\XP\LOCAL Settings\Temp\b.exe
    0