Pub intempestive et ralentissement pc

Résolu
lol-81 Messages postés 12 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

J'ai un gros souci depuis quelques temps avec des publicités qui s'affichent sans arrêt et un très fort ralentissement des performances de mon pc (réactions très tardives) et souvent ma fenetre de démarrage internet qui n'est pas la bonne.
Après avoir fait la panoplie complète (enfin pas mal complète à mon avis) : CCleaner, easycleaner, regcleaner, tune up, spybot, malwarebytes, plugin adblock plus sous mozilla, defragmentation... rien à changer!
Je suis sous XP et j'ai l'antivirus avira.
Je ne sais plus quoi faire. Voici le rapport hijackthis. Merci d'avance pour votre aide

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:58, on 29/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Documents and Settings\escrouzailles\Mes documents\Mes fichiers reçus\EasyClea.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\escrouzailles\Mes documents\Téléchargements\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [sclauncher] C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-68856.exe" /REG
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?be5402ed17b1408588197c5ebb86a4ce
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?be5402ed17b1408588197c5ebb86a4ce
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C73C9A9-97B8-4507-A17A-40C4729ABDC5}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF0112C0-7891-49BD-B219-C6B1B3D0BF2F}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice129.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe
A voir également:

15 réponses

Réponse 1 / 15
lol-81 Messages postés 12 Statut Membre
 
et je rajoute le rapport RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by escrouzailles at 2009-12-29 16:13:01
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 17 GB (18%) free of 95 GB
Total RAM: 2046 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:13:55, on 29/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Documents and Settings\escrouzailles\Mes documents\Mes fichiers reçus\EasyClea.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\escrouzailles\Mes documents\Téléchargements\RSIT.exe
C:\Documents and Settings\escrouzailles\Mes documents\Téléchargements\escrouzailles.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [sclauncher] C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-68856.exe" /REG
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?be5402ed17b1408588197c5ebb86a4ce
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?be5402ed17b1408588197c5ebb86a4ce
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C73C9A9-97B8-4507-A17A-40C4729ABDC5}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF0112C0-7891-49BD-B219-C6B1B3D0BF2F}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice129.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe
0
Réponse 2 / 15
Utilisateur anonyme
 
bonjour

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll


Relance Hijackthis
Clique sur do a system scan only
Coche les lignes que je t'indique en gras
Clique sur fix checked
Redémarre le PC

C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
supprime ce qui est en gras, et vide la corbeille

Télécharge USBFix de Chiquitine29 , C_XX et Chimay8 sur ton bureau
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe­
ou
https://www.ionos.fr/?affiliate_id=77097

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau .

# Sélectionne l'option 1 ( Recherche )

# Laisse travailler l'outil.

# Ensuite poste le rapport UsbFix.txt qui apparaitra.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


0
Réponse 3 / 15
lol-81 Messages postés 12 Statut Membre
 
merci pour avoir répondu aussi rapidement.
J'ai fait tout ce que tu m'a demandé.

en ce qui concerne : C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
supprime ce qui est en gras, et vide la corbeille

2 fichiers du même noms trouvés, j'ai donc supprimé les 2

voila le rapport usb fix:

############################## | UsbFix V6.068 |

User : escrouzailles (Administrateurs) # LOL
Update on 28/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:34:07 | 29/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Genuine Intel(R) CPU T2250 @ 1.73GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton Internet Security 2006 2006 [ Enabled | Updated ]
AV : Avira AntiVir PersonalEdition Classic 8.0.1.30 [ Enabled | Updated ]
FW : Norton Internet Worm Protection[ (!) Disabled ]2006
FW : Norton Internet Security 2006[ Enabled ]2006

