Sujet Précédent Sujet Suivant

Plein de virus - pc lent

berdjinhokun Messages postés 7 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,

voila mon scan hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:00:36, on 20/12/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Users\Tonton Lorizzio\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Tonton Lorizzio\Downloads\HiJackThis(1).exe
C:\Windows\system32\RunDll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll
O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files\Radio_Bar_1\tbRadi.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tonton Lorizzio\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Grid] "C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tonton Lorizzio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Unibet - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\unibetpokerMPP\MPPoker.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
A voir également:

5 réponses

Réponse 1 / 5
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt
tu parles d'infections? lesquels? tu as des rapports le montrant?

pour avg il faut passer à la dernière version : https://www.avg.com/fr-fr/free-antivirus-download
0
Réponse 2 / 5
berdjinhokun Messages postés 7 Statut Membre
 
la suite

[MD5.FEA7A2B88854620D54C6B6992745E8A8] [SPRF][30/06/2010] (...) -- C:\Users\Tonton Lorizzio\AppData\Local\Temp\uttF0FA.tmp.bat [74]
[MD5.FEA7A2B88854620D54C6B6992745E8A8] [SPRF][30/06/2010] (...) -- C:\Users\Tonton Lorizzio\AppData\Local\Temp\uttFABA.tmp.bat [74]
[MD5.1108B166160D6023AF76435B074052B6] [SPRF][05/04/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Tonton Lorizzio\AppData\Local\Temp\_is1C00.exe [455600]
[MD5.1108B166160D6023AF76435B074052B6] [SPRF][05/04/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Tonton Lorizzio\AppData\Local\Temp\_is439C.exe [455600]
[MD5.1108B166160D6023AF76435B074052B6] [SPRF][05/04/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Tonton Lorizzio\AppData\Local\Temp\_is80AB.exe [455600]
[MD5.057FB7D999A401A758C80F42B2B88CB8] [SPRF][27/12/2009] (...) -- C:\Users\Tonton Lorizzio\AppData\Local\Temp\_unps.exe [274432]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][12/12/2010] (...) -- C:\Users\Tonton Lorizzio\AppData\LocalLow\prvlcl.dat [0]
[MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [SPRF][06/04/2011] (...) -- C:\Users\Tonton Lorizzio\AppData\Roaming\PnkBstrK.sys [138056]
[MD5.0A2AE8C4B3D710AC9500EBFF83E74034] [SPRF][10/04/2009] (.Martin Pesch - mp3DirectCut - Direct MP3 editor and recorder.) -- C:\Users\Tonton Lorizzio\Desktop\mp3DirectCut.exe [66080]
[MD5.E8BAD584C676A776A4AD3D164F400EC2] [SPRF][24/02/2011] (.EA Digital Illusions CE AB - Battlefield Play4Free Updater.) -- C:\Windows\Downloaded Program Files\BP4FUpdater.dll [259456]
[MD5.BD5990D8EC063727895443918464A515] [SPRF][24/02/2011] (.EA Digital Illusions CE AB - Battlefield Play4Free Updater.) -- C:\Windows\Downloaded Program Files\BP4FUpdater.exe [1004928]
[MD5.6F315BDFE7148459DE3B4B59E6DFA1D4] [SPRF][19/08/2009] (.Microsoft® Corporation - Windows Live Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [641368]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592]
~ Scan Files in 00mn 09s

