Affichage intempestif du moteur de los.st

tallerand-perigord -  
plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

Je pose mon problème :
- lost.st se lance à l'ouverture de IE au lieu et place du portail de mon FAE

SI j'arrête IE et que je le relance j'ai bien mon portail !! Why ???

Merci pour une solution efficace

Cordialement
Configuration: Windows XP Internet Explorer 7.0

14 réponses

  1. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    salut

    ceci est liée a Eorezo c'est un spyware ne retourne + chez eux et ne rien telecharger la bas non +

    * Rends-toi à cette adresse afin de télécharger AD-Remover : https://www.androidworld.fr/
    * Clique sur TÉLÉCHARGER et enregistre-le sur ton bureau.
    * Double clique sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.
    * Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
    * Au menu principal choisi l'option "L" et tape sur [entrée] .
    * Laisse travailler l'outil et ne touche à rien ...
    * Poste le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :

    Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    1
    1. tallerand-perigord
       
      Bonjour et grand merci
      Tout est rentré dans l'ordre en suivant tes données
      C'est sympa
      Cordialement
      0
  2. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    salut

    la chose qui n'est par contre pas trés sympa de ta part c'est que tu prends l'info, tu fait mais tu ne poste pas le rapport ne prends meme pas le temps de voir autres choses ou attendre ensuite les eventuelles autres manips pour voir si il y a rien d'autres..

    enfin bref @+
    1
  3. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    si tu as le temps

    on peut regarde ensemble si il n'y a pas d'autres saletes sur ton PC ou des failles etc..
    sa pr'ends 2 min

    * Télécharge Random's system information tool (RSIT) et enregistre le sur ton Bureau.
    http://images.malwareremoval.com/random/RSIT.exe
    * Double clique sur RSIT.exe pour lancer l'outil.
    * Clique sur ' continue ' à l'écran Disclaimer.
    * Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
    * Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.

    ( C:\RSIT\log.txt & C:\RSIT\info.txt )
    1
  4. tallerand-perigord
     
    .Salut et toutes mes excuses
    Voici le rapport
    C'est la première fois que je vais sur un forum et je suppose qu'il y a des règles... même
    de politesse
    Encore une fois mille excuses
    Cordialement

    ======= RAPPORT D'AD-REMOVER 1.1.4.6_A | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 18.10.2009 à 19:05
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 16:02:57, 31/10/2009 | Mode Normal | Option: SCAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: LAVILLETTE85 | Utilisateur actuel: HP_Propri‚taire
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .

    HKCU\Software\AppDataLow\AskBarDis
    HKCU\Software\EoRezo
    HKCU\Software\hotbarsa
    HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKLM\Software\Classes\AppID\EoRezoBHO.DLL
    HKLM\Software\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\Software\Classes\EoRezoBHO.EoBho
    HKLM\Software\Classes\EoRezoBHO.EoBho.1
    HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKLM\Software\EoRezo
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
    HKU\S-1-5-21-1446956559-2000357176-3138037867-1007\Software\Eorezo
    HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\\Hotbar 10.0.356.0
    HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper
    HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{4E4E4D1D-C06E-4AC4-B022-2E2F6D0780E6}
    .
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Hotbar
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\jgwmp9pg.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\WeatherDPA
    C:\Program Files\AskBarDis
    C:\Program Files\EoRezo
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\WINDOWS\Prefetch\ITSTV.EXE-0239B7D3.pf
    C:\WINDOWS\Prefetch\ITSTV.EXE-111FC0FF.pf
    C:\WINDOWS\Prefetch\ITSTV.EXE-375F9803.pf
    C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-17DC3287.pf
    C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@ads.eorezo[2].txt
    C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@eorezo[2].txt
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version Error: Value: "CurrentVersion" does not exist! *
    .
    Nom du profil: jgwmp9pg.default (HP_Propri‚taire)
    .
    (Prefs.js) user_pref("browser.search.defaultenginename", "Google");
    (Prefs.js) user_pref("browser.search.selectedEngine", "Google");
    (Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.0.6");
    (Prefs.js) user_pref("google.toolœuser_pref("browser.startup.homepage", "hxxp://y.lo.st");
    .
    (prefs.js) TROUVÉ: user_pref("google.toolœuser_pref("browser.startup.homepage", "hxxp://y.lo.st");
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Search Page: hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://www.yahoo.com
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
    Start Page: hxxp://www.orange.fr/
    Start Page Redirect Cache_TIMESTAMP: NARY 388e210fae25ca01
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache AcceptLangs: fr
    Search Bar: hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*hxxp://www.yahoo.com/ext/search/search.html
    First Home Page: hxxp://y.lo.st
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.yahoo.com/
    Default_Search_URL: hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*hxxp://www.yahoo.com
    Search Page: hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://www.yahoo.com
    Start Page: hxxp://www.yahoo.com/
    Search Bar: hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*hxxp://www.yahoo.com/ext/search/search.html
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    5362 Octet(s) - C:\Ad-Report-SCAN[1].log
    .
    40 Fichier(s) - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
    20 Fichier(s) - C:\WINDOWS\Temp
    .
    0 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 16:43:52 | 31/10/2009 - SCAN[1]
    .
    ============== E.O.F ==============
    .
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. tallerand-perigord
     