C:\ -> Disque fixe local # 92,91 Go (16,35 Go free) # NTFS
D:\ -> Disque CD-ROM # 470,35 Mo (0 Mo free) [UPI12] # CDFS
E:\ -> Disque amovible # 503,32 Mo (456,7 Mo free) # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 1836
C:\WINDOWS\system32\csrss.exe 1896
C:\WINDOWS\system32\winlogon.exe 1928
C:\WINDOWS\system32\services.exe 1972
C:\WINDOWS\system32\lsass.exe 1984
C:\WINDOWS\system32\svchost.exe 268
C:\WINDOWS\system32\svchost.exe 392
C:\WINDOWS\System32\svchost.exe 536
C:\WINDOWS\system32\svchost.exe 580
C:\WINDOWS\system32\svchost.exe 748
C:\WINDOWS\system32\svchost.exe 896
C:\WINDOWS\system32\spoolsv.exe 1220
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe 1280
C:\WINDOWS\Explorer.EXE 1364
C:\WINDOWS\system32\svchost.exe 1436
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 656
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 672
C:\WINDOWS\RTHDCPL.EXE 684
C:\WINDOWS\AGRSMMSG.exe 696
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe 732
C:\WINDOWS\system32\TPSMain.exe 736
C:\WINDOWS\system32\TDispVol.exe 620
C:\Program Files\SimpleCenter\bin\win\sclauncher.exe 836
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe 776
C:\Program Files\Synaptics\SynTP\Toshiba.exe 912
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe 1104
C:\WINDOWS\system32\TPSBattM.exe 1124
C:\Program Files\Java\jre6\bin\jusched.exe 1132
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe 1172
C:\Program Files\iTunes\iTunesHelper.exe 1412
C:\WINDOWS\system32\ctfmon.exe 1480
C:\Program Files\Rainlendar2\Rainlendar2.exe 1492
C:\Program Files\a-squared Free\a2service.exe 1528
C:\Program Files\Messenger\msmsgs.exe 1564
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 1620
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe 1884
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 1872
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 212
C:\Program Files\Bonjour\mDNSResponder.exe 452
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 560
C:\Program Files\Java\jre6\bin\jqs.exe 1740
C:\Program Files\Cyberlink\Shared files\RichVideo.exe 1792
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe 2400
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2456
C:\WINDOWS\system32\svchost.exe 2532
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe 2560
C:\WINDOWS\system32\wuauclt.exe 2744
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 3100
C:\Program Files\iPod\bin\iPodService.exe 3272
C:\WINDOWS\System32\alg.exe 3652
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 2708
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 2960
C:\Program Files\Mozilla Firefox\firefox.exe 940
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2380
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2684
C:\Program Files\Windows Live\Messenger\usnsvc.exe 3304
C:\Program Files\Java\jre6\bin\jucheck.exe 3764
C:\Documents and Settings\escrouzailles\Mes documents\Téléchargements\HiJackThis.exe 2068
C:\WINDOWS\system32\NOTEPAD.EXE 3216
C:\WINDOWS\system32\wbem\wmiprvse.exe 2280

################## | Elements infectieux |

D:\autorun.inf

################## | Registre |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{4b0162b1-4a51-11db-a793-806d6172696f}
Shell\AutoRun\command =D:\AutoRun.exe

HKCU\..\..\Explorer\MountPoints2\{95f0049f-29ab-11de-865b-00a0d14bff7e}
Shell\AutoRun\command =H:\SETUP.EXE

HKCU\..\..\Explorer\MountPoints2\{95f004a6-29ab-11de-865b-00a0d14bff7e}
Shell\AutoRun\command =K:\SETUP.EXE

HKCU\..\..\Explorer\MountPoints2\{9b8e5ec9-e5c0-11de-86ef-00a0d14bff7e}
Shell\Auto\command =F:\AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

HKCU\..\..\Explorer\MountPoints2\{cb58bbb0-6af7-11de-869d-00a0d14bff7e}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd22B.vbs

################## | Cracks > Keygens > Serials |

"C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\HfxSerial.exe"
13/08/2004 06:07 |Size 61440 |Crc32 11f25280 |Md5 52eb46a8fcc651bcd4562f632e716e12

"C:\[ LOL ]\PHOTOS\données\photoshop element 4\BS\cracktro_element4.exe"
28/09/2005 17:05 |Size 141312 |Crc32 b68f684b |Md5 e06e61e53202a9a8baafdde5fced8d85