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{0A52D638-DDAC-4F7E-AFCB-6308513642F4}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "{2DFB4152-71E1-4768-927A-5F7A4DA8E693}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "{41927379-551A-412D-89F5-4DACCE570C9F}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe (.not file.)
O87 - FAEL: "{741E0A35-F0F5-42E5-AFBF-64E8FC2AB83A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe (.not file.)
O87 - FAEL: "{36E62892-7D51-4AD6-9BE3-C1358384BD95}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe (.not file.)
O87 - FAEL: "{35A1851E-F2CC-488B-B8A0-C04323B3EF31}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe (.not file.)
O87 - FAEL: "{2D1FA8E6-5864-4A92-BBE5-81ECD0C14621}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe (.not file.)
O87 - FAEL: "{CF1AB1C4-7C3B-4D53-AD37-69BB249A7BEA}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe (.not file.)
O87 - FAEL: "TCP Query User{D4FD7031-4FEB-4056-9DB6-1B348878DE75}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe
O87 - FAEL: "UDP Query User{F406879D-98A6-4DC3-BA98-4C7F0DD5D85A}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe
O87 - FAEL: "TCP Query User{CFB9688B-3165-4574-8D0F-EDBFF8E85265}C:\program files\adsltv\adsltv.exe" | In - Private - P6 - TRUE | .(.adsl TV / FM - Pas de description.) -- C:\Program Files\adslTV\adsltv.exe
O87 - FAEL: "UDP Query User{436AEC8B-91CC-4CBA-A599-32A6B8F05363}C:\program files\adsltv\adsltv.exe" | In - Private - P17 - TRUE | .(.adsl TV / FM - Pas de description.) -- C:\Program Files\adslTV\adsltv.exe
O87 - FAEL: "TCP Query User{4A394492-5617-45CE-94E1-F26FCC9D4E97}C:\program files\virtualdj\virtualdj_home5.exe" | In - Private - P6 - TRUE | .(.Atomix Productions - VirtualDJ.) -- C:\Program Files\VirtualDJ\virtualdj_home5.exe
O87 - FAEL: "UDP Query User{404957D1-A2E7-4EA9-A566-D4C91A6CFD2C}C:\program files\virtualdj\virtualdj_home5.exe" | In - Private - P17 - TRUE | .(.Atomix Productions - VirtualDJ.) -- C:\Program Files\VirtualDJ\virtualdj_home5.exe
O87 - FAEL: "TCP Query User{56DD71BA-E0ED-4AB4-B5DC-D718A3802D71}C:\program files\tvuplayer\tvuplayer.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\tvuplayer\tvuplayer.exe (.not file.)
O87 - FAEL: "UDP Query User{D417DCEF-FFF0-4428-A573-5811FAE10600}C:\program files\tvuplayer\tvuplayer.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\tvuplayer\tvuplayer.exe (.not file.)
O87 - FAEL: "TCP Query User{26EBDD67-A922-45FB-B6F5-A1A2E4127795}C:\program files\xfire\xfire.exe" | In - Private - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files\Xfire\Xfire.exe
O87 - FAEL: "UDP Query User{1CDF047D-E4E3-42AC-BA1D-2AC3E946F109}C:\program files\xfire\xfire.exe" | In - Private - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files\Xfire\Xfire.exe
O87 - FAEL: "TCP Query User{1AFB5FFC-F51F-4FAA-B1E8-F8F656A26B55}C:\program files\sopcast\sopcast.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\sopcast\sopcast.exe (.not file.)
O87 - FAEL: "UDP Query User{F9D91DD7-288A-4726-BE93-52DFA87F6241}C:\program files\sopcast\sopcast.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\sopcast\sopcast.exe (.not file.)
O87 - FAEL: "TCP Query User{47F3F8C9-CDCB-4A42-B107-9A467BAB5C75}C:\program files\sopcast\adv\sopadver.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\sopcast\adv\sopadver.exe (.not file.)
O87 - FAEL: "UDP Query User{D67C1C58-8B4E-4FEF-AD60-6790D3F5A1D3}C:\program files\sopcast\adv\sopadver.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\sopcast\adv\sopadver.exe (.not file.)
O87 - FAEL: "{5AEC5AC3-ED61-44B7-BA45-D152ADEC9AE6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\baboinvasion\BaboInvasion.exe (.not file.)
O87 - FAEL: "{9E9663AA-B6D1-4F60-8F03-FA38E631BF56}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\baboinvasion\BaboInvasion.exe (.not file.)
O87 - FAEL: "{C5C7F22B-14FD-4391-A6CB-BE1B6EFB8D3F}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\piccolo69\counter-strike source\hl2.exe (.not file.)
O87 - FAEL: "{022490AD-4CF2-4852-A539-8FFAE31B9469}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\piccolo69\counter-strike source\hl2.exe (.not file.)
O87 - FAEL: "{020BAFE8-45E2-406C-9554-23D547D339F2}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{FBBD2A56-5FD5-451B-B441-47D778CDF48B}C:\program files\steam\steamapps\hay_killaz\source dedicated server\srcds.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\steam\steamapps\hay_killaz\source dedicated server\srcd
O87 - FAEL: "UDP Query User{05E74513-8E82-4D8E-84A8-F80E2DFA785F}C:\program files\steam\steamapps\hay_killaz\source dedicated server\srcds.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\steam\steamapps\hay_killaz\source dedicated server\src
O87 - FAEL: "{A29A30AA-3A19-4F90-85A3-1D029713EC69}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\hay_killaz\sourcesdk\bin\SDKLauncher.exe (.not file.)
O87 - FAEL: "{E93716D4-7AE4-4858-8DBC-042DCB75AFC5}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\hay_killaz\sourcesdk\bin\SDKLauncher.exe (.not file.)
O87 - FAEL: "TCP Query User{642FF46B-46DB-4170-9EF0-5F4DCD86CC71}C:\program files\mirc\mirc.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\mirc\mirc.exe (.not file.)
O87 - FAEL: "UDP Query User{D883D0B0-5CBB-4C99-A4C4-CE4BEED37EBE}C:\program files\mirc\mirc.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\mirc\mirc.exe (.not file.)
O87 - FAEL: "{9978E1DF-0C23-4D96-BB7B-08C76F90C64E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\alien swarm\srcds.exe (.not file.)
O87 - FAEL: "{2E5FB189-E466-4BB6-A6EC-5A4A169D493F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\alien swarm\srcds.exe (.not file.)
O87 - FAEL: "{AF10EE49-B5DF-4934-A3FE-29B15AE3AE1C}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\alien swarm\swarm.exe (.not file.)
O87 - FAEL: "{D17D8FA4-C72E-4D4F-90F7-1B3FB7C8B9A2}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\alien swarm\swarm.exe (.not file.)
O87 - FAEL: "{27BE580B-9BA4-4C2A-B770-003D056571AE}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\piccolo69\counter-strike\hl.exe (.not file.)
O87 - FAEL: "{E8CA8010-25C1-4AB2-8108-90A5FE7190CB}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\piccolo69\counter-strike\hl.exe (.not file.)
O87 - FAEL: "{A733A493-3741-4E4C-9C2B-31A641619726}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\muzapp.exe (.not file.)
O87 - FAEL: "{313083D2-162A-4558-855A-154D6B69B3DB}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\muzapp.exe (.not file.)
O87 - FAEL: "TCP Query User{F4051A64-304C-4190-9D3F-D1C2DD582328}C:\program files\zultrax p2p\zultrax.exe" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Zultrax P2P\Zultrax.exe
O87 - FAEL: "UDP Query User{D9930CBD-6D3F-4036-9E43-939658D45122}C:\program files\zultrax p2p\zultrax.exe" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Zultrax P2P\Zultrax.exe
O87 - FAEL: "TCP Query User{63C5DD48-E52E-4F07-8DDD-A66AA7EF66EC}C:\program files\limewire\limewire.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\limewire\limewire.exe (.not file.)
O87 - FAEL: "UDP Query User{34FF3C6F-0194-4BC0-92FE-6BAC862A0405}C:\program files\limewire\limewire.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\limewire\limewire.exe (.not file.)
O87 - FAEL: "{D3A9DF22-E2B8-45DF-AEFA-7A304F05D0E7}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O87 - FAEL: "{55A53F8A-462F-4FAF-BF13-688B0757281E}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O87 - FAEL: "{7C24A20F-22A9-472B-8B45-B5F6D8151E51}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\PnkBstrA.exe
O87 - FAEL: "{695C8A28-CD3F-4B23-813F-AE582F9B1329}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\PnkBstrA.exe
O87 - FAEL: "{3525A5DC-C36E-40BD-AA73-95897A0A397B}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\PnkBstrB.exe
O87 - FAEL: "{C5745B7E-6640-4026-83C6-5777EEC03136}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\PnkBstrB.exe
