Virus Trojan besoin d'aide svp

elixyr_08 Messages postés 77 Statut Membre -  
elixyr_08 Messages postés 77 Statut Membre -
Bonjour,
Voila j'ai un soucis de virus ou de cheval de troie je pense, depuis plus d'un mois.
A cause des pubs qui defile sur internet, j'ai cliqué sur l'une d'entre elle par mal adresse, et depuis tout mon PC rame meme sur internet donc j'ai téléchargé hijackthis et voici le rapport: (Pouvez vous m'aider SVP) Merci d'avance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:14:00, on 11/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
C:\Documents and Settings\Balbina\Mes documents\Téléchargements\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - (no file)
R3 - URLSearchHook: FearFM Toolbar - {bab31fc4-cb97-46f4-9565-26d65225cc2c} - C:\Program Files\FearFM\tbFea0.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTP01621 Class - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - (no file)
O2 - BHO: FearFM Toolbar - {bab31fc4-cb97-46f4-9565-26d65225cc2c} - C:\Program Files\FearFM\tbFea0.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMin1.dll
O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: FearFM Toolbar - {bab31fc4-cb97-46f4-9565-26d65225cc2c} - C:\Program Files\FearFM\tbFea0.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMin1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\RunOnce: [SymLnch] "C:\Documents and Settings\JP et Nathalie\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe" "C:\Documents and Settings\JP et Nathalie\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe" "/REALUPREBOOT /temp /patched"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Editeur audio basic - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Akimania\Editeur Audio Basic\Studio enregistrement (file missing)
O9 - Extra 'Tools' menuitem: &Editeur audio basic - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Akimania\Editeur Audio Basic\Studio enregistrement (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InstallShield Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - http://tbn0.google.com/images?q=tbn:X09y22Ui8-G4VM:membres.lycos.fr/yanngermain/images/tigres.jpg
O24 - Desktop Component 1: (no name) - http://www.lexode.com/galerie/galerie/c/h/chris177/mini/1182099857470.jpeg
O24 - Desktop Component 10: (no name) - http://pics.homere.jmsp.net/t_15/64x64/205594.jpg
O24 - Desktop Component 11: (no name) - http://www.lexode.com/galerie/galerie/d/a/darkmel38/mini/1173605364175.jpeg
O24 - Desktop Component 12: (no name) - http://www.lexode.com/galerie/galerie/t/a/taz3p/mini/11111542248.jpg
O24 - Desktop Component 13: (no name) - http://www.lexode.com/galerie/galerie/f/r/franzie38/mini/114330837761.jpg
O24 - Desktop Component 14: (no name) - http://www.lexode.com/galerie/galerie/h/o/horse3000/10857499275.jpg
O24 - Desktop Component 15: (no name) - http://www.lexode.com/galerie/galerie/b/a/babycat/109317439760.jpg
O24 - Desktop Component 16: (no name) - http://www.lexode.com/galerie/galerie/c/a/cazanova/115585246414.jpg
O24 - Desktop Component 17: (no name) - http://www.lexode.com/galerie/galerie/z/a/zaza67120/mini/113683511760.jpg
O24 - Desktop Component 18: (no name) - http://www.lexode.com/galerie/galerie/c/h/chris177/mini/1182099808077.jpeg
O24 - Desktop Component 19: (no name) - http://www.lexode.com/galerie/galerie/c/h/chris177/mini/1182099799681.jpeg
O24 - Desktop Component 2: (no name) - http://tbn0.google.com/images?q=tbn:VY4fAGsihx2lsM:www.calendars.com/images/011/1193/200500003800_hs.jpg
O24 - Desktop Component 20: (no name) - http://www.lexode.com/galerie/galerie/a/l/alex13/mini/108505947490.JPG
O24 - Desktop Component 21: (no name) - http://www.1001-votes.com/vote/1234fonds/soleil-1150219378-t.jpg
O24 - Desktop Component 22: (no name) - http://www.1001-votes.com/vote/1234fonds/cheval-a7-t.jpg
O24 - Desktop Component 23: (no name) - http://www.villiard.com/images/animaux/chevaux/cheval-de-course.jpg
O24 - Desktop Component 24: (no name) - http://www.villiard.com/images/animaux/chevaux/chevaux-de-course.jpg
O24 - Desktop Component 25: (no name) - http://www.villiard.com/images/animaux/chevaux/cheval.jpg
O24 - Desktop Component 26: (no name) - http://panther5.weeworld.com/images/fr-FR/demoholder.gif
O24 - Desktop Component 3: (no name) - http://www.lexode.com/galerie/galerie/p/i/pimsounette/mini/1181761249483.jpeg
O24 - Desktop Component 4: (no name) - http://www.lexode.com/galerie/galerie/e/u/euriel/mini/1180801813495.jpeg
O24 - Desktop Component 5: (no name) - http://www.lexode.com/galerie/galerie/b/e/bep50/mini/115615801830.jpg
O24 - Desktop Component 6: (no name) - http://www.lexode.com/galerie/galerie/c/h/cherygirl66/108472788379.jpg
O24 - Desktop Component 7: (no name) - http://www.lexode.com/galerie/galerie/a/n/angie21/mini/109086968629.jpg
O24 - Desktop Component 8: (no name) - http://www.lexode.com/galerie/galerie/c/l/cler0u/mini/115575995767.jpg
O24 - Desktop Component 9: (no name) - http://www.lexode.com/galerie/galerie/j/p/jpv34/mini/113629010111.jpg