"C:\[ LOL ]\PHOTOS\données\photoshop element 4\BS\keygen_element4.exe"
29/09/2005 09:20 |Size 33792 |Crc32 5d34cb78 |Md5 8d5b192883eea1afeb08c240100c6a5d


################## | ! Fin du rapport # UsbFix V6.068 ! |
0
Réponse 4 / 15
lol-81 Messages postés 12 Statut Membre
 
j'ai refait un scan RSIT :


Logfile of random's system information tool 1.06 (written by random/random)
Run by escrouzailles at 2009-12-29 16:51:16
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 17 GB (18%) free of 95 GB
Total RAM: 2046 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:51:28, on 29/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\escrouzailles\Mes documents\Téléchargements\RSIT.exe
C:\Documents and Settings\escrouzailles\Mes documents\Téléchargements\escrouzailles.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [sclauncher] C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?be5402ed17b1408588197c5ebb86a4ce
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?be5402ed17b1408588197c5ebb86a4ce
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C73C9A9-97B8-4507-A17A-40C4729ABDC5}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF0112C0-7891-49BD-B219-C6B1B3D0BF2F}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice129.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
Utilisateur anonyme
 
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau

# Sélectionne l'option 2 ( Suppression )

# Ton bureau disparaitra et le pc redémarrera .

# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

# Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 6 / 15
lol-81 Messages postés 12 Statut Membre
 
############################## | UsbFix V6.068 |

User : escrouzailles (Administrateurs) # LOL
Update on 28/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 17:02:24 | 29/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Genuine Intel(R) CPU T2250 @ 1.73GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton Internet Security 2006 2006 [ Enabled | Updated ]
AV : Avira AntiVir PersonalEdition Classic 8.0.1.30 [ Enabled | Updated ]
FW : Norton Internet Worm Protection[ (!) Disabled ]2006
FW : Norton Internet Security 2006[ Enabled ]2006

C:\ -> Disque fixe local # 92,91 Go (16,28 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible # 503,32 Mo (456,7 Mo free) # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 1832
C:\WINDOWS\system32\csrss.exe 1884
C:\WINDOWS\system32\winlogon.exe 1920
C:\WINDOWS\system32\services.exe 1964
C:\WINDOWS\system32\lsass.exe 1976
C:\WINDOWS\system32\svchost.exe 256
C:\WINDOWS\system32\svchost.exe 384
C:\WINDOWS\System32\svchost.exe 532
C:\WINDOWS\system32\svchost.exe 572
C:\WINDOWS\system32\svchost.exe 632
C:\WINDOWS\system32\svchost.exe 824
C:\WINDOWS\system32\logonui.exe 836
C:\WINDOWS\system32\spoolsv.exe 1156
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe 1204
C:\WINDOWS\system32\svchost.exe 1440
C:\WINDOWS\Explorer.EXE 1504
C:\Program Files\a-squared Free\a2service.exe 900
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe 932
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 1000
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1016
C:\Program Files\Bonjour\mDNSResponder.exe 1032
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 1092
C:\Program Files\Google\Update\GoogleUpdate.exe 1324
C:\Program Files\Java\jre6\bin\jqs.exe 1420
C:\Program Files\Cyberlink\Shared files\RichVideo.exe 1716
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe 260
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 740
C:\WINDOWS\system32\svchost.exe 816
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe 1216
C:\WINDOWS\system32\wuauclt.exe 1784
C:\WINDOWS\System32\alg.exe 2432
C:\WINDOWS\system32\wbem\wmiprvse.exe 2452
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2740
C:\WINDOWS\system32\wbem\wmiprvse.exe 2776