O87 - FAEL: "TCP Query User{C781FB88-97A7-4087-980E-C29C893BE418}C:\aeriagames\wolfteam-fr\launcher.exe" |In - Private - P6 - TRUE | .(...) -- C:\aeriagames\wolfteam-fr\launcher.exe (.not file.)
O87 - FAEL: "UDP Query User{1C5FE247-1ED1-455C-BE16-4631F34F94E1}C:\aeriagames\wolfteam-fr\launcher.exe" |In - Private - P17 - TRUE | .(...) -- C:\aeriagames\wolfteam-fr\launcher.exe (.not file.)
O87 - FAEL: "{B5F23A78-E984-4517-AF53-A609729B1F3A}" | In - Private - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Installer Application.) -- C:\Program Files\AVG\AVG10\avgmfapx.exe
O87 - FAEL: "{61AD247A-8014-4207-A186-7C11D7B8C54E}" | In - Private - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Installer Application.) -- C:\Program Files\AVG\AVG10\avgmfapx.exe
O87 - FAEL: "{3E8980E1-7850-446D-867A-3119B399E952}" |In - Private - P6 - TRUE | .(...) -- C:\World of Warcraft\Launcher.exe (.not file.)
O87 - FAEL: "{893B0AF4-E3B5-424F-A5B7-35F6DCABC2A0}" |In - Private - P17 - TRUE | .(...) -- C:\World of Warcraft\Launcher.exe (.not file.)
O87 - FAEL: "{2AB6E44A-43C5-47D8-9616-04B5B129ACF2}" |In - Private - P6 - TRUE | .(...) -- C:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe (.not file.)
O87 - FAEL: "{101B6D8C-05CA-4BB3-80FF-A06D5D29A825}" |In - Private - P17 - TRUE | .(...) -- C:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe (.not file.)
O87 - FAEL: "{422DE8C9-5F66-4C90-9573-CAEA9BF81EF2}" |In - Private - P6 - TRUE | .(...) -- C:\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "{E6ACE29E-17BC-42DD-B277-48E947A256A6}" |In - Private - P17 - TRUE | .(...) -- C:\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "TCP Query User{2D2FE979-1CFF-4120-AD26-F369F50205CB}C:\world of warcraft\backgrounddownloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\world of warcraft\backgrounddownloader.exe (.not file.)
O87 - FAEL: "UDP Query User{C5CE644A-B463-4841-9F4B-027B956FF9A1}C:\world of warcraft\backgrounddownloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\world of warcraft\backgrounddownloader.exe (.not file.)
O87 - FAEL: "{8B0299B1-C8A1-4893-B7A0-92C44A428109}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{3346E816-9040-4D5A-93D3-3C7EBD8F79B6}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{68A2F89C-87D0-4F85-BBD9-CBC1B79D43EF}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{C0385245-7B5B-4577-B99C-F7825B3F0C09}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\hay_killaz\counter-strike source\hl2.exe (.not file.)
O87 - FAEL: "{FBD75D25-1989-495B-A500-939CE9E555E3}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\hay_killaz\counter-strike source\hl2.exe (.not file.)
O87 - FAEL: "TCP Query User{0AED67C4-1779-4A6F-A8F2-5D7EC4A4B6E8}C:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe (.not file.)
O87 - FAEL: "UDP Query User{12E01AA3-A328-4136-90C5-8CC2A1E582AD}C:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe (.not file.)
O87 - FAEL: "{5E54C3A6-5BD6-458A-B0A7-A1B91225B0FA}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\World of Warcraft\Launcher.exe (.not file.)
O87 - FAEL: "{06511400-F1CB-4AD7-B154-255B2C357A9E}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\World of Warcraft\Launcher.exe (.not file.)
O87 - FAEL: "{F24174E8-6730-4818-86F3-B1D2620E3B76}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "{01839894-9CF5-49C6-95E2-A93EB82D67DF}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "TCP Query User{A71F8D8B-F1AD-40BE-AEA8-A03BEF705B35}C:\program files\world of warcraft\backgrounddownloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\world of warcraft\backgrounddownloader.exe (.not file.)
O87 - FAEL: "UDP Query User{7E9D8081-2C04-4A92-B56D-2B8B9CBAB59C}C:\program files\world of warcraft\backgrounddownloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\world of warcraft\backgrounddownloader.exe (.not file.)
O87 - FAEL: "TCP Query User{047974BB-180B-4D8F-92D7-1BEFF1D8147E}C:\program files\ea games\battlefield play4free\bfp4f.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\ea games\battlefield play4free\bfp4f.exe (.not file.)
O87 - FAEL: "UDP Query User{4870FB38-0DC6-4281-8ED2-085EECF8E1DD}C:\program files\ea games\battlefield play4free\bfp4f.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\ea games\battlefield play4free\bfp4f.exe (.not file.)
O87 - FAEL: "{D59DA5D5-7017-4C9B-982A-6A279776F601}" | In - Private - P6 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST(TM) Install Manager.) -- C:\Program Files\Steam\SteamApps\common\amd driver updater, vista and 7, 32 bit\Setup.exe
O87 - FAEL: "{72DD6434-4A62-4F0E-A7D3-473222AC0C01}" | In - Private - P17 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST(TM) Install Manager.) -- C:\Program Files\Steam\SteamApps\common\amd driver updater, vista and 7, 32 bit\Setup.exe
O87 - FAEL: "TCP Query User{73732620-4C39-4F71-8475-29563B70835B}C:\program files\steam\steamapps\viviou9494foook\counter-strike\hl.exe" | In - Public - P6 - TRUE | .(.Valve.) -- C:\Program Files\Steam\SteamApps\viviou9494foook\counter-strike\hl.exe
O87 - FAEL: "UDP Query User{AFB00C31-630C-4C2B-B021-AF8C1F74C2F5}C:\program files\steam\steamapps\viviou9494foook\counter-strike\hl.exe" | In - Public - P17 - TRUE | .(.Valve.) -- C:\Program Files\Steam\SteamApps\viviou9494foook\counter-strike\hl.exe
O87 - FAEL: "{A31EAED4-A8DC-40C1-AE70-34F971AA8025}" | In - Private - P6 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files\Steam\SteamApps\viviou9494foook\counter-strike\hl.exe
O87 - FAEL: "{CA959D0B-A7CB-432B-9411-8F152B950EB7}" | In - Private - P17 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files\Steam\SteamApps\viviou9494foook\counter-strike\hl.exe
O87 - FAEL: "{9C116CF0-9399-42B8-B115-16F042319AC4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\viviou9494foook\counter-strike source\hl2.exe (.not file.)
O87 - FAEL: "{0B604DB3-AFCA-46D4-AF14-36ECBD91C89A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\viviou9494foook\counter-strike source\hl2.exe (.not file.)
O87 - FAEL: "{94490E95-B6DF-4B96-95E3-83AADC6867F9}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
O87 - FAEL: "{2E7E2E00-5C03-437A-B7B5-07E08DD45B8E}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
O87 - FAEL: "{CC6733C9-65A7-435A-84E8-848F9895EFD0}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\viviou9494foook\day of defeat source\hl2.exe
O87 - FAEL: "{7CE492D0-1255-4437-824C-83DABEA03C10}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\viviou9494foook\day of defeat source\hl2.exe
O87 - FAEL: "{961A09FC-A982-471D-9DD4-0E7879735934}" | In - Private - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Diagnostics Utility.) -- C:\Program Files\AVG\AVG10\avgdiagex.exe
O87 - FAEL: "{C5254CF0-5D63-4A67-B9E3-E512E266884B}" | In - Private - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Diagnostics Utility.) -- C:\Program Files\AVG\AVG10\avgdiagex.exe
O87 - FAEL: "{CA08EC02-999A-4CEA-977B-7F4AEADC39FF}" | In - Private - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
O87 - FAEL: "{D33BDACF-58DF-4130-AB7E-3152A3057794}" | In - Private - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
O87 - FAEL: "{AA0F15AD-6D6E-44E4-8A87-B7F0689FD789}" | In - Private - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG E-mail Scanner.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
O87 - FAEL: "{22E874DF-7CFB-477A-959D-5D330199EB11}" | In - Private - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG E-mail Scanner.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
O87 - FAEL: "{69D15B49-9498-4085-A0B8-78C096C1C1AA}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Tonton Lorizzio\AppData\Local\Akamai\netsession_win.exe (.not file.)
O87 - FAEL: "{7D9F3334-8D84-4DC2-9FCE-C60FE2BFF56D}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Tonton Lorizzio\AppData\Local\Akamai\netsession_win.exe (.not file.)
~ Scan Firewall in 00mn 03s

