VIRUS XP ANTISPYWARE 2009 Résolu

Question

Bonjour à tous!! 

Jai VRAIMENT BESOIN DE VOTRE AIDE !! Je me suis faite avoir par XP Antispyware 2009 qui c'est installé dans mn ordinateur et me rend completement dingue!!! Impossibe de l'effacer et je commencer vraiment a paniquer pcq ce n'et pa mon ordinateur!! Jai besoin d'aide je vou en suppli! Jai téléchargé smit fraud fix et voici le rapport 

SmitFraudFix v2.358 

Scan done at 17:07:14,20, 11/10/2008 
Run from C:\Documents and Settings\Ibanez Nathalie\Desktop\SmitfraudFix 
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT 
The filesystem type is NTFS 
Fix run in normal mode 

»»»»»»»»»»»»»»»»»»»»»»»» Process 

C:\WINDOWS\System32\smss.exe 
C:\WINDOWS\system32\winlogon.exe 
C:\WINDOWS\system32\services.exe 
C:\WINDOWS\system32\lsass.exe 
C:\WINDOWS\system32\Ati2evxx.exe 
C:\WINDOWS\system32\svchost.exe 
C:\WINDOWS\System32\svchost.exe 
C:\WINDOWS\system32\S24EvMon.exe 
C:\WINDOWS\system32\spoolsv.exe 
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe 
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe 
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe 
C:\Program Files\NewDotNet
nrun.exe 
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe 
C:\WINDOWS\Explorer.EXE 
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe 
C:\WINDOWS\system32\RegSrvc.exe 
C:\WINDOWS\system32\svchost.exe 
C:\Program Files\Inventel\Gateway\wlancfg.exe 
C:\Program Files\NewDotNet
nrun.exe 
C:\Program Files\Canon\CAL\CALMAIN.exe 
C:\Documents and Settings\All Users\Application Data\bkdengnm\lizivopi.exe 
C:\WINDOWS\AGRSMMSG.exe 
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe 
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
C:\Program Files\Battery miser\batterymiser.exe 
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe 
C:\Program Files\On Screen Display\Hotkey.exe 
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe 
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe 
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE 
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe 
C:\Program Files\webHancer\Programs\whagent.exe 
C:\Program Files\QuickTime\qttask.exe 
C:\Program Files\iTunes\iTunesHelper.exe 
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe 
C:\WINDOWS\TPPALDR.EXE 
C:\Program Files\TF1Vision\TF1vision.exe 
C:\Program Files\Zango\bin\10.3.75.0\OEAddOn.exe 
C:\Program Files\Zango\bin\10.3.75.0\ZangoSA.exe 
C:\Program Files\IP Operator\IPOperator.exe 
C:\WINDOWS\system32\ctfmon.exe 
C:\PROGRA~1\MICROS~3\wcescomm.exe 
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­ 
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe 
C:\Program Files\Zango\bin\10.3.75.0\Weather.exe 
C:\WINDOWS\system32
mfkdmvc.exe 
C:\Program Files\iPod\bin\iPodService.exe 
C:\PROGRA~1\MICROS~3apimgr.exe 
C:\Program Files\MSN Messenger\msnmsgr.exe 
C:\WINDOWS\system32\wuauclt.exe 
C:\Program Files\MSN Messenger\usnsvc.exe 
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe 
C:\WINDOWS\System32\svchost.exe 
C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe 
C:\Program Files\Internet Explorer\iexplore.exe 
C:\Program Files\Zango\bin\10.3.75.0\Srv.exe 
C:\Documents and Settings\Ibanez Nathalie\Desktop\SmitfraudFix\Policies.exe 
C:\WINDOWS\system32\cmd.exe 

»»»»»»»»»»»»»»»»»»»»»»»» hosts 


»»»»»»»»»»»»»»»»»»»»»»»» C:\ 


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS 


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system 


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web 


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 

C:\WINDOWS\system32\_scui.cpl FOUND ! 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles 


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Ibanez Nathalie 


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Ibanez Nathalie\Application Data 


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu 


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\IBANEZ~1\FAVORI~1 


»»»»»»»»»»»»»»»»»»»»»»»» Desktop 


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 

C:\Program Files\akl\ FOUND ! 

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys 


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] 
"Source"="About:Home" 
"SubscribedURL"="About:Home" 
"FriendlyName"="My Current Home Page" 


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch 
!!!Attention, following keys are not inevitably infected!!! 

o4Patch 
Credits: Malware Analysis & Diagnostic 
Code: S!Ri 



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix 
!!!Attention, following keys are not inevitably infected!!! 

IEDFix 
Credits: Malware Analysis & Diagnostic 
Code: S!Ri 



»»»»»»»»»»»»»»»»»»»»»»»» VACFix 
!!!Attention, following keys are not inevitably infected!!! 