################## | Elements infectieux |

Supprimé ! C:\Recycler\S-1-5-21-1345594411-4152947399-3422116982-1006

################## | Registre |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{95f0049f-29ab-11de-865b-00a0d14bff7e}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{95f004a6-29ab-11de-865b-00a0d14bff7e}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9b8e5ec9-e5c0-11de-86ef-00a0d14bff7e}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{cb58bbb0-6af7-11de-869d-00a0d14bff7e}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[16/01/2006 17:37|--a------|0] C:\AUTOEXEC.BAT
[12/01/2007 21:55|-rahs----|216] C:\boot.ini
[05/08/2004 12:00|-rahs----|4952] C:\Bootfont.bin
[16/12/2009 19:21|--a------|982] C:\cleannavi.txt
[12/03/2009 17:54|--a------|17064] C:\ComboFix.txt
[16/01/2006 17:37|--a------|0] C:\CONFIG.SYS
[12/03/2009 17:45|--a------|5077] C:\FindyKill.txt
[?|?|?] C:\hiberfil.sys
[17/11/2009 19:53|--a------|525] C:\hpfr3420.xml
[17/11/2009 19:53|--a------|81277] C:\hpfr3425.log
[09/11/2008 16:14|--ah-----|809] C:\hpothb07.dat
[09/11/2008 16:14|--ah-----|1507] C:\hpothb07.tif
[16/01/2006 17:37|-rahs----|0] C:\IO.SYS
[29/03/2007 14:09|--a------|643] C:\mpeg.txt
[16/01/2006 17:37|-rahs----|0] C:\MSDOS.SYS
[05/08/2004 12:00|-rahs----|47564] C:\NTDETECT.COM
[14/03/2009 11:04|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[16/05/2007 10:38|--a------|186] C:\Raccourci vers Lecteur CD.lnk
[04/04/2006 22:43|--ah-----|388] C:\SWSTAMP.TXT
[15/11/2008 11:35|--ahs----|3072] C:\Thumbs.db
[29/12/2009 17:09|--a------|4441] C:\UsbFix.txt
[12/12/2009 14:47|--a------|52640] E:\CV laurie infographiste4.pdf

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |

"C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\HfxSerial.exe"
13/08/2004 06:07 |Size 61440 |Crc32 11f25280 |Md5 52eb46a8fcc651bcd4562f632e716e12

"C:\[ LOL ]\PHOTOS\données\photoshop element 4\BS\cracktro_element4.exe"
28/09/2005 17:05 |Size 141312 |Crc32 b68f684b |Md5 e06e61e53202a9a8baafdde5fced8d85

"C:\[ LOL ]\PHOTOS\données\photoshop element 4\BS\keygen_element4.exe"
29/09/2005 09:20 |Size 33792 |Crc32 5d34cb78 |Md5 8d5b192883eea1afeb08c240100c6a5d


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\ESCROU~1\Bureau\UsbFix_Upload_Me_LOL.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.068 ! |
0
Utilisateur anonyme
 
"C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\HfxSerial.exe"
13/08/2004 06:07 |Size 61440 |Crc32 11f25280 |Md5 52eb46a8fcc651bcd4562f632e716e12

"C:\[ LOL ]\PHOTOS\données\photoshop element 4\BS\cracktro_element4.exe"
28/09/2005 17:05 |Size 141312 |Crc32 b68f684b |Md5 e06e61e53202a9a8baafdde5fced8d85

"C:\[ LOL ]\PHOTOS\données\photoshop element 4\BS\keygen_element4.exe"
29/09/2005 09:20 |Size 33792 |Crc32 5d34cb78 |Md5 8d5b192883eea1afeb08c240100c6a5d


lit ceci sur le danger des cracks en cliquant sur ce lien:
https://forum.malekal.com/viewtopic.php?t=893&start=


pourrai tu me refaire un RSIT
0
Réponse 7 / 15
lol-81 Messages postés 12 Statut Membre
 
Je connais les risques, il se trouve que ces logiciel ont été installés il y' a presque 3 ans par des amis. Je peux t'assurer que je ne m'amuse pas à ce genre de choses maintenant, je tiens trop à mon pc pour ça ;-)d'ailleurs ne les utilisant même pas je vais faire un gros nettoyage après tout ça. En esperant que la désinfection marche; pour info, j'ai toujours des fenêtres pub qui s'ouvrent.