---\\ Scan Additionnel (O88)
Database Version : 8905 - (18/12/2011)
Clés trouvées (Keys found) : 23
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 15
Fichiers trouvés (Files found) : 1

[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2304157] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar.CT2304157] =>Adware.Hotbar
[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}] =>Toolbar.SweetIM
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\OpenCandy NSIS SDK] =>Adware.OpenCandy
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Radio_Bar_1] =>Toolbar.Conduit
[HKLM\Software\Radio_Bar_1] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software] =>Trojan.FakeAlert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Software] =>Trojan.FakeAlert
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\\Messenger Plus!\OpenCandy] =>Adware.OpenCandy
[HKLM\Software\\Xfire\OpenCandy] =>Adware.OpenCandy
[HKLM\Software\Classes\Toolbar.CT2405725] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\ConduitEngine =>Toolbar.Conduit
C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent
C:\Program Files\Radio_Bar_1 =>Toolbar.Conduit
C:\Users\Tonton Lorizzio\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\Tonton Lorizzio\AppData\Local\OpenCandy =>Adware.OpenCandy
C:\Users\Tonton Lorizzio\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Tonton Lorizzio\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit
C:\Users\Tonton Lorizzio\AppData\LocalLow\Hotbar =>Adware.Hotbar
C:\Users\Tonton Lorizzio\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\Tonton Lorizzio\AppData\LocalLow\Radio_Bar_1 =>Toolbar.Conduit
C:\Users\Tonton Lorizzio\AppData\LocalLow\SweetIM =>Toolbar.SweetIM
C:\Users\Tonton Lorizzio\AppData\Local\Temp\OpenCandy =>Adware.OpenCandy
C:\Users\Tonton Lorizzio\AppData\Roaming\Mozilla\Firefox\Profiles\357ljhja.default\Conduit =>Toolbar.Conduit
C:\Users\Tonton Lorizzio\AppData\Roaming\Mozilla\Firefox\Profiles\357ljhja.default\SearchPlugins\conduit.xml =>Toolbar.Conduit
~ Scan Additionnel in 00mn 07s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 17/07/2011 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 14/06/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 27/09/2011 7390560 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
SR - | Auto 27/09/2011 269520 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG10\avgwdsvc.exe
SR - | Auto 14/06/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 27/12/2010 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 29/01/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 29/01/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 26/12/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 14/06/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 18/04/2011 1181328 | (Lavasoft Ad-Aware Service) . (.Lavasoft.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
SS - | Disabled 14/07/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 75136 | (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe
SR - | Auto 26/12/2009 275968 | (StarWindServiceAE) . (.Rocket Division Software.) - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
SS - | Demand 26/02/2011 411432 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 10s