VACFix 
Credits: Malware Analysis & Diagnostic 
Code: S!Ri 


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix 
!!!Attention, following keys are not inevitably infected!!! 

404Fix 
Credits: Malware Analysis & Diagnostic 
Code: S!Ri 


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix 
!!!Attention, following keys are not inevitably infected!!! 

AntiXPVSTFix 
Credits: Malware Analysis & Diagnostic 
Code: S!Ri 



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler 
!!!Attention, following keys are not inevitably infected!!! 

SrchSTS.exe by S!Ri 
Search SharedTaskScheduler's .dll 


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs 
!!!Attention, following keys are not inevitably infected!!! 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"="karna.dat" 


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon 
!!!Attention, following keys are not inevitably infected!!! 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 
"Userinit"="C:\WINDOWS\system32\userinit.exe," 
"System"="" 


»»»»»»»»»»»»»»»»»»»»»»»» RK 

C:\WINDOWS\system32\drivers\beep.sys infected ! 


»»»»»»»»»»»»»»»»»»»»»»»» DNS 

HKLM\SYSTEM\CS3\Services\Tcpip\..\{0FA4E2E0-52EB-444A-9A69-09FB3426A3D8}: DhcpNameServer=192.168.1.1 
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection 


»»»»»»»»»»»»»»»»»»»»»»»» End 



MERCI MERCI MILLES FOIS AVANCE DE M'AIDER ET DE ME DIRE QUELLE EST L ETAPE SUIVANTE !!! 

Lélie

toptitbal · Answer

Bonjour

Redémarre l'ordinateur en mode sans échec . 

Comment aller en Mode sans échec 
1) Redémarre ton ordi 
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" 
3) Tu verras un écran avec options de démarrage apparaître 
4) Choisis la première option : Sans Échec, et valide avec "Entrée" 
5) Choisis ton compte habituel, et non Administrateur (si besoin ... ) 
( ps : n'oublie pas, en mode sans échec, pas de connexion ! Donc copie ou imprime bien les info ci-dessous ...) 

*Double click sur SmitfraudFix.exe 

* Sélectionne 2 et presse "Entrée" dans le menu pour supprimer les fichiers responsables de l'infection. 

* A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et presser Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection. 

( Le correctif déterminera si le fichier wininet.dll est infecté.) 

* A la question: "Corriger le fichier infecté ?" répondre O (oui) et presser Entrée 
pour remplacer le fichier corrompu. 

* Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage ( sinon fais le manuellement ) 

Le rapport se trouve à la racine de C\: 
(dans le fichier "rapport.txt") 

Poste  ce dernier rapport

Lelie · Answer

Tout d'abord, merci bcp d'avoir répondu aussi rapidement ! J'appreci bcp votre aide.

j'ai effectuée  les opérations que vos m'aviez décrites et après avoir redemarrer mon ordinateur, le virus est toujours là.

Voici le rapport 
SmitFraudFix v2.358

Scan done at 17:09:42,28, 13/10/2008
Run from C:\Documents and Settings\Ibanez Nathalie\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1       localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\_scui.cpl Deleted
C:\Program Files\akl\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{0FA4E2E0-52EB-444A-9A69-09FB3426A3D8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0FA4E2E0-52EB-444A-9A69-09FB3426A3D8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0FA4E2E0-52EB-444A-9A69-09FB3426A3D8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
 
Registry Cleaning done. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End

Que faire mnt ?

Merci

Lélie

toptitbal · Answer

Fais un Hijackthis :

Télécharge le fichier d’installation d’Hijackthis en cliquant sur ce lien 

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

* Enregistre HJTInstall.exe sur ton bureau. 

* Double-clique sur HJTInstall.exe pour lancer le programme

Tuto : https://www.malekal.com/tutoriel-hijackthis/
	http://pagesperso-orange.fr/rginformatique/section%20virus/Hijenr.gif
	http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm

* Accepte la license en cliquant sur le bouton "I Accept"
* Choisis l'option "Do a system scan and save a log file"
* Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
* Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

* Colle le rapport que tu viens de copier sur ce forum

Lelie · Answer

Voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:37:26, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\NewDotNet
nrun.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\NewDotNet
nrun.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Documents and Settings\All Users\Application Data\bkdengnm\lizivopi.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Battery miser\batterymiser.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\On Screen Display\Hotkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\webHancer\Programs\whagent.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\TPPALDR.EXE
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Zango\bin\10.3.75.0\OEAddOn.exe
C:\Program Files\Zango\bin\10.3.75.0\ZangoSA.exe
C:\Program Files\IP Operator\IPOperator.exe
C:\WINDOWS\system32\brastk.exe
C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~3\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Zango\bin\10.3.75.0\Weather.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MICROS~3apimgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Zango\bin\10.3.75.0\Srv.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Ibanez Nathalie\Desktop\HiJackThis.exe