Logfile of random's system information tool 1.06 (written by random/random)
Run by escrouzailles at 2009-12-29 17:34:08
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 17 GB (18%) free of 95 GB
Total RAM: 2046 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:34:23, on 29/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\escrouzailles\Mes documents\Téléchargements\RSIT.exe
C:\Documents and Settings\escrouzailles\Mes documents\Téléchargements\escrouzailles.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [sclauncher] C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?be5402ed17b1408588197c5ebb86a4ce
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?be5402ed17b1408588197c5ebb86a4ce
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C73C9A9-97B8-4507-A17A-40C4729ABDC5}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF0112C0-7891-49BD-B219-C6B1B3D0BF2F}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice129.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe
0
Réponse 8 / 15
Utilisateur anonyme
 
C:\WINDOWS\isRS-000.tmp
analyse ce fichier sur le site Virus Total

C:\Program Files\Automated Content Enhancer
il faut supprimer ceci

C:\[LOL]
c'est quoi ce truc?
0
Réponse 9 / 15
lol-81 Messages postés 12 Statut Membre
 
Je ne trouve pas le fichier: C:\WINDOWS\isRS-000.tmp

C:\[LOL] est un dossier que j'ai crée. J'ai pris l'habitude de creer mes dossiers d'image, musique...etc sous C:\ y'à 10 ans.

Sinon pour avoir tous les éléments en main, les ennuis ont commencés lorsque ma soeur a utilisé mon pc pendant mon absence. Elle a voulu voir un film en streaming, je soupçonne un téléchargement de lecteur vidéo ou quelquechose comme ça. Ca remonterait au 1er décembre. Je ne sais pas si ca peut avancer le schmilblik mais à tout hazard.
0
Réponse 10 / 15
lol-81 Messages postés 12 Statut Membre
 
et ACEcommon.dll impossible à supprimer dans C:\Program Files\Automated Content Enhancer
(N.B: fichier crée le 1er décembre.)
0
Utilisateur anonyme
 
c'est un adware Double D qui a été téléchargé, c'est ce truc qui provoque probablement l'ouverture de fenêtres publicitaires
Met à jour ton Malwarebytes, et refait un scan complet
0
Réponse 11 / 15
lol-81 Messages postés 12 Statut Membre
 
bien vu, je croyais que j'étais à jour mais non! déja 34 éléments trouvés.....

et pour C:\WINDOWS\isRS-000.tmp et C:\Program Files\Automated Content Enhancer ? je m'en préoccupe plus?
0
Utilisateur anonyme
 
j'attends le rapport de Malwarebytes, et on verra après
0
Réponse 12 / 15
lol-81
 
voila le rapport de malwarebytes:

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3450
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

29/12/2009 22:03:26
mbam-log-2009-12-29 (22-03-26).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 329938
Temps écoulé: 3 hour(s), 29 minute(s), 37 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 6
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 27
Fichier(s) infecté(s): 242