---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Tonton Lorizzio at 20/12/2011 17:39:24

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x850BF1F8]<<
1 ntkrnlpa!IofCallDriver[0x82C74458] -> \Device\Harddisk0\DR0[0x85EDC030]
3 CLASSPNP[0x8958259E] -> ntkrnlpa!IofCallDriver[0x82C74458] -> [0x85D70938]
5 ACPI[0x833A93B2] -> ntkrnlpa!IofCallDriver[0x82C74458] -> \Device\Ide\IdeDeviceP2T0L0-2[0x85DF4318]
\Driver\atapi[0x85DE2338] -> IRP_MJ_CREATE -> 0x850BF1F8
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 02s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Tonton Lorizzio at 20/12/2011 17:39:26

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [691696]
~ Scan Emulateurs in 00mn 04s

End of the scan (2115 lines in 09mn 47s)(0)
0
Réponse 3 / 5
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
colle un rapport avec malwarebyte antimalware

et un rapport de suppression avec adwcleaner

http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner
0
Réponse 4 / 5
berdjinhokun Messages postés 7 Statut Membre
 
# AdwCleaner v1.402 - Rapport créé le 20/12/2011 à 19:19:07
# Mis à jour le 11/12/11 à 19h par Xplode
# Système d'exploitation : Windows 7 Ultimate (32 bits)
# Nom d'utilisateur : Tonton Lorizzio - TONTONLORIZZIO (Administrateur)
# Exécuté depuis : C:\Users\Tonton Lorizzio\Downloads\adwcleaner.exe
# Option [Suppression]

***** [Services] *****

***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\Roaming\OpenCandy
Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\Local\OpenCandy
Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\ConduitEngine
Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\Roaming\Mozilla\Firefox\Profiles\357ljhja.default\Conduit
Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\Roaming\Mozilla\Firefox\Profiles\357ljhja.default\ConduitCommon
Dossier Supprimé : C:\Users\Tonton Lorizzio\AppData\Roaming\Mozilla\Firefox\Profiles\357ljhja.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Fichier Supprimé : C:\Program Files\Windows live\messenger\msimg32.dll
Fichier Supprimé : C:\Users\Tonton Lorizzio\AppData\Roaming\Mozilla\Firefox\Profiles\357ljhja.default\searchplugins\Conduit.xml

***** [Registre] *****

[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2304157
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2405725
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\OpenCandy NSIS SDK
Clé Supprimée : HKLM\SOFTWARE\Messenger Plus!\OpenCandy
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v6.0.1 (fr)

Profil : 357ljhja.default
Fichier : C:\Users\Tonton Lorizzio\AppData\Roaming\Mozilla\Firefox\Profiles\357ljhja.default\prefs.js