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.75.0\HostIE.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [batterymiser] C:\Program Files\Battery miser\batterymiser.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\On Screen Display\Hotkey.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Program Files\webHancer\Programs\whsurvey.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.75.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.75.0\ZangoSA.exe"
O4 - HKLM\..\Run: [brastk] brastk.exe
O4 - HKLM\..\Run: [XP Antispyware 2009] "C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe" /hide
O4 - HKLM\..\Run: [IPOperator] "C:\Program Files\IP Operator\IPOperator.exe" -aUtOsTaRtFrOmReG
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.75.0\Weather.exe" -auto
O4 - HKCU\..\Run: [admuichk] C:\WINDOWS\system32
mfkdmvc.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - HKLM\..\Policies\Explorer\Run: [Z0mY7LTE5N] C:\Documents and Settings\All Users\Application Data\bkdengnm\lizivopi.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=zuzeb004YYFR_ZCxdm343YYFR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://alie5.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {A7ECD556-D6F6-4F41-8C6B-14AB246801A0} (Secure Delivery) - http://kdx.kontiki.com/kdx/Client403/kdx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - AppInit_DLLs: karna.dat
O21 - SSODL: appendsc - {2E5A65BB-B055-C0DD-0118-09975F2EE086} - C:\Program Files\uqbjlwd\appendsc.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NNServ - New.net, Inc. - C:\Program Files\NewDotNet
nrun.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

Lelie · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:37:26, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\NewDotNet
nrun.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\NewDotNet
nrun.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Documents and Settings\All Users\Application Data\bkdengnm\lizivopi.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Battery miser\batterymiser.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\On Screen Display\Hotkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\webHancer\Programs\whagent.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\TPPALDR.EXE
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Zango\bin\10.3.75.0\OEAddOn.exe
C:\Program Files\Zango\bin\10.3.75.0\ZangoSA.exe
C:\Program Files\IP Operator\IPOperator.exe
C:\WINDOWS\system32\brastk.exe
C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~3\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Zango\bin\10.3.75.0\Weather.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MICROS~3apimgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Zango\bin\10.3.75.0\Srv.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Ibanez Nathalie\Desktop\HiJackThis.exe

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.75.0\HostIE.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [batterymiser] C:\Program Files\Battery miser\batterymiser.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\On Screen Display\Hotkey.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Program Files\webHancer\Programs\whsurvey.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.75.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.75.0\ZangoSA.exe"
O4 - HKLM\..\Run: [brastk] brastk.exe
O4 - HKLM\..\Run: [XP Antispyware 2009] "C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe" /hide
O4 - HKLM\..\Run: [IPOperator] "C:\Program Files\IP Operator\IPOperator.exe" -aUtOsTaRtFrOmReG
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.75.0\Weather.exe" -auto
O4 - HKCU\..\Run: [admuichk] C:\WINDOWS\system32
mfkdmvc.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - HKLM\..\Policies\Explorer\Run: [Z0mY7LTE5N] C:\Documents and Settings\All Users\Application Data\bkdengnm\lizivopi.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=zuzeb004YYFR_ZCxdm343YYFR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://alie5.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {A7ECD556-D6F6-4F41-8C6B-14AB246801A0} (Secure Delivery) - http://kdx.kontiki.com/kdx/Client403/kdx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - AppInit_DLLs: karna.dat
O21 - SSODL: appendsc - {2E5A65BB-B055-C0DD-0118-09975F2EE086} - C:\Program Files\uqbjlwd\appendsc.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NNServ - New.net, Inc. - C:\Program Files\NewDotNet
nrun.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

toptitbal · Answer

Ouille !
Tu m'étonne qu'il y ait encore des problèmes...
C'est un bouillon de culture ton ordinateur ;-)
Je vais chercher du renfort...

Lelie · Answer

Ah.... merde ! Ben merci beaucoup d'aller chercher du renfort, comme je le disais precedemment ce n'est meme pas mon ordi donc je dois reparer ca le plus vite possible je suis un peu desespérée... Donc merci bcp!

Destrio5 · Answer

Salut à vous deux,

---> Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

Lelie · Answer

-----------\  ToolBar S&D 1.2.2   XP/Vista

   Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free :         Intel(R) Pentium(R) M processor 1.80GHz )
   BIOS : Phoenix NoteBIOS 4.0 Release 6.0     
   USER : Ibanez Nathalie ( Administrator )
   BOOT : Normal boot
   Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
   C:\ (Local Disk) - NTFS - Total : 55 Go Free : 5 Go
   D:\ (CD or DVD)

   "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
   Option : [1] ( 13/10/2008|18:02 )

   -----------\  Recherche de Fichiers / Dossiers ...