    Bonjour

    Voici le rapport en question :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by HP_Propriétaire at 2009-11-01 11:02:32
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 92 GB (63%) free of 147 GB
    Total RAM: 1535 MB (56% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:03:04, on 01/11/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Documents and Settings\HP_Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Eraser\eraser.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    C:\Program Files\TimeLeft3\TimeLeft.exe
    C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Live\Messenger\wlcsdk.exe
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\7NX3P2SX\RSIT[1].exe
    C:\Program Files\trend micro\HP_Propriétaire.exe
    C:\WINDOWS\system32\wuauclt.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.yahoo.com/?p=us
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.yahoo.com/?p=us
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: (no name) - {136916E5-11CE-44A2-A0AB-BE58B5FD6258} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: (no name) - {E7FDE457-FC08-4465-B811-914B164F41A6} - (no file)
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\HP_Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
    O4 - Startup: Notification de cadeaux MSN.lnk = ?
    O4 - Startup: TimeLeft.lnk = C:\Program Files\TimeLeft3\TimeLeft.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?8e93c5c8fb4c4d39bdb06fd062d48634
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?8e93c5c8fb4c4d39bdb06fd062d48634
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - https://login.orange.fr/captcha?return_url=https%3A%2F%2Fmescontacts.orange.fr
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photoservice.photos.orange.fr/migrationorange/index.cfm
    O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-2.0.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{81A7A5A2-E5C5-49FF-A8E3-FB8989039C60}: NameServer = 192.168.1.1
    O18 - Protocol: bw+0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {9EDEC527-4363-4DAA-8168-4D5438FB28EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0014B0D.dat
    O20 - Winlogon Notify: cbxusqo - cbxusqo.dll (file missing)
    O20 - Winlogon Notify: pmkjh - C:\WINDOWS\system32\pmkjh.dll (file missing)
    O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
    0
  7. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    bon ben y'a quand meme des outils a passer, tu as un spyware Eorezo ne retourne + chez eux et ne telecharge AUCUN de leur logiciel.

    * Rends-toi à cette adresse afin de télécharger AD-Remover : https://www.androidworld.fr/
    * Clique sur TÉLÉCHARGER et enregistre-le sur ton bureau.
    * Double clique sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.
    * Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
    * Au menu principal choisi l'option "L" et tape sur [entrée] .
    * Laisse travailler l'outil et ne touche à rien ...
    * Poste le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :

    Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    ensuite

    * Rends-toi à cette adresse afin de télécharger UsbFix (créé par Chiquitine29 & C_XX) :
    * https://www.androidworld.fr/
    * Clique sur TÉLÉCHARGER et enregistre-le sur ton bureau.
    * tutoriel recherche
    * Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectés sans les ouvrir
    * Double clic sur le raccourci UsbFix sur ton bureau, l'installation se fera automatiquement
    * Choisi l'option 2 Suppression
    * Laisse travailler l'outil
    * Ensuite post le rapport UsbFix.txt qui apparaîtra
    * Note : le rapport UsbFix.txt est sauvegardé a la racine du disque

    * Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus

    puis

    * Télécharge Malwarebytes
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe
    * Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
    * Lance une analyse complète en cliquant sur "Exécuter un examen complet"
    * Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
    * L'analyse peut durer un bon moment.....
    * Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
    * Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
    * Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum

    * Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée

    tu as donc 3 rapports a poster, poste les au fur et a mesure
    0
  8. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    sa beug ?
    0
  9. talleran-périgord
     
    Salut
    Voici le 1er rapport ; en ce qui concerne la phase 2 je n'ai aucun matériel externe. Je passe donc à la phase trois. A tout à l'heure.
    Cordialement

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_A | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 18.10.2009 à 19:05
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 13:04:17, 01/11/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: LAVILLETTE85 | Utilisateur actuel: HP_Propri‚taire
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    HKCU\Software\EoRezo
    HKLM\Software\EoRezo
    HKU\S-1-5-21-1446956559-2000357176-3138037867-1007\Software\Eorezo
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper
    .
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Hotbar
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\jgwmp9pg.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\WeatherDPA
    C:\Program Files\AskBarDis
    C:\Program Files\EoRezo
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\WINDOWS\Prefetch\ITSTV.EXE-0239B7D3.pf
    C:\WINDOWS\Prefetch\ITSTV.EXE-111FC0FF.pf
    C:\WINDOWS\Prefetch\ITSTV.EXE-375F9803.pf
    C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-17DC3287.pf
    C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@eorezo[1].txt

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version Error: Value: "CurrentVersion" does not exist! *
    .
    Nom du profil: jgwmp9pg.default (HP_Propri‚taire)
    .
    (Prefs.js) user_pref("browser.search.defaultenginename", "Google");
    (Prefs.js) user_pref("browser.search.selectedEngine", "Google");
    (Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.0.6");
    (Prefs.js) user_pref("google.toolœuser_pref("browser.startup.homepage", "hxxp://y.lo.st");
    .
    (prefs.js) EFFACÉ: user_pref("google.toolœuser_pref("browser.startup.homepage", "hxxp://y.lo.st");
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Search Page: hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://www.yahoo.com
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Start Page Redirect Cache_TIMESTAMP: NARY 388e210fae25ca01
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache AcceptLangs: fr
    Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Search Bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    2491 Octet(s) - C:\Ad-Report-CLEAN[1].log
    3248 Octet(s) - C:\Ad-Report-CLEAN[2].log
    5691 Octet(s) - C:\Ad-Report-SCAN[1].log
    .
    3 Fichier(s) - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
    15 Fichier(s) - C:\WINDOWS\Temp
    .
    36 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    1497 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 13:54:21 | 01/11/2009 - CLEAN[2]
    .
    ============== E.O.F ==============
    .
    0
  10. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    meme si tu n'as pas de clefs USB etc... il faut le faire car cela peut etre une infection comme les autres la difference c'est qu'elle ce propage par USB d'ou la phrase branche tes sources de données externe :)
    0
  11. talleran-périgord
     
    RE-bonjour
    Voici le rapport 3
    Je redémarrage mon PC
    Salut

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_A | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 18.10.2009 à 19:05
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 13:04:17, 01/11/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: LAVILLETTE85 | Utilisateur actuel: HP_Propri‚taire
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    HKCU\Software\EoRezo
    HKLM\Software\EoRezo
    HKU\S-1-5-21-1446956559-2000357176-3138037867-1007\Software\Eorezo
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper
    .
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Hotbar
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\jgwmp9pg.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\WeatherDPA
    C:\Program Files\AskBarDis
    C:\Program Files\EoRezo
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\WINDOWS\Prefetch\ITSTV.EXE-0239B7D3.pf
    C:\WINDOWS\Prefetch\ITSTV.EXE-111FC0FF.pf
    C:\WINDOWS\Prefetch\ITSTV.EXE-375F9803.pf
    C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-17DC3287.pf
    C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@eorezo[1].txt