Supprimée : user_pref("CT2269050..clientLogIsEnabled", false);
Supprimée : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Supprimée : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Supprimée : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Supprimée : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Supprimée : user_pref("CT2269050.AppTrackingLastCheckTime", "Tue Dec 20 2011 16:35:27 GMT+0100");
Supprimée : user_pref("CT2269050.BrowserCompStateIsOpen_1000515", true);
Supprimée : user_pref("CT2269050.BrowserCompStateIsOpen_129575150554007677", true);
Supprimée : user_pref("CT2269050.CT2269050", "CT2269050");
Supprimée : user_pref("CT2269050.CurrentServerDate", "20-12-2011");
Supprimée : user_pref("CT2269050.DialogsAlignMode", "LTR");
Supprimée : user_pref("CT2269050.DialogsGetterLastCheckTime", "Tue Dec 20 2011 16:16:00 GMT+0100");
Supprimée : user_pref("CT2269050.DownloadReferralCookieData", "");
Supprimée : user_pref("CT2269050.EMailNotifierPollDate", "Tue Dec 20 2011 17:53:50 GMT+0100");
Supprimée : user_pref("CT2269050.FirstServerDate", "29-6-2011");
Supprimée : user_pref("CT2269050.FirstTime", true);
Supprimée : user_pref("CT2269050.FirstTimeFF3", true);
Supprimée : user_pref("CT2269050.FixPageNotFoundErrors", true);
Supprimée : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Supprimée : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Supprimée : user_pref("CT2269050.HasUserGlobalKeys", true);
Supprimée : user_pref("CT2269050.HomePageProtectorEnabled", false);
Supprimée : user_pref("CT2269050.HomepageBeforeUnload", "hxxp://www.google.fr/");
Supprimée : user_pref("CT2269050.Initialize", true);
Supprimée : user_pref("CT2269050.InitializeCommonPrefs", true);
Supprimée : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Supprimée : user_pref("CT2269050.InstalledDate", "Wed Jun 29 2011 01:13:42 GMT+0200");
Supprimée : user_pref("CT2269050.InvalidateCache", false);
Supprimée : user_pref("CT2269050.IsAlertDBUpdated", true);
Supprimée : user_pref("CT2269050.IsGrouping", false);
Supprimée : user_pref("CT2269050.IsInitSetupIni", true);
Supprimée : user_pref("CT2269050.IsMulticommunity", false);
Supprimée : user_pref("CT2269050.IsOpenThankYouPage", true);
Supprimée : user_pref("CT2269050.IsOpenUninstallPage", true);
Supprimée : user_pref("CT2269050.IsProtectorsInit", true);
Supprimée : user_pref("CT2269050.LanguagePackLastCheckTime", "Tue Dec 20 2011 16:16:00 GMT+0100");
Supprimée : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Supprimée : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Supprimée : user_pref("CT2269050.LastLogin_3.5.0.12", "Mon Aug 15 2011 10:47:39 GMT+0200");
Supprimée : user_pref("CT2269050.LastLogin_3.6.0.10", "Tue Dec 20 2011 16:15:55 GMT+0100");
Supprimée : user_pref("CT2269050.LastLogin_3.8.1.0", "Tue Dec 20 2011 16:53:45 GMT+0100");
Supprimée : user_pref("CT2269050.LatestVersion", "3.8.1.0");
Supprimée : user_pref("CT2269050.Locale", "en");
Supprimée : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Supprimée : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Supprimée : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Supprimée : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Supprimée : user_pref("CT2269050.OriginalFirstVersion", "3.5.0.12");
Supprimée : user_pref("CT2269050.RadioIsPodcast", false);
Supprimée : user_pref("CT2269050.RadioLastCheckTime", "Tue Dec 20 2011 16:16:02 GMT+0100");
Supprimée : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Supprimée : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Supprimée : user_pref("CT2269050.RadioMediaID", "12473383");
Supprimée : user_pref("CT2269050.RadioMediaType", "Media Player");
Supprimée : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Supprimée : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Supprimée : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Supprimée : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Supprimée : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Supprimée : user_pref("CT2269050.SavedHomepage", "www.google.fr");
Supprimée : user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search");
Supprimée : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Supprimée : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Supprimée : user_pref("CT2269050.SearchInNewTabEnabled", true);
Supprimée : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Supprimée : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Tue Dec 20 2011 16:15:59 GMT+0100");
Supprimée : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Supprimée : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Supprimée : user_pref("CT2269050.SearchProtectorEnabled", true);
Supprimée : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Supprimée : user_pref("CT2269050.ServiceMapLastCheckTime", "Tue Dec 20 2011 16:15:58 GMT+0100");
Supprimée : user_pref("CT2269050.SettingsLastCheckTime", "Tue Dec 20 2011 16:15:50 GMT+0100");
Supprimée : user_pref("CT2269050.SettingsLastUpdate", "1314606801");
Supprimée : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Supprimée : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Tue Dec 20 2011 16:15:56 GMT+0100");
Supprimée : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1312887586");
Supprimée : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Supprimée : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Supprimée : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Supprimée : user_pref("CT2269050.UserID", "UN97003987111991512");
Supprimée : user_pref("CT2269050.ValidationData_Toolbar", 2);
Supprimée : user_pref("CT2269050.WeatherNetwork", "");
Supprimée : user_pref("CT2269050.WeatherPollDate", "Tue Dec 20 2011 17:53:52 GMT+0100");
Supprimée : user_pref("CT2269050.WeatherUnit", "C");
Supprimée : user_pref("CT2269050.alertChannelId", "666138");
Supprimée : user_pref("CT2269050.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e.:2z527", "247E70756B74757945473D3E3C3D3F3B224D4245327A342[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D6F6E706B6F727372");
Supprimée : user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737574767175787978242F4B4947[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#k@", "247E61393F236B25757674712A212C6E414F444D[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Supprimée : user_pref("CT2269050.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Supprimée : user_pref("CT2269050.backendstorage./9b-0?3g>d", "3C6A6B6A707443747A70464472207A777E79257A7D4F7D2A20[...]
Supprimée : user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
Supprimée : user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Supprimée : user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Supprimée : user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Supprimée : user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D464[...]
Supprimée : user_pref("CT2269050.backendstorage./9b5ba==9cjag", "6C3D6A716C4342447A7372497449744B787D202223");