   C:\Program Files\FunWebProducts
   C:\Program Files\FunWebProducts\ScreenSaver
   C:\Program Files\FunWebProducts\Shared
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@avatar.hotbar[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@contentcatalog.hotbar[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@hotbar[2].txt
   C:\Program Files\MyWebSearch
   C:\Program Files\MyWebSearch\bar
   C:\Program Files\MyWebSearch\SrchAstt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@mywebsearch[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@cs.shopperreports[2].txt
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\ShoppingReport
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\ShoppingReport\cs
   C:\Program Files\ShoppingReport
   C:\Program Files\ShoppingReport\Bin
   C:\Program Files\ShoppingReport\Uninst.exe
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA\Weather
   C:\Program Files\Common Files\WhenU
   C:\Program Files\Common Files\WhenU\UControlScanAndRemove.ocx
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango\IESkins
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango\v3.0
   C:\Program Files\Zango
   C:\Program Files\Zango\bin
   C:\WINDOWS\Prefetch\ZANGOSA.EXE-34449957.pf
   C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Zango
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@hosted.zango[2].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@www.zango[1].txt
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
   C:\WINDOWS\System32\f3PSSavr.scr
   C:\Program Files\MSN Messengeriched20.dll
   C:\DOCUME~1\IBANEZ~1\LOCALS~1\Temp\ICD1.tmp

Destrio5 · Answer

Le rapport est incomplet.

Lelie · Answer

ah bon ? Je ressaye de suite

Lelie · Answer

-----------\  ToolBar S&D 1.2.2   XP/Vista

   Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free :         Intel(R) Pentium(R) M processor 1.80GHz )
   BIOS : Phoenix NoteBIOS 4.0 Release 6.0     
   USER : Ibanez Nathalie ( Administrator )
   BOOT : Normal boot
   Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
   C:\ (Local Disk) - NTFS - Total : 55 Go Free : 5 Go
   D:\ (CD or DVD)

   "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
   Option : [1] ( 13/10/2008|18:07 )

   -----------\  Recherche de Fichiers / Dossiers ...

   C:\Program Files\FunWebProducts
   C:\Program Files\FunWebProducts\ScreenSaver
   C:\Program Files\FunWebProducts\Shared
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@avatar.hotbar[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@contentcatalog.hotbar[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@hotbar[2].txt
   C:\Program Files\MyWebSearch
   C:\Program Files\MyWebSearch\bar
   C:\Program Files\MyWebSearch\SrchAstt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@mywebsearch[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@cs.shopperreports[2].txt
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\ShoppingReport
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\ShoppingReport\cs
   C:\Program Files\ShoppingReport
   C:\Program Files\ShoppingReport\Bin
   C:\Program Files\ShoppingReport\Uninst.exe
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA\Weather
   C:\Program Files\Common Files\WhenU
   C:\Program Files\Common Files\WhenU\UControlScanAndRemove.ocx
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango\IESkins
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango\v3.0
   C:\Program Files\Zango
   C:\Program Files\Zango\bin
   C:\WINDOWS\Prefetch\ZANGOSA.EXE-34449957.pf
   C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Zango
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@hosted.zango[2].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@www.zango[1].txt
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
   C:\WINDOWS\System32\f3PSSavr.scr
   C:\Program Files\MSN Messengeriched20.dll
   C:\DOCUME~1\IBANEZ~1\LOCALS~1\Temp\ICD1.tmp

   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="C:\windows\system32\blank.htm"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "Start Page"="https://www.google.com/?gws_rd=ssl"
   "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
   "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
   "Url"="http://www.microsoft.com/atwork/community/rss.xml"
   "Url"="http://www.microsoft.com/athome/community/rss.xml"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
   "Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "Local Page"="C:\windows\system32\blank.htm"
   "Start Page"="https://www.google.com/?gws_rd=ssl"


   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 1 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 1 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 2 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 2 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 5 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 5 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 6 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 6 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\My Documents\Font collection\C-D\Crackh60.pfb
   C:\DOCUME~1\IBANEZ~1\My Documents\Font collection\C-D\pfm\Crackh60.pfm



   1 - "C:\ToolBar SD\TB_1.txt" - 13/10/2008|18:08 - Option : [1]

   -----------\  Fin du rapport a 18:08:35,93

Destrio5 · Answer

---> Relance ToolBar S&D, fais l'option 2 et poste le rapport.

Lelie · Answer

Est ce que je risque de perdre mes fichiers de mon ordinateurs ??

Destrio5 · Answer

Non.