--
End of file - 16632 bytes
Configuration: Windows XP
Safari 532.0

18 réponses

  1. Utilisateur anonyme
     
    Bonjours,

    ►Relancer HijackThis.
    ►"Do A System Scan Only"
    ►Cocher ces lignes et clic ensuite sur FIX CHECKED

    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

    ►Va dans "Démarrer" -> "Exécuter" -> Taper : services.msc et [OK]
    ►Cherche dans la liste le nom : Boonty Games
    ►Double-clic dessus -> dans type de démarrage ->Désactivé -> en dessous et choisis
    (Arrêter) et [OK]

    ►Ensuite "supprimer"
    BOONTY Shared ==> dans C:\Program Files\Fichiers communs\

    / Click ici( de Eric_71/Team IDN ) sur ton bureau :
    / Va ici pour le Tutoriel
    !! Déconnecte toi et ferme toutes tes applications en cours le temps de la manipe !!

    * Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...</gras>
    -> Tapes ( option " recherche " ) puis tape sur [Entrée].

    Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse

    ( le rapport est en outre sauvegardé ici -> C:\TB.txt )

    ►Ensuite va ici pour / => Télécharger <=
    ►Enregistre le sur ton bureau.
    ►Double-clique dessus.
    ►Fait mise à jours.
    ►Fait un scanne "rapide".
    ►A la fin du scanne tu clique sur "Afficher le rapport".
    ►sélectionne tout donc fait : (CTRL + A)
    ►Ensuite copie tout tu fait : (CTRL + C)
    ►Et envoie moi le rapport ici en fessant le coller : (CTRL + V)
    1
  2. Utilisateur anonyme
     
    Faut jamais prendre des crack...

    ►relance ToolBar S&D
    ►Lance l'option "2"
    ►Envoie moi le rapport dans ta prochaines réponse.

    ►Relance Malwarebytes' Anti-Malware.
    ►Puis refait le scanne "rapide" et supprime ce qu'il trouve.
    ►Envoie moi le rapport dans ta prochaines réponse.
    1
  3. Utilisateur anonyme
     
