Comment se debarasser d'un fichu virus qui te deconecte d'internet.!?

28 Juin 2011 22:16:59

Bonjour, Alor voila mon problemme, il y à quel que jour je veux me conecter alor je me conecte a internet et quel que foix je parle sur MSN SKYPE ou ooVoo et je ne c'est par qu'elle azar MSN ce deconecte tout seul, alor je vais sur SKYPE pour continuer ma discution avec la personne avec qui je parle et je mes ma webcam et la d'un coup SKYPE se deconecte alor je vais ooVoo et je fait pareille je mes ma webcam sa ce deconecte.! alor j'ai passer que sa vener de ma webcam alor je les desinstaler et debrancher dez mon ordinateur mes sa continue encore.! alor la j'ai fait des analyse avec avast avec d'autre logiciel et il ne me detecte pas un seul virus j'ai efacer qu'elle que dosier car mon ordinateur beugue a gogo et un jour je fait encore une analyse l'ordinateur doit redemarer alor je le fait redemarer et la je voie quoi le logo de MSN effacer il et introuvable me continue a s'aficher l'or du demarage de l'ordinateur mon dossier musique et image effacer et plein d'otre dossier qui son maintenant introuvable mes qui continue à s'afiche lor du demarage de l'ordinateur.!

Quel qu'un pourait m'aider a regler se gros problemme Sil Vous Plait.!?

Merci d'avance.!

Autres pages sur : debarasser fichu virus deconecte internet

| Etre averti des réponses
| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 10:07:50

Bonjour,
On va vérifier si un virus est la cause de ces problèmes :

Diagnostic :

Télécharge

OTL (de OldTimer[/#ff]) sur ton Bureau.

Ferme toutes tes fenêtres, puis double clique sur [#FF8000]OTL.exe

pour le lancer.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

Coche en haut la case devant "Tous les utilisateurs"

Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
volsnap.sys
hidserv.dll
appmgmts.dll
eventlog.dll
winlogon.exe
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
wininet.dll
wininit.exe
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
winlogon.exe
wininit.ini
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s

Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.

A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
PS : Les rapports sont aussi enregistrés sur le bureau

Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.

2/

Télécharge MalwareByte's Anti-Malware :

Installe le programme (aide ici)

Lance-le et met à jour la base de définition.

Choisi ensuite "Exécuter une analyse rapide" puis "Rechercher"

Sélectionne les disques dur et clique sur "Lancer l'examen"

Laisse l'analyse se faire.

A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).

Puis clique sur "Supprimer la sélection" en bas.

Un redémarrage peut être nécessaire.

Un rapport va s'afficher, enregistre-le sur ton bureau.

ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 17:16:57

RE: Bonjour, est ce que c'est normal que l'analyse et longue meme tres longue.!?

| Alerter

Répondre à Tunisiennedu49

Tunisiennedu49

29 Juin 2011 17:28:44

http://www.cijoint.fr/cjlink.php?file=cj201106/cijXrEva... voici pour OTL.Txt

puisque je n'arive pas a metre ici celuit de Extras.Txt je vais metre ce qui a ecrit ici.!

OTL Extras logfile created on: 29/06/2011 18:40:07 - Run 1
OTL by OldTimer - Version 3.2.24.2 Folder = C:\Users\gwenaelle\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 0,25 Gb Available Physical Memory | 8,44% Memory free
6,20 Gb Paging File | 2,44 Gb Available in Paging File | 39,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,44 Gb Total Space | 206,97 Gb Free Space | 73,02% Space Free | Partition Type: NTFS