Lelie · Answer

-----------\  ToolBar S&D 1.2.2   XP/Vista

   Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free :         Intel(R) Pentium(R) M processor 1.80GHz )
   BIOS : Phoenix NoteBIOS 4.0 Release 6.0     
   USER : Ibanez Nathalie ( Administrator )
   BOOT : Normal boot
   Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
   C:\ (Local Disk) - NTFS - Total : 55 Go Free : 5 Go
   D:\ (CD or DVD)

   "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
   Option : [1] ( 13/10/2008|18:07 )

   -----------\  Recherche de Fichiers / Dossiers ...

   C:\Program Files\FunWebProducts
   C:\Program Files\FunWebProducts\ScreenSaver
   C:\Program Files\FunWebProducts\Shared
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@avatar.hotbar[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@contentcatalog.hotbar[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@hotbar[2].txt
   C:\Program Files\MyWebSearch
   C:\Program Files\MyWebSearch\bar
   C:\Program Files\MyWebSearch\SrchAstt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@mywebsearch[1].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@cs.shopperreports[2].txt
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\ShoppingReport
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\ShoppingReport\cs
   C:\Program Files\ShoppingReport
   C:\Program Files\ShoppingReport\Bin
   C:\Program Files\ShoppingReport\Uninst.exe
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA\Weather
   C:\Program Files\Common Files\WhenU
   C:\Program Files\Common Files\WhenU\UControlScanAndRemove.ocx
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango\IESkins
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango\v3.0
   C:\Program Files\Zango
   C:\Program Files\Zango\bin
   C:\WINDOWS\Prefetch\ZANGOSA.EXE-34449957.pf
   C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Zango
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@hosted.zango[2].txt
   C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@www.zango[1].txt
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
   C:\WINDOWS\System32\f3PSSavr.scr
   C:\Program Files\MSN Messengeriched20.dll
   C:\DOCUME~1\IBANEZ~1\LOCALS~1\Temp\ICD1.tmp

   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="C:\windows\system32\blank.htm"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "Start Page"="https://www.google.com/?gws_rd=ssl"
   "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
   "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
   "Url"="http://www.microsoft.com/atwork/community/rss.xml"
   "Url"="http://www.microsoft.com/athome/community/rss.xml"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
   "Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "Local Page"="C:\windows\system32\blank.htm"
   "Start Page"="https://www.google.com/?gws_rd=ssl"


   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 1 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 1 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 2 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 2 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 5 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 5 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 6 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 6 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\My Documents\Font collection\C-D\Crackh60.pfb
   C:\DOCUME~1\IBANEZ~1\My Documents\Font collection\C-D\pfm\Crackh60.pfm



   1 - "C:\ToolBar SD\TB_1.txt" - 13/10/2008|18:08 - Option : [1]

   -----------\  Fin du rapport a 18:08:35,93


   -----------\  ToolBar S&D 1.2.2   XP/Vista

   Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free :         Intel(R) Pentium(R) M processor 1.80GHz )
   BIOS : Phoenix NoteBIOS 4.0 Release 6.0     
   USER : Ibanez Nathalie ( Administrator )
   BOOT : Normal boot
   Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
   C:\ (Local Disk) - NTFS - Total : 55 Go Free : 5 Go
   D:\ (CD or DVD)

   "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
   Option : [2] ( 13/10/2008|18:16 )

   -----------\ SUPPRESSION

   Supprime! - C:\Program Files\FunWebProducts\ScreenSaver
   Supprime! - C:\Program Files\FunWebProducts\Shared
   Supprime! - C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@avatar.hotbar[1].txt
   Supprime! - C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@hotbar[2].txt
   Echec   ! - C:\Program Files\MyWebSearch\bar
   Supprime! - C:\Program Files\MyWebSearch\SrchAstt
   Supprime! - C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@mywebsearch[1].txt
   Supprime! - C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@cs.shopperreports[2].txt
   Supprime! - C:\DOCUME~1\IBANEZ~1\APPLIC~1\ShoppingReport\cs
   Supprime! - C:\Program Files\ShoppingReport\Bin
   Supprime! - C:\Program Files\ShoppingReport\Uninst.exe
   Supprime! - C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA\Weather
   Supprime! - C:\Program Files\Common Files\WhenU\UControlScanAndRemove.ocx
   Supprime! - C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango\IESkins
   Supprime! - C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango\v3.0
   Echec   ! - C:\Program Files\Zango\bin
   Supprime! - C:\WINDOWS\Prefetch\ZANGOSA.EXE-34449957.pf
   Supprime! - C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Zango
   Supprime! - C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@hosted.zango[2].txt
   Supprime! - C:\DOCUME~1\IBANEZ~1\Cookies\ibanez_nathalie@www.zango[1].txt
   Supprime! - C:\WINDOWS\System32\f3PSSavr.scr
   Supprime! - C:\Program Files\MSN Messengeriched20.dll
   Supprime! - C:\DOCUME~1\IBANEZ~1\LOCALS~1\Temp\ICD1.tmp
   Supprime! - C:\Program Files\FunWebProducts
   Echec   ! - C:\Program Files\MyWebSearch
   Supprime! - C:\DOCUME~1\IBANEZ~1\APPLIC~1\ShoppingReport
   Supprime! - C:\Program Files\ShoppingReport
   Supprime! - C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA
   Supprime! - C:\Program Files\Common Files\WhenU
   Supprime! - C:\DOCUME~1\IBANEZ~1\APPLIC~1\Zango
   Echec   ! - C:\Program Files\Zango
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