Supprimée : user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6E706B6F727370777379");
Supprimée : user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
Supprimée : user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
Supprimée : user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
Supprimée : user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Supprimée : user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
Supprimée : user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Supprimée : user_pref("CT2269050.components.1000515", true);
Supprimée : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Supprimée : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Tue Dec 20 2011 16:16:00 GMT+0100");
Supprimée : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Supprimée : user_pref("CT2269050.initDone", true);
Supprimée : user_pref("CT2269050.isAppTrackingManagerOn", true);
Supprimée : user_pref("CT2269050.isFirstRadioInstallation", false);
Supprimée : user_pref("CT2269050.myStuffEnabled", true);
Supprimée : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Supprimée : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Supprimée : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Supprimée : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Supprimée : user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129391330693125668,129[...]
Supprimée : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Supprimée : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Supprimée : user_pref("CT2269050.testingCtid", "");
Supprimée : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Tue Dec 20 2011 16:16:00 GMT+0100");
Supprimée : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Tue Dec 20 2011 16:16:00 GMT+0100");
Supprimée : user_pref("CT2269050.usagesFlag", 2);
Supprimée : user_pref("CT2304157..clientLogIsEnabled", true);
Supprimée : user_pref("CT2304157..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Supprimée : user_pref("CT2304157..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Supprimée : user_pref("CT2304157.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Supprimée : user_pref("CT2304157.AppTrackingLastCheckTime", "Sun Sep 04 2011 00:07:16 GMT+0200");
Supprimée : user_pref("CT2304157.CTID", "CT2304157");
Supprimée : user_pref("CT2304157.CurrentServerDate", "27-9-2011");
Supprimée : user_pref("CT2304157.DialogsAlignMode", "LTR");
Supprimée : user_pref("CT2304157.DialogsGetterLastCheckTime", "Tue Dec 20 2011 16:15:59 GMT+0100");
Supprimée : user_pref("CT2304157.DownloadReferralCookieData", "");
Supprimée : user_pref("CT2304157.FeedLastCount129078895246717929", 50);
Supprimée : user_pref("CT2304157.FeedLastCount129095439763593837", 0);
Supprimée : user_pref("CT2304157.FeedPollDate129078895250311712", "Tue Dec 20 2011 17:07:24 GMT+0100");
Supprimée : user_pref("CT2304157.FeedPollDate129095439763593837", "Tue Dec 20 2011 17:53:51 GMT+0100");
Supprimée : user_pref("CT2304157.FeedPollDate129604942912022444", "Tue Dec 20 2011 17:53:51 GMT+0100");
Supprimée : user_pref("CT2304157.FeedTTL129078895250311712", 40);
Supprimée : user_pref("CT2304157.FirstServerDate", "8-3-2010");
Supprimée : user_pref("CT2304157.FirstTime", true);
Supprimée : user_pref("CT2304157.FirstTimeFF3", true);
Supprimée : user_pref("CT2304157.FirstTimeSettingsDone", true);
Supprimée : user_pref("CT2304157.GroupingServerCheckInterval", 1440);
Supprimée : user_pref("CT2304157.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Supprimée : user_pref("CT2304157.HasUserGlobalKeys", true);
Supprimée : user_pref("CT2304157.HomePageProtectorEnabled", false);
Supprimée : user_pref("CT2304157.Initialize", true);
Supprimée : user_pref("CT2304157.InitializeCommonPrefs", true);
Supprimée : user_pref("CT2304157.InstallationAndCookieDataSentCount", 3);
Supprimée : user_pref("CT2304157.InstalledDate", "Sun Mar 07 2010 22:24:03 GMT+0100");
Supprimée : user_pref("CT2304157.IsAlertDBUpdated", true);
Supprimée : user_pref("CT2304157.IsGrouping", false);
Supprimée : user_pref("CT2304157.IsMulticommunity", false);
Supprimée : user_pref("CT2304157.IsOpenThankYouPage", true);
Supprimée : user_pref("CT2304157.IsOpenUninstallPage", true);
Supprimée : user_pref("CT2304157.LanguagePackLastCheckTime", "Tue Dec 20 2011 16:15:59 GMT+0100");
Supprimée : user_pref("CT2304157.LanguagePackReloadIntervalMM", 1440);
Supprimée : user_pref("CT2304157.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Supprimée : user_pref("CT2304157.LastLogin_2.5.6.0", "Sat Aug 28 2010 16:22:23 GMT+0200");
Supprimée : user_pref("CT2304157.LastLogin_2.7.2.0", "Sat Apr 02 2011 15:25:19 GMT+0200");
Supprimée : user_pref("CT2304157.LastLogin_3.3.3.2", "Thu Jun 23 2011 17:20:24 GMT+0200");
Supprimée : user_pref("CT2304157.LastLogin_3.5.0.12", "Fri Aug 19 2011 00:50:02 GMT+0200");
Supprimée : user_pref("CT2304157.LastLogin_3.6.0.10", "Tue Dec 20 2011 16:15:58 GMT+0100");
Supprimée : user_pref("CT2304157.LatestVersion", "3.7.0.6");
Supprimée : user_pref("CT2304157.Locale", "en");
Supprimée : user_pref("CT2304157.LoginCache", 4);
Supprimée : user_pref("CT2304157.MCDetectTooltipHeight", "83");
Supprimée : user_pref("CT2304157.MCDetectTooltipShow", false);
Supprimée : user_pref("CT2304157.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Supprimée : user_pref("CT2304157.MCDetectTooltipWidth", "295");
Supprimée : user_pref("CT2304157.MyStuffEnabledAtInstallation", true);
Supprimée : user_pref("CT2304157.SHRINK_TOOLBAR", 1);
Supprimée : user_pref("CT2304157.SearchBoxWidth", 151);
Supprimée : user_pref("CT2304157.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Supprimée : user_pref("CT2304157.SearchEngineBeforeUnload", "AVG Secure Search");
Supprimée : user_pref("CT2304157.SearchFromAddressBarIsInit", true);
Supprimée : user_pref("CT2304157.SearchInNewTabEnabled", true);
Supprimée : user_pref("CT2304157.SearchInNewTabIntervalMM", 1440);
Supprimée : user_pref("CT2304157.SearchInNewTabLastCheckTime", "Tue Dec 20 2011 16:15:56 GMT+0100");
Supprimée : user_pref("CT2304157.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Supprimée : user_pref("CT2304157.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Supprimée : user_pref("CT2304157.SearchProtectorEnabled", false);
Supprimée : user_pref("CT2304157.SearchProtectorToolbarDisabled", false);
Supprimée : user_pref("CT2304157.ServiceMapLastCheckTime", "Tue Dec 20 2011 16:15:58 GMT+0100");
Supprimée : user_pref("CT2304157.SettingsCheckIntervalMin", 120);
Supprimée : user_pref("CT2304157.SettingsLastCheckTime", "Tue Dec 20 2011 16:15:53 GMT+0100");
Supprimée : user_pref("CT2304157.SettingsLastUpdate", "1316035582");
Supprimée : user_pref("CT2304157.ThirdPartyComponentsInterval", 504);
Supprimée : user_pref("CT2304157.ThirdPartyComponentsLastCheck", "Tue Dec 20 2011 16:15:53 GMT+0100");
Supprimée : user_pref("CT2304157.ThirdPartyComponentsLastUpdate", "1312887586");
Supprimée : user_pref("CT2304157.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2304157");