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version Error: Value: "CurrentVersion" does not exist! *
    .
    Nom du profil: jgwmp9pg.default (HP_Propri‚taire)
    .
    (Prefs.js) user_pref("browser.search.defaultenginename", "Google");
    (Prefs.js) user_pref("browser.search.selectedEngine", "Google");
    (Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.0.6");
    (Prefs.js) user_pref("google.toolœuser_pref("browser.startup.homepage", "hxxp://y.lo.st");
    .
    (prefs.js) EFFACÉ: user_pref("google.toolœuser_pref("browser.startup.homepage", "hxxp://y.lo.st");
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Search Page: hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://www.yahoo.com
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Start Page Redirect Cache_TIMESTAMP: NARY 388e210fae25ca01
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache AcceptLangs: fr
    Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Search Bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Re-salut

    Voici le rapport trois; élimination de 9 fichiers dont

    .

    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    2491 Octet(s) - C:\Ad-Report-CLEAN[1].log
    3248 Octet(s) - C:\Ad-Report-CLEAN[2].log
    5691 Octet(s) - C:\Ad-Report-SCAN[1].log
    .
    3 Fichier(s) - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
    15 Fichier(s) - C:\WINDOWS\Temp
    .
    36 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    1497 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 13:54:21 | 01/11/2009 - CLEAN[2]
    .
    ============== E.O.F ==============
    .
    0
  12. talleran-périgord
     
    Hello

    Voici donc le rapport 2 ; ce même rapport a été envoyé, à la demande, au forum

    A bientôt
    Cordialement

    ############################## | UsbFix V6.046 |

    User : HP_Propriétaire (Administrateurs) # LAVILLETTE85
    Update on 29/10/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 16:40:03 | 01/11/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    AMD Athlon(tm) 64 Processor 3000+
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Disabled
    AV : BitDefender Antivirus 13.0.16 [ (!) Disabled | Updated ]
    FW : BitDefender Pare-feu[ Enabled ]13.0.16

    C:\ -> Disque fixe local # 143,81 Go (90,42 Go free) [HP_PAVILION] # NTFS
    D:\ -> Disque fixe local # 5,22 Go (1,49 Go free) [HP_RECOVERY] # FAT32
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM
    G:\ -> Disque amovible
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque amovible