    ►Relance Anti Malwaresbytes et relance le scanne "rapide" et supprime tout ce qu'il trouve.
    ►Envoie moi le rapport.
    ►Ensuite fait ci-dessous.
    ►Maintenant prend / RSIT
    ►Télécharge le.
    ►Lance le.
    ►Au moment du message "Disclaimer of warranty" clique sur continuer.
    ►Patientes lors du scanne.
    ►A la fin du scanne.
    ►2 Bloc notes s'ouvrent qui s'appelle :
    ►C:\rsit\info.txt
    ►C:\rsit\log.txt
    ►Envoie moi les 2, a ta prochaines réponse.
    1
  4. nicobett Messages postés 288 Statut Membre 42
     
    j'ai vu que tu a avast. quand tu fais un scan avec il te trouve un problème? fais le en mode sans echec pour être plus sur!
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. elixyr_08 Messages postés 77 Statut Membre 1
     
    sans echec ?! Je dois redémarrer le pc et appuyer sur f8 ?!
    0
  7. nicobett Messages postés 288 Statut Membre 42
     
    oui c'est ça. il faut tapoter. c'est avant que le logo windows apparaisse. Sur certain PC c'est F5 donc si F8 marche pa=>test F5.
    Une foi en mode sans echec fais une analyse complète de ton pc. prépare un bouquin ou une console...ça prend du temps.
    0
  8. elixyr_08 Messages postés 77 Statut Membre 1
     
    ok merci ;)
    et une fois l'analyse terminé je fais quoi
    0
  9. nicobett Messages postés 288 Statut Membre 42
     
    ben tu verras si il reste des merdes ou pas. Il te le diras. Si tu as un virus et que ton antivirus est a jour, il va surement te le dégager
    0
  10. elixyr_08 Messages postés 77 Statut Membre 1
     
    ok je fais sa tout de suite, merci
    0
  11. nicobett Messages postés 288 Statut Membre 42
     
    pkoi??
    0
  12. nicobett Messages postés 288 Statut Membre 42
     
    dsl pour le pourquoi, petit pb... Alors ça a donné quoi?
    0
  13. Profil bloqué
     
    javai tres bien compri qe pk ca voulai dire pourqoi mai jai rien compri a ton message
    0
  14. elixyr_08 Messages postés 77 Statut Membre 1
     
    a vrai dire après le scan en mode echec j'ai l'impression qu'il rame encore plus
    0
  15. elixyr_08 Messages postés 77 Statut Membre 1
     
    voila le rapport de toolbar

    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Award Modular BIOS v6.00PG
    USER : Balbina ( Administrator )
    BOOT : Normal boot
    Antivirus : a-squared Anti-Malware 4 (Activated)
    C:\ (Local Disk) - FAT32 - Total:72 Go (Free:24 Go)
    D:\ (Local Disk) - FAT32 - Total:73 Go (Free:32 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    G:\ (USB)
    I:\ (USB)
    J:\ (USB)
    K:\ (USB)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [1] ( 13/01/2010| 9:22 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\Balbina\Cookies\balbina@www.bananalotto[2].txt
    C:\DOCUME~1\Balbina\Cookies\balbina@malotoviche945.skyrock[1].txt
    C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
    C:\DOCUME~1\JPETNA~1\APPLIC~1\Search Settings
    C:\DOCUME~1\JPETNA~1\APPLIC~1\Search Settings\kb128
    C:\DOCUME~1\JPETNA~1\APPLIC~1\Search Settings\kb128\temp
    C:\DOCUME~1\JPETNA~1\APPLIC~1\Search Settings\kb128\temp\ws-14619.log
    C:\DOCUME~1\BALBINA\APPLIC~1\Search Settings
    C:\DOCUME~1\BALBINA\APPLIC~1\Search Settings\kb128
    C:\DOCUME~1\BALBINA\APPLIC~1\Search Settings\kb128\temp
    C:\DOCUME~1\BALBINA\APPLIC~1\Search Settings\kb128\temp\ws-14620.log
    C:\DOCUME~1\BALBINA\APPLIC~1\Search Settings\kb128\temp\ws-14621.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14589.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14592.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14593.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14594.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14596.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14599.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14603.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14605.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14607.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14610.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14620.log
    C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128\temp\ws-14621.log
    C:\Program Files\Search Settings
    C:\Program Files\Search Settings\kb128
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Search Settings\kb128\res
    C:\Program Files\Search Settings\kb128\temp
    C:\Program Files\Search Settings\kb128\SearchSettings.dll
    C:\Program Files\Search Settings\kb128\SearchSettingsRes409.dll
    C:\WINDOWS\iun6002.exe