Supprimée : user_pref("CT2304157.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Supprimée : user_pref("CT2304157.UserID", "UN81628407441048366");
Supprimée : user_pref("CT2304157.ValidationData_Search", 2);
Supprimée : user_pref("CT2304157.ValidationData_Toolbar", 2);
Supprimée : user_pref("CT2304157.alertChannelId", "700614");
Supprimée : user_pref("CT2304157.approveUntrustedApps", false);
Supprimée : user_pref("CT2304157.backendstorage.2304157a129604967990223179000000paramsgk2", "7B22757064617465526[...]
Supprimée : user_pref("CT2304157.backendstorage.appbuttondisablenull", "30");
Supprimée : user_pref("CT2304157.backendstorage.eb_dailyactivity", "31323937383931353533323137");
Supprimée : user_pref("CT2304157.backendstorage.eb_lifetimesent", "54525545");
Supprimée : user_pref("CT2304157.backendstorage.onebaygkct2304157", "5361742044656320313120323031302030323A35353[...]
Supprimée : user_pref("CT2304157.clientLogIsEnabled", true);
Supprimée : user_pref("CT2304157.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Supprimée : user_pref("CT2304157.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Supprimée : user_pref("CT2304157.globalFirstTimeInfoLastCheckTime", "Tue Dec 20 2011 16:15:59 GMT+0100");
Supprimée : user_pref("CT2304157.homepageProtectorEnableByLogin", true);
Supprimée : user_pref("CT2304157.initDone", true);
Supprimée : user_pref("CT2304157.isAppTrackingManagerOn", true);
Supprimée : user_pref("CT2304157.myStuffEnabled", true);
Supprimée : user_pref("CT2304157.myStuffPublihserMinWidth", 400);
Supprimée : user_pref("CT2304157.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Supprimée : user_pref("CT2304157.myStuffServiceIntervalMM", 1440);
Supprimée : user_pref("CT2304157.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Supprimée : user_pref("CT2304157.oldAppsList", "128883653123969059,128883653123969060,111,128883659132094175,129[...]
Supprimée : user_pref("CT2304157.searchProtectorDialogDelayInSec", 10);
Supprimée : user_pref("CT2304157.searchProtectorEnableByLogin", true);
Supprimée : user_pref("CT2304157.testingCtid", "");
Supprimée : user_pref("CT2304157.toolbarAppMetaDataLastCheckTime", "Tue Dec 20 2011 16:15:59 GMT+0100");
Supprimée : user_pref("CT2304157.toolbarContextMenuLastCheckTime", "Tue Dec 20 2011 16:15:59 GMT+0100");
Supprimée : user_pref("CT2304157.undefined", "Mon Jul 18 2011 16:06:16 GMT+0200");
Supprimée : user_pref("CT2304157.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Supprimée : user_pref("CT2304157.usagesFlag", 2);
Supprimée : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...]
Supprimée : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/FR", "\"0\"")[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/700614/696475/FR", "\"0\"")[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2304157", [...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2304157",[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2269050&octid=[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2304157&octid=[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2304157/CT2304157[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21817319.xml", "\"d3b4fcd5d6601cf79c8[...]
Supprimée : user_pref("CommunityToolbar.EngineOwner", "");
Supprimée : user_pref("CommunityToolbar.EngineOwnerGuid", "{5e5ab302-7f65-44cd-8211-c1d4caaccea3}");
Supprimée : user_pref("CommunityToolbar.EngineOwnerToolbarId", "xfirexo");
Supprimée : user_pref("CommunityToolbar.IsEngineShown", true);
Supprimée : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Supprimée : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Tonton Lorizzio\\AppData\\Roaming\\[...]
Supprimée : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
Supprimée : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Supprimée : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2304157");
Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{5e5ab302-7f65-44cd-8211-c1d4caaccea3}");
Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "xfirexo");
Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2304157,CT2269050");
Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT2304157,CT2269050");
Supprimée : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Supprimée : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 14:50:40 GMT+02[...]
Supprimée : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Supprimée : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 21 2011 18:05:29 GMT+0200");
Supprimée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.locale", "en");
Supprimée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Supprimée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 20:51:42 GMT+0200");
Supprimée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Supprimée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Supprimée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Supprimée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Supprimée : user_pref("CommunityToolbar.alert.userId", "{3d63bc51-34e4-48cf-adc7-e23b191c098b}");
Supprimée : user_pref("CommunityToolbar.globalUserId", "dbbb087d-02cf-4e87-8fd1-f1eb10257841");
Supprimée : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Supprimée : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Supprimée : user_pref("CommunityToolbar.killedEngine", true);
Supprimée : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Dec 20 2011 16:16:0[...]
Supprimée : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Supprimée : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Supprimée : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Dec 20 2011 17:16:05 GMT+010[...]
Supprimée : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("CommunityToolbar.notifications.locale", "en");
Supprimée : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Supprimée : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Dec 20 2011 16:32:38 GMT+0100");
Supprimée : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Supprimée : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Supprimée : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Supprimée : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Supprimée : user_pref("CommunityToolbar.notifications.userId", "4b8e6c25-73cd-44d2-a4ef-d51070aec97e");
Supprimée : user_pref("CommunityToolbar.twitter.user_21817319.LastCheckTime", "Tue Dec 20 2011 16:16:01 GMT+0100[...]
Supprimée : user_pref("CommunityToolbar.undefined", "");
Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea[...]

-\\ Google Chrome v16.0.912.63

Fichier : C:\Users\Tonton Lorizzio\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée : "path": "C:\\Users\\Tonton Lorizzio\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D[...]

*************************

AdwCleaner[S1].txt - [34009 octets] - [20/12/2011 19:19:07]

*************************

Dossier Temporaire : 1116 dossier(s)et 2795 fichier(s) supprimés

########## EOF - C:\AdwCleaner[S1].txt - [34235 octets] ##########
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
le rapport malwarebyte?
0