   -----------\ DEUXIEME PASSAGE
 
   Echec   ! - C:\Program Files\MyWebSearch\bar
   Echec   ! - C:\Program Files\Zango\bin
   Echec   ! - C:\Program Files\MyWebSearch
   Echec   ! - C:\Program Files\Zango

   -----------\  Recherche de Fichiers / Dossiers ...

   C:\Program Files\MyWebSearch
   C:\Program Files\MyWebSearch\bar
   C:\Program Files\Zango
   C:\Program Files\Zango\bin

   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="C:\windows\system32\blank.htm"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "Start Page"="https://www.google.com/?gws_rd=ssl"
   "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
   "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
   "Url"="http://www.microsoft.com/atwork/community/rss.xml"
   "Url"="http://www.microsoft.com/athome/community/rss.xml"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
   "Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "Local Page"="C:\windows\system32\blank.htm"
   "Start Page"="https://www.msn.com/fr-fr/"


   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 1 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 1 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 2 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 2 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 5 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 5 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 6 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 6 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\My Documents\Font collection\C-D\Crackh60.pfb
   C:\DOCUME~1\IBANEZ~1\My Documents\Font collection\C-D\pfm\Crackh60.pfm



   1 - "C:\ToolBar SD\TB_1.txt" - 13/10/2008|18:08 - Option : [1]
   2 - "C:\ToolBar SD\TB_2.txt" - 13/10/2008|18:18 - Option : [2]

   -----------\  Fin du rapport a 18:18:21,49

Destrio5 · Answer

Ok, fais l'option 2 de ToolBar S&D mais en mode sans échec :
https://blog.sosordi.net/

^^Marie^^ · Answer

.../...
)))

Lelie · Answer

-----------\  ToolBar S&D 1.2.2   XP/Vista

   Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free :         Intel(R) Pentium(R) M processor 1.80GHz )
   BIOS : Phoenix NoteBIOS 4.0 Release 6.0     
   USER : Ibanez Nathalie ( Administrator )
   BOOT : Fail-safe boot
   Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
   C:\ (Local Disk) - NTFS - Total : 55 Go Free : 5 Go
   D:\ (CD or DVD)

   "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
   Option : [2] ( 13/10/2008|18:42 )

   -----------\ SUPPRESSION

   Supprime! - C:\Program Files\MyWebSearch\bar
   Supprime! - C:\Program Files\Zango\bin
   Supprime! - C:\Program Files\MyWebSearch
   Supprime! - C:\Program Files\Zango

   -----------\  Recherche de Fichiers / Dossiers ...

   C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA
   C:\DOCUME~1\IBANEZ~1\APPLIC~1\WeatherDPA\Weather

   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="C:\windows\system32\blank.htm"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "Start Page"="https://www.google.com/?gws_rd=ssl"
   "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
   "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
   "Url"="http://www.microsoft.com/atwork/community/rss.xml"
   "Url"="http://www.microsoft.com/athome/community/rss.xml"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
   "Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "Local Page"="C:\windows\system32\blank.htm"
   "Start Page"="https://www.msn.com/fr-fr/"


   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 1 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 1 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 16 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 17 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 2 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 2 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 3 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 4 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 5 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 5 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 6 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 6 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 8 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\adobelm.dll
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack\lisezmoi.txt
   C:\DOCUME~1\IBANEZ~1\Local Settings\Temp\Temporary Directory 9 for Adobe Photoshop CS v.8.01 (version originale fran‡aise)  - fonctionnel - 14 jan 2004.zip\crack	w10122.dat
   C:\DOCUME~1\IBANEZ~1\My Documents\Font collection\C-D\Crackh60.pfb
   C:\DOCUME~1\IBANEZ~1\My Documents\Font collection\C-D\pfm\Crackh60.pfm



   1 - "C:\ToolBar SD\TB_1.txt" - 13/10/2008|18:08 - Option : [1]
   2 - "C:\ToolBar SD\TB_2.txt" - 13/10/2008|18:18 - Option : [2]
   3 - "C:\ToolBar SD\TB_3.txt" - 13/10/2008|18:46 - Option : [2]

   -----------\  Fin du rapport a 18:46:17,62

Destrio5 · Answer

* Télécharge SDFix (par Andy Manchesta) et sauvegarde-le sur ton bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

* Double-clique sur SDFix.exe et choisis Install pour l'extraire dans son dossier sur le bureau.
* Redémarre le PC en mode sans échec :
https://blog.sosordi.net/
* Choisis ton compte.