    -----------\\ Extensions

    (Balbina) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.google.fr/?gws_rd=ssl"
    "Search Page"="https://www.google.com/?gws_rd=ssl"
    "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\BALBINA\Mes documents\LimeWire\Saved\Virtual DJ 4.2 ITA + 109 Effects + 123 Samples + 38 Skins\Virtual Dj Effetti Ita\AceCrack-VirtualDJ_1.05(1).exe
    C:\DOCUME~1\BALBINA\Mes documents\LimeWire\Saved\Virtual DJ 4.2 ITA + 109 Effects + 123 Samples + 38 Skins\Virtual.DJ.Pro.v4.2.R1-YAG\Crack
    C:\DOCUME~1\BALBINA\Mes documents\LimeWire\Saved\Virtual DJ 4.2 ITA + 109 Effects + 123 Samples + 38 Skins\Virtual.DJ.Pro.v4.2.R1-YAG\Crack\serial.txt

    1 - "C:\ToolBar SD\TB_1.txt" - 13/01/2010| 9:25 - Option : [1]

    -----------\\ Fin du rapport a 9:25:20,37
    0
  16. elixyr_08 Messages postés 77 Statut Membre 1
     
    Voila le resultat du scan

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3553
    Windows 5.1.2600 Service Pack 2
    Internet Explorer 7.0.5730.13

    13/01/2010 10:05:59
    mbam-log-2010-01-13 (10-05-52).txt

    Type de recherche: Examen rapide
    Eléments examinés: 205192
    Temps écoulé: 20 minute(s), 11 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 19
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 23
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\bho.bho (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> No action taken.
    HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> No action taken.
    HKEY_CLASSES_ROOT\xbtb01621.ietoolbar (Adware.Softomate) -> No action taken.
    HKEY_CLASSES_ROOT\xbtb01621.ietoolbar.1 (Adware.Softomate) -> No action taken.
    HKEY_CLASSES_ROOT\xbtb01621.xbtb01621 (Adware.Softomate) -> No action taken.
    HKEY_CLASSES_ROOT\xbtb01621.xbtb01621.1 (Adware.Softomate) -> No action taken.
    HKEY_CLASSES_ROOT\AppID\{c12fc24b-a7b9-487f-9603-5481ebf00c6f} (Trojan.FakeAlert) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5d945e9a-dc10-4670-83eb-99daa616628a} (Adware.Stud) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ed8525ea-2bfc-4440-bd8a-20efb9d5e541} (Adware.Hotbar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> No action taken.
    HKEY_CURRENT_USER\Software\Suchspur (AdWare.Stud) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\H8SRT (Rootkit.TDSS) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\h8srtd.sys (Rootkit.TDSS) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\BrowserObjects (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\Packages (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\Autorun (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\Autorun\HKCU (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\Autorun\HKLM (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\shcp1cj0er1q\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\BrowserObjects (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\Packages (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKCU (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKCU\RunOnce (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKLM (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKLM\RunOnce (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\StartMenuAllUsers (Rogue.AdvancedXPDefender) -> No action taken.
    C:\Documents and Settings\Antoine\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\StartMenuCurrentUser (Rogue.AdvancedXPDefender) -> No action taken.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\phcv1cj0er1q.jpg (Trojan.FakeAlert) -> No action taken.
    C:\WINDOWS\6514875.exe (Rootkit.Agent) -> No action taken.
    0
  17. elixyr_08 Messages postés 77 Statut Membre 1
     
    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Award Modular BIOS v6.00PG
    USER : Balbina ( Administrator )
    BOOT : Normal boot
    Antivirus : a-squared Anti-Malware 4 (Activated)
    C:\ (Local Disk) - FAT32 - Total:72 Go (Free:24 Go)
    D:\ (Local Disk) - FAT32 - Total:73 Go (Free:32 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    G:\ (USB)
    I:\ (USB)
    J:\ (USB)
    K:\ (USB)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [2] ( 15/01/2010|19:50 )