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! D:\autorun.inf

    ################## | Registre # Clés Run infectieuses |

    Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{4164c630-6ad3-11dd-b446-00112f85073c}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{d3a8ecda-ed82-11db-b066-00038a000015}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [31/10/2009 18:31|--a------|2491] C:\Ad-Report-CLEAN[1].log
    [01/11/2009 13:54|--a------|3625] C:\Ad-Report-CLEAN[2].log
    [31/10/2009 16:43|--a------|5691] C:\Ad-Report-SCAN[1].log
    [19/03/2008 11:47|--a------|608406] C:\analyse dd virus.txt
    [01/01/2004 14:06|--a------|0] C:\AUTOEXEC.BAT
    [28/11/2004 15:45|-rahs----|196] C:\BOOT.BAK
    [06/10/2008 11:45|-rahs----|274] C:\boot.ini
    [05/08/2004 04:00|-rahs----|4952] C:\Bootfont.bin
    [05/08/2004 04:00|-r-hs----|263488] C:\cmldr
    [01/01/2004 14:06|--a------|0] C:\CONFIG.SYS
    [27/02/2005 19:14|--a------|0] C:\Debug.QC6
    [09/01/2009 16:08|--a------|23172] C:\dibjpeg.jpg
    [?|?|?] C:\hiberfil.sys
    [01/07/2005 17:57|--a------|40960] C:\HTGD0003.exe
    [01/01/2004 14:06|-rahs----|0] C:\IO.SYS
    [01/01/2004 14:06|-rahs----|0] C:\MSDOS.SYS
    [05/08/2004 04:00|-rahs----|47564] C:\NTDETECT.COM
    [17/12/2008 00:11|-rahs----|252240] C:\ntldr
    [?|?|?] C:\pagefile.sys
    [08/01/2006 14:47|--a------|192] C:\persist.dbs
    [12/03/2009 16:32|--a------|6560] C:\Report.txt
    [15/02/2006 11:56|--a------|8152] C:\resetlog.txt
    [01/11/2009 16:44|--a------|3774] C:\UsbFix.txt
    [30/10/2008 10:42|--a------|509440] C:\vcredist_x86.log
    [01/01/2007 13:00|-ra------|0] C:\VR_MOVIE.VRO
    [13/03/2009 13:55|--a------|33601] C:\xscan.txt
    [01/03/2007 13:01|--a------|146] C:\YServer.txt
    [28/11/2004 15:58|--a------|1167] C:\_Sid.txt
    [27/07/2001 22:07|---hs----|0] D:\AUTOEXEC.BAT
    [09/01/2002 11:52|---hs----|244] D:\BOOT.INI
    [17/08/2001 01:26|---hs----|237728] D:\CMLDR
    [27/07/2001 22:07|---hs----|0] D:\CONFIG.SYS
    [09/09/2002 15:14|---hs----|100] D:\Desktop.ini
    [10/11/2005 23:25|-r-hs----|0] D:\RCBoot.sys
    [30/04/2004 14:00|---hs----|73728] D:\Info.exe
    [27/07/2001 22:07|---hs----|0] D:\IO.SYS
    [27/07/2001 22:07|---hs----|0] D:\MSDOS.SYS
    [25/07/2001 14:00|---hs----|45124] D:\NTDETECT.COM
    [25/07/2001 14:00|---hs----|222880] D:\NTLDR
    [08/02/2002 16:44|---hs----|88038] D:\Warning.bmp
    [01/01/2004 21:45|---hs----|26] D:\BLOCK.RIN
    [25/01/2002 10:21|---hs----|0] D:\GRAPH16
    [30/04/2001 12:16|---hs----|14] D:\Graph
    [17/08/2001 07:32|---hs----|0] D:\NTFS
    [01/01/2004 21:18|---hs----|36] D:\SAVEFILE.DIR
    [30/04/2001 12:16|---hs----|14] D:\SVGA
    [18/08/2001 07:00|---hs----|10] D:\WIN51
    [22/01/2001 07:00|---hs----|11] D:\WIN51.B2
    [25/07/2001 07:00|---hs----|11] D:\WIN51.RC1
    [25/07/2001 12:47|---hs----|11] D:\WIN51.RC2
    [18/08/2001 07:00|---hs----|10] D:\WIN51IC
    [20/03/2001 07:00|---hs----|11] D:\WIN51IC.B2
    [25/07/2001 07:00|---hs----|11] D:\WIN51IC.RC1
    [25/07/2001 07:00|---hs----|11] D:\WIN51IC.RC2
    [17/08/2001 07:00|---hs----|10] D:\WIN51IP
    [22/01/2001 07:00|---hs----|11] D:\WIN51IP.B2
    [25/07/2001 12:47|---hs----|11] D:\WIN51IP.RC2
    [17/08/2001 05:17|---hs----|184] D:\WINBOM.INI
    [10/09/2002 09:21|---hs----|7850] D:\Folder.htt
    [10/09/2002 06:58|---hs----|181616] D:\protect.ed
    [01/01/2004 21:56|---hs----|1020] D:\USER

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # D:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Suspect | https://www.virustotal.com/gui/ |

    ################## | Cracks / Keygens / Serials |

    ################## | Upload |

    Veuillez envoyer le fichier : C:\DOCUME~1\HP_PRO~1\Bureau\UsbFix_Upload_Me_LAVILLETTE85.zip : https://www.androidworld.fr/
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.046 ! |
    0
  13. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    tu as fait sa :