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACECommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPACommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QuestService Service (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\Web Search Operator (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP830\A0149432.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149460.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149480.rbf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149494.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149504.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149505.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149506.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149514.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149515.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149516.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP831\A0149518.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP834\A0149726.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP834\A0149727.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP836\A0149776.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D475D116-DF88-45C4-8BF3-9AB6FC089BD7}\RP836\A0149779.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACECommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPACommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\QuestService\questservice.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-164114.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-164227.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-140745.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-144250.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-144317.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-154109.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-154404.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-154909.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-173829.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-174512.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-174515.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-202654.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091204-173832.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091206-010329.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091206-010331.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091206-225432.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091207-181728.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091208-114818.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091208-115145.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091208-174417.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091208-202629.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091209-131449.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091209-133337.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091209-133948.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091209-175619.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091209-183630.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091209-192022.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091209-201114.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091209-204323.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091210-130215.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091210-130612.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091210-185302.084.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091211-131602.115.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091211-201349.772.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091212-133156.897.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091212-213432.350.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-132348.381.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-143307.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-144939.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-144942.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-150031.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-150034.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-153414.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-153431.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-160853.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-162758.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-172539.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-173325.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091213-174143.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091214-123056.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091215-103119.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091215-103349.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091215-124607.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091215-162613.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091215-200748.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091215-201845.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091216-123501.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091216-175718.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091216-192855.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091216-194201.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091216-201429.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091217-125429.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091217-125721.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091218-091837.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091218-095636.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091218-103702.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091218-125509.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091219-122633.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091220-210336.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091220-210740.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091221-132848.791.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091222-205742.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091223-163133.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091225-132005.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091226-133641.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091226-195228.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091226-195238.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091227-181406.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091227-181453.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091227-181912.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091227-181920.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091227-182025.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091227-210232.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091227-210309.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091227-210333.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091228-122537.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091229-102457.378.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091229-140552.019.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091229-162622.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091229-171840.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091229-203548.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-164122.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-164228.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-140745.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-144250.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-144317.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-154109.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-154404.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-154913.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-173829.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-174512.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-174515.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-202654.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091204-173832.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091206-010329.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091206-010331.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091206-225433.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091207-181729.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091208-114820.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091208-115145.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091208-174419.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091208-202632.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091209-131449.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091209-133337.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091209-133948.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091209-175619.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091209-183630.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091209-192022.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091209-201114.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091209-204323.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091210-130223.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091210-130612.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091210-185302.303.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091211-131604.600.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091211-201350.819.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091212-133159.772.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091212-213433.209.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-132350.412.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-143312.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-144939.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-144942.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-150031.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-150034.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-153415.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-153431.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-160854.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-162758.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-172539.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-173325.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091213-174143.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091214-123057.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091215-103119.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091215-103349.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091215-124607.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091215-162613.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091215-200748.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091215-201845.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091216-123501.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091216-175718.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091216-192857.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091216-194201.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091216-201431.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091217-125434.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091217-125721.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-091837.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-095637.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-103702.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-125512.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-122635.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091220-210336.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091220-210740.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091221-132848.885.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091222-205742.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091223-163133.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091225-132005.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091226-133642.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-181409.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-181454.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-181912.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-181920.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-182025.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-210233.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-210309.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-210333.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091228-122539.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091229-102457.394.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091229-140552.207.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091229-162624.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091229-171840.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091229-203549.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\escrouzailles\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\searchPlugins\questservice127.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\searchPlugins\questservice129.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
0
Utilisateur anonyme
 
eh bien, ton PC était bien infecté
Vide la quarantaine de Malwarebytes
0
Réponse 13 / 15
lol-81 Messages postés 12 Statut Membre
 
Eh bien merci nathandre! Tout est bien qui finit bien... problème résolu .. tout roule.
Merci encore ;-)
0
Utilisateur anonyme
 
bonjour
ce qui serai bien, ce serai de purger et nettoyer le PC, les points de restauration sont infectés, et il faut purger le PC pour supprimer ces points de restauration
0
Réponse 14 / 15
lol-81 Messages postés 12 Statut Membre
 
le purger? j'ai relancé tous les outils de nettoyage que j'ai mais dis moi la marche à suivre pour nettoyer et purger à fond.. merci
0
Utilisateur anonyme
 
Bonjour
Purge de la restauration système

*Désactive ta restauration pour supprimer les points de restauration infectés:

Clique droit sur Poste de travail, clique sur Propriétés, puis sur Restauration système Coche la case désactiver la restauration Clique sur appliquer, puis sur OK
---> Redémarre ton PC ...

*Réactive ta restauration :
Clique droit sur Poste de travail, clique sur Propriétés, puis sur Restauration système Décoche la case désactiver la restauration Clique sur appliquer, puis sur OK
--->Redémarre ton PC ...

( Note : tu peux aussi y accéder via panneau de configuration->" système "->" restauration système " ).

Créer un point de restauration propre manuellement:
Démarrer, Programmes
Va dans accèssoires, et dans outils système
Sélectionne restauration système
Clique sur suivant
Entre la date du point de restauration que tu veux créer
Clique sur créer, et le point de restauration se crée automatiquement
0
Réponse 15 / 15
lol-81 Messages postés 12 Statut Membre
 
point de restauration crée ... tu penses que tout est ok?
0
Utilisateur anonyme
 
pour vérifier
pourrai tu me refaire un RSIT
0