    -----------\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\Balbina\Cookies\balbina@www.bananalotto[2].txt
    Supprime! - C:\DOCUME~1\Balbina\Cookies\balbina@malotoviche945.skyrock[1].txt
    Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
    Supprime! - C:\DOCUME~1\JPETNA~1\APPLIC~1\Search Settings\kb128
    Supprime! - C:\DOCUME~1\BALBINA\APPLIC~1\Search Settings\kb128
    Supprime! - C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings\kb128
    Supprime! - C:\Program Files\Search Settings\kb128
    Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
    Supprime! - C:\WINDOWS\iun6002.exe
    Supprime! - C:\DOCUME~1\JPETNA~1\APPLIC~1\Search Settings
    Supprime! - C:\DOCUME~1\BALBINA\APPLIC~1\Search Settings
    Supprime! - C:\DOCUME~1\HELPAS~1\APPLIC~1\Search Settings
    Supprime! - C:\Program Files\Search Settings

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ Extensions

    (Balbina) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.google.fr/?gws_rd=ssl"
    "Search Page"="https://www.google.com/?gws_rd=ssl"
    "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="https://www.msn.com/fr-fr/"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\BALBINA\Mes documents\LimeWire\Saved\Virtual DJ 4.2 ITA + 109 Effects + 123 Samples + 38 Skins\Virtual Dj Effetti Ita\AceCrack-VirtualDJ_1.05(1).exe
    C:\DOCUME~1\BALBINA\Mes documents\LimeWire\Saved\Virtual DJ 4.2 ITA + 109 Effects + 123 Samples + 38 Skins\Virtual.DJ.Pro.v4.2.R1-YAG\Crack
    C:\DOCUME~1\BALBINA\Mes documents\LimeWire\Saved\Virtual DJ 4.2 ITA + 109 Effects + 123 Samples + 38 Skins\Virtual.DJ.Pro.v4.2.R1-YAG\Crack\serial.txt

    1 - "C:\ToolBar SD\TB_1.txt" - 13/01/2010| 9:25 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 15/01/2010|19:53 - Option : [2]

    -----------\\ Fin du rapport a 19:53:20,67
    0
  18. elixyr_08 Messages postés 77 Statut Membre 1
     