Déroule la liste des instructions ci-dessous :
* Ouvre le dossier SDFix qui vient d'être créé sur le bureau et double-clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le nettoyage.
* Quand il te le demandera, appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long à redémarrer car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du bureau, l'outil aura terminé et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton bureau.
* Le rapport SDFix s'ouvrira et il sera enregistré dans le dossier SDFix sous le nom Report.txt.
* Enfin, copie/colle le rapport du fichier Report.txt.

Sacabouffe · Answer

Bonsoir
Voilà le message qui passait pas.

[b]SDFix: Version 1.235 /b
Run by Ibanez Nathalie on 13/10/2008 at 19:08

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Documents and Settings\Ibanez Nathalie\Desktop\SDFix\SDFix

[b]Checking Services /b:


Restoring Default Security Values
Restoring Default Hosts File
Resetting AppInit_DLLs value


Rebooting


[b]Infected beep.sys Found!/b

beep.sys File Locations:

"C:\WINDOWS\Drivers\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\dllcache\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\drivers\beep.sys" 4224 28/08/2001 14:00

Infected File Listed Below:

C:\WINDOWS\system32\dllcache\beep.sys

File copied to Backups Folder
Attempting to replace beep.sys with original version


Original beep.sys Restored

"C:\WINDOWS\Drivers\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\dllcache\beep.sys" 4224 07/08/2008 16:27
"C:\WINDOWS\system32\drivers\beep.sys" 4224 07/08/2008 16:27



[b]Checking Files /b:

Trojan Files Found:

C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware\Uninstall.lnk - Deleted
C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware\XP_AntiSpyware.lnk - Deleted
C:\WINDOWS\mslagent\2_mslagent.dll - Deleted
C:\WINDOWS\mslagent\mslagent.exe - Deleted
C:\WINDOWS\mslagent\uninstall.exe - Deleted
C:\Program Files\Inet Delivery\inetdl.exe - Deleted
C:\Program Files\Inet Delivery\intdel.exe - Deleted
C:\Program Files\XP_Antispyware\AVEngn.dll - Deleted
C:\Program Files\XP_Antispyware\comp.dat - Deleted
C:\Program Files\XP_Antispyware\htmlayout.dll - Deleted
C:\Program Files\XP_Antispyware\pthreadVC2.dll - Deleted
C:\Program Files\XP_Antispyware\Uninstall.exe - Deleted
C:\Program Files\XP_Antispyware\wscui.cpl - Deleted
C:\Program Files\XP_Antispyware\XP_Antispyware.cfg - Deleted
C:\Program Files\XP_Antispyware\XP_AntiSpyware.exe - Deleted
C:\WINDOWS\a.bat - Deleted
C:\WINDOWS\system32\wini104552502.exe - Deleted
C:\WINDOWS\zip1.tmp - Deleted
C:\WINDOWS\zip2.tmp - Deleted
C:\WINDOWS\zip3.tmp - Deleted
C:\WINDOWS\zipped.tmp - Deleted
C:\Documents and Settings\Ibanez Nathalie\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk - Deleted
C:\WINDOWS\a.bat - Deleted
C:\WINDOWS\base64.tmp - Deleted
C:\WINDOWS\bdn.com - Deleted
C:\WINDOWS\brastk.exe - Deleted
C:\WINDOWS\FVProtect.exe - Deleted
C:\WINDOWS\iTunesMusic.exe - Deleted
C:\WINDOWS\karna.dat - Deleted
C:\WINDOWS\mssecu.exe - Deleted
C:\WINDOWS\system32\akttzn.exe - Deleted
C:\WINDOWS\system32\anticipator.dll - Deleted
C:\WINDOWS\system32\awtoolb.dll - Deleted
C:\WINDOWS\system32\bdn.com - Deleted
C:\WINDOWS\system32\brastk.exe - Deleted
C:\WINDOWS\system32\bsva-egihsg52.exe - Deleted
C:\WINDOWS\system32\dpcproxy.exe - Deleted
C:\WINDOWS\system32\emesx.dll - Deleted
C:\WINDOWS\system32\h@tkeysh@@k.dll - Deleted
C:\WINDOWS\system32\hoproxy.dll - Deleted
C:\WINDOWS\system32\hxiwlgpm.dat - Deleted
C:\WINDOWS\system32\hxiwlgpm.exe - Deleted
C:\WINDOWS\system32\karna.dat - Deleted
C:\WINDOWS\system32\medup012.dll - Deleted
C:\WINDOWS\system32\medup020.dll - Deleted
C:\WINDOWS\system32\msgp.exe - Deleted
C:\WINDOWS\system32\msnbho.dll - Deleted
C:\WINDOWS\system32\mssecu.exe - Deleted
C:\WINDOWS\system32\msvchost.exe - Deleted
C:\WINDOWS\system32\mtr2.exe - Deleted
C:\WINDOWS\system32\mwin32.exe - Deleted
C:\WINDOWS\system32
etode.exe - Deleted
C:\WINDOWS\system32
ewsd32.exe - Deleted
C:\WINDOWS\system32\ps1.exe - Deleted
C:\WINDOWS\system32\psof1.exe - Deleted
C:\WINDOWS\system32\psoft1.exe - Deleted
C:\WINDOWS\system32egc64.dll - Deleted
C:\WINDOWS\system32egm64.dll - Deleted
C:\WINDOWS\system32\Rundl1.exe - Deleted
C:\WINDOWS\system32\smp\msrc.exe - Deleted
C:\WINDOWS\system32\sncntr.exe - Deleted
C:\WINDOWS\system32\ssurf022.dll - Deleted
C:\WINDOWS\system32\ssvchost.com - Deleted
C:\WINDOWS\system32\ssvchost.exe - Deleted
C:\WINDOWS\system32\sysreq.exe - Deleted
C:\WINDOWS\system32	aack.dat - Deleted
C:\WINDOWS\system32	aack.exe - Deleted
C:\WINDOWS\system32	emp#01.exe - Deleted
C:\WINDOWS\system32	hun.dll - Deleted
C:\WINDOWS\system32	hun32.dll - Deleted
C:\WINDOWS\system32\VBIEWER.OCX - Deleted
C:\WINDOWS\system32\vbsys2.dll - Deleted
C:\WINDOWS\system32\vcatchpi.dll - Deleted
C:\WINDOWS\system32\winlogonpc.exe - Deleted
C:\WINDOWS\system32\winsystem.exe - Deleted
C:\WINDOWS\system32\WINWGPX.EXE - Deleted
C:\WINDOWS\userconfig9x.dll - Deleted
C:\WINDOWS\winsystem.exe - Deleted