    Veuillez envoyer le fichier : C:\DOCUME~1\HP_PRO~1\Bureau\UsbFix_Upload_Me_LAVILLETTE85.zip : https://www.androidworld.fr/
    Merci pour votre contribution .

    ensuite il manque le rapport de malwarebyte qui est la derniere etape, tu as posté 2 fois le meme rapport de ADremover

    si tu as deja fait le scan avec malwarebyte , tu peux retrouver le rapport en lancant malwarebyte dans l'onglet rapport/log si tu l'as pas fait le
    0
  14. Talleyrand-Périgord Messages postés 1 Statut Membre
     
    Salut
    Voici les rapports Malware :

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 3076
    Windows 5.1.2600 Service Pack 3

    01/11/2009 16:24:07
    mbam-log-2009-11-01 (16-24-07).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 265642
    Temps écoulé: 2 hour(s), 8 minute(s), 46 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 12

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\All Users\Application Data\1872421761 (Rogue.SecurityTool) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\Ad-Remover\QUARANTINE\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo\SOFTWA~1\SoftwareUpdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\Program Files\Ad-Remover\QUARANTINE\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo\SOFTWA~1\SoftwareUpdateHP.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\EoRezo\EoEngine.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\EoRezo\EoAdv\EoAdv.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP1101\A1066092.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP1105\A1066730.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP1105\A1066731.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP1105\A1066744.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP1105\A1066767.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\1872421761\config.udb (Rogue.SecurityTool) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\1872421761\init.udb (Rogue.SecurityTool) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\1872421761\Langs.udb (Rogue.SecurityTool) -> Quarantined and deleted successfully.

    Malwarebytes' Anti-Malware 1.34
    Version de la base de données: 1771
    Windows 5.1.2600 Service Pack 3

    17/02/2009 20:24:12
    mbam-log-2009-02-17 (20-24-12).txt

    Type de recherche: Examen rapide
    Eléments examinés: 80413
    Temps écoulé: 7 minute(s), 40 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1718
    Windows 5.1.2600 Service Pack 3

    03/02/2009 11:02:07
    mbam-log-2009-02-03 (11-02-07).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 126092
    Temps écoulé: 1 hour(s), 33 minute(s), 27 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 80
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 15

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\instie.hbinstobj (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1e07646f-07c4-4847-a250-0ec8114f2963} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{460ac4db-b0de-4626-a0f0-175dd84dcb9b} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{08755390-f46d-4d09-968c-3430166b3189} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{087c4054-0a2b-4f35-b0db-bed3e21650f4} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{229d2451-a617-4b30-b5e8-8138694240cb} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{9720de03-5820-4059-b4a4-639d5e52bd09} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{c23fa5a4-1fea-419f-8b14-f7465df062bc} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{ccc6e232-aa4c-4813-a019-9c14b27776b6} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4b18dd50-c996-44fc-ac52-0fecff82ed58} (Spyware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{faad2038-c371-473d-86f1-5b11d39c3775} (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{BA749BC1-143E-430D-B1DA-1D2AF67A3658} (Adware.Instant Access) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0d1011b3-89c8-4f8e-8693-bb970e2e81e0} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31ddc1fd-cea3-4837-a6dc-87e67015adc9} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{71cbdcd9-0830-4470-a890-35d364da352c} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{b2b0aedf-7cdf-4792-bb67-7654ad1e1b13} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{c6760a07-a574-4705-b113-7856315922c3} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{c9269872-e3d6-4811-8e5e-835ca8cbd0b3} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{cdd8bade-b4c8-4e97-84b4-1dc9abad3ef3} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046963.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046928.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046931.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046934.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046939.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046944.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046952.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046954.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046957.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046960.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046966.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046971.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046976.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046978.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{774E6127-E487-4791-91C9-9AEB3D523FE0}\RP185\A0046980.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

    Croire pour réussir
    0
  15. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    bon comme tu peux le voir on a bien fait de prendre un peu de temps pour regarder ton PC ;)

    poste un nouveau RSIt on va finaliser si tu as + de probleme !?
    0