    Désolé du temps de réponse j'étais en vacances
    voici le blog note log: Logfile of random's system information tool 1.06 (written by random/random)
    Run by Balbina at 2010-02-15 08:33:20
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 21 GB (28%) free of 74 GB
    Total RAM: 447 MB (39% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 08:33:40, on 15/02/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
    C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\Program Files\DNA\btdna.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\acer\Acer eConsole\MediaServerService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Documents and Settings\Balbina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Documents and Settings\Balbina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Balbina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Balbina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Balbina\Mes documents\Downloads\RSIT.exe
    C:\Documents and Settings\Balbina\Mes documents\Téléchargements\Balbina.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: (no name) - {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - (no file)
    R3 - URLSearchHook: FearFM Toolbar - {bab31fc4-cb97-46f4-9565-26d65225cc2c} - C:\Program Files\FearFM\tbFea0.dll
    O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: XBTP01621 Class - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - (no file)
    O2 - BHO: FearFM Toolbar - {bab31fc4-cb97-46f4-9565-26d65225cc2c} - C:\Program Files\FearFM\tbFea0.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMin1.dll
    O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - (no file)
    O3 - Toolbar: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - (no file)
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: FearFM Toolbar - {bab31fc4-cb97-46f4-9565-26d65225cc2c} - C:\Program Files\FearFM\tbFea0.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMin1.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\RunOnce: [SymLnch] "C:\Documents and Settings\JP et Nathalie\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe" "C:\Documents and Settings\JP et Nathalie\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe" "/REALUPREBOOT /temp /patched"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe
    O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Editeur audio basic - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Akimania\Editeur Audio Basic\Studio enregistrement (file missing)
    O9 - Extra 'Tools' menuitem: &Editeur audio basic - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Akimania\Editeur Audio Basic\Studio enregistrement (file missing)
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: InstallShield Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe (file missing)
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    O24 - Desktop Component 0: (no name) - http://tbn0.google.com/...
    O24 - Desktop Component 1: (no name) - http://www.lexode.com/galerie/galerie/c/h/chris177/mini/1182099857470.jpeg
    O24 - Desktop Component 10: (no name) - http://pics.homere.jmsp.net/t_15/64x64/205594.jpg
    O24 - Desktop Component 11: (no name) - http://www.lexode.com/galerie/galerie/d/a/darkmel38/mini/1173605364175.jpeg
    O24 - Desktop Component 12: (no name) - http://www.lexode.com/galerie/galerie/t/a/taz3p/mini/11111542248.jpg
    O24 - Desktop Component 13: (no name) - http://www.lexode.com/galerie/galerie/f/r/franzie38/mini/114330837761.jpg
    O24 - Desktop Component 14: (no name) - http://www.lexode.com/galerie/galerie/h/o/horse3000/10857499275.jpg
    O24 - Desktop Component 15: (no name) - http://www.lexode.com/galerie/galerie/b/a/babycat/109317439760.jpg
    O24 - Desktop Component 16: (no name) - http://www.lexode.com/galerie/galerie/c/a/cazanova/115585246414.jpg
    O24 - Desktop Component 17: (no name) - http://www.lexode.com/galerie/galerie/z/a/zaza67120/mini/113683511760.jpg
    O24 - Desktop Component 18: (no name) - http://www.lexode.com/galerie/galerie/c/h/chris177/mini/1182099808077.jpeg
    O24 - Desktop Component 19: (no name) - http://www.lexode.com/galerie/galerie/c/h/chris177/mini/1182099799681.jpeg
    O24 - Desktop Component 2: (no name) - http://tbn0.google.com/...
    O24 - Desktop Component 20: (no name) - http://www.lexode.com/galerie/galerie/a/l/alex13/mini/108505947490.JPG
    O24 - Desktop Component 21: (no name) - http://www.1001-votes.com/vote/1234fonds/soleil-1150219378-t.jpg
    O24 - Desktop Component 22: (no name) - http://www.1001-votes.com/vote/1234fonds/cheval-a7-t.jpg
    O24 - Desktop Component 23: (no name) - http://www.villiard.com/images/animaux/chevaux/cheval-de-course.jpg
    O24 - Desktop Component 24: (no name) - http://www.villiard.com/images/animaux/chevaux/chevaux-de-course.jpg
    O24 - Desktop Component 25: (no name) - http://www.villiard.com/images/animaux/chevaux/cheval.jpg
    O24 - Desktop Component 26: (no name) - http://panther5.weeworld.com/images/fr-FR/demoholder.gif
    O24 - Desktop Component 3: (no name) - http://www.lexode.com/galerie/galerie/p/i/pimsounette/mini/1181761249483.jpeg
    O24 - Desktop Component 4: (no name) - http://www.lexode.com/galerie/galerie/e/u/euriel/mini/1180801813495.jpeg
    O24 - Desktop Component 5: (no name) - http://www.lexode.com/galerie/galerie/b/e/bep50/mini/115615801830.jpg
    O24 - Desktop Component 6: (no name) - http://www.lexode.com/galerie/galerie/c/h/cherygirl66/108472788379.jpg
    O24 - Desktop Component 7: (no name) - http://www.lexode.com/galerie/galerie/a/n/angie21/mini/109086968629.jpg
    O24 - Desktop Component 8: (no name) - http://www.lexode.com/galerie/galerie/c/l/cler0u/mini/115575995767.jpg
    O24 - Desktop Component 9: (no name) - http://www.lexode.com/galerie/galerie/j/p/jpv34/mini/113629010111.jpg
    0