Folder C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware - Removed
Folder C:\Program Files\Inet Delivery - Removed
Folder C:\Program Files\PC-Antispy - Removed
Folder C:\Program Files\XP_Antispyware - Removed
Folder C:\WINDOWS\mslagent - Removed
Folder C:\WINDOWS\system32\smp - Removed


Removing Temp Files

[b]ADS Check /b:



[b]Final Check /b:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 19:18:03
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services /b:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\kdx\khost.exe"="C:\WINDOWS\kdx\khost.exe:*:Enabled:Delivery Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[b]Remaining Files /b:


File Backups: - C:\DOCUME~1\IBANEZ~1\Desktop\SDFix\SDFix\backups\backups.zip

[b]Files with Hidden Attributes /b:

Tue 19 Oct 2004 960 A.SH. --- "C:\fvcjaw3o.sys"
Sun 26 Jun 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 23 Oct 2005 31,232 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1427.tmp"
Sun 23 Oct 2005 30,208 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1784.tmp"
Sun 23 Oct 2005 26,112 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1987.tmp"
Mon 26 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 26 Aug 2006 53,760 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier\cv\~WRL3150.tmp"
Wed 19 Jul 2006 88,576 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier\cv\~WRL3653.tmp"
Mon 22 May 2006 36,352 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL0414.tmp"
Mon 22 May 2006 42,496 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL2311.tmp"
Mon 22 May 2006 39,936 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL3321.tmp"
Tue 25 Apr 2006 83,456 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\cpap final\calendrier MBDA action 3\~WRL1712.tmp"
Wed 12 Jul 2006 1,212,416 A.SH. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\My Pictures\friendz and co\school year 07\my favorites\SIV394.tmp"
Thu 3 Nov 2005 57,856 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\My Pictures\friendz and co\summer 06'\clefs usb\cpap final\shaolin form center action 1\essais\cpap logos\~WRL1918.tmp"

[b]Finished!/b

Bonne continuation ;-)

Destrio5 · Answer

- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

- Mets-le à jour

- Redémarre en mode sans échec (Recommandé) :
https://blog.sosordi.net/

- Choisis ta session habituelle

- Fais un scan complet avec MalwareByte's Anti-Malware

- Supprime tout ce que le logiciel trouve, enregistre le rapport

- Redémarre en mode normal et poste le rapport ici

Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

VIRUS XP ANTISPYWARE 2009

22 réponses

Votre réponse

Discussions similaires

Newsletters