Computer Name: PC-DE-GWENAELLE | User Name: gwenaelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2CF9DC96-B553-4E7B-BDD6-7CE50FA2D08C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ABD40B6A-73A5-4B39-A11D-16628E31C5F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0062A825-8A7D-4C50-9770-94E00EE3B03C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2AA7BF66-B9E7-42B4-8150-D6BBF54D201E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{32FB6141-4950-4077-88E4-A3A6E3AF0AC7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{76B99BEB-6340-498C-9D93-DB7737B39FF6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{80BAC3B6-E220-4C3C-BB55-88A2ACB29948}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{841E052C-CB49-4432-9F35-4D85CE0354F5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{94959205-3CEC-43A0-9E86-E0DBBD0E4632}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{94AA8EA3-4350-48F1-9D20-CCB39E3E4092}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9AB6F0AB-54D0-4ABD-A704-928F2E75BE80}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{9C9E8CE6-26AA-4E00-B546-3A6A3B102037}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{A6FBC811-15FC-4AFF-A948-792322FBBA3B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AEDECF1B-ABED-4CAC-A1B0-04098C9855B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{B11A27A7-92D7-4334-86B4-799D3C3C753F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{BA280569-354D-40C2-845C-2813652380A5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{C29A0937-3D8A-40AB-BD64-5744559169B8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{E84F4C57-99A9-40E9-9835-BE75A8254887}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FF0F6456-F953-4C78-9BDB-9374C9B21E8F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{A71EFA8A-4E41-41D0-911B-1BFCEE0EDE52}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"TCP Query User{D9B9C99D-BEF9-4947-A328-ECD7609E925B}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{EAF1C150-3F62-4989-9C92-81CDFB634412}C:\Program Files (x86)\ooVoo\ooVoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{385DAD95-BE30-4210-AE70-983F583C1195}C:\Program Files (x86)\ooVoo\ooVoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{7A95E233-D99C-45C7-A5B9-B7E76D697BC0}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"UDP Query User{960F1425-6D20-45AC-AA59-B67766AC00EE}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{230B83A5-7D88-4B95-B71E-F44C0C78B002}" = Windows Live Movie Maker
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28518520-F25C-48C3-A224-861F331602F4}" = Setup My PC
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}" = Fissa
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{54A9A9E1-8C4C-44FE-AA6B-182EA1E779FD}" = Hercules WiFi Station N
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{835525BE-63BD-4EC4-9425-00CEAD4849C2}" = Widestream6
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.4 - Français
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{CA786CFF-1D31-4804-B436-F3405B14357F}" = Packard Bell Updator
"{CD4C3C09-6EE6-4BFB-A0CA-AD80CE71A6D7}" = Fort Boyard - le Jeu
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}" = Packard Bell ImageWriter
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"alotToolbar" = ALOT Toolbar
"Ask.com Search Assistant" = Ask.com Search Assistant 1.0.2
"avast" = avast! Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 1.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"conduitEngine" = Conduit Engine
"cspep_is1" = cspep.0
"Diaporama_is1" = Diaporama version 3.0.0.1
"EasyBits Magic Desktop" = EasyBits Magic Desktop
"Eazel-FR Toolbar" = Eazel-FR Toolbar
"EoRezo_is1" = EoRezo 12.0
"EZface ActiveX" = EZface ActiveX 208
"facemoods" = facemoods
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Messenger Plus!" = Messenger Plus! 5
"Messenger_Plus_FR Toolbar" = Messenger Plus FR Toolbar
"Messenger_Plus_Live_France Toolbar" = Messenger_Plus_Live_France Toolbar
"mywebsites.pro-FR Toolbar" = mywebsites.pro-FR Toolbar
"NIS" = Norton Internet Security
"ooVoo_Video_Chat Toolbar" = ooVoo Video Chat Toolbar
"Orange WebTV Player_is1" = Orange WebTV Player 1.29418
"PHPNukeFR Toolbar" = PHPNukeFR Toolbar
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Searchqu MediaBar" = Windows Searchqu Toolbar
"Shareware.Pro-FR Toolbar" = Shareware.Pro-FR Toolbar
"Soft2PC_is1" = Soft2PC 1.0
"Softonic-Eng7 Toolbar" = Softonic-Eng7 Toolbar
"Software_is1" = Software 1.3
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Surf Canyon" = Surf Canyon Search Engine Assistant
"TranslatorBar_1 Toolbar" = TranslatorBar 1 Toolbar
"TranslatorBar_5 Toolbar" = TranslatorBar 5 Toolbar
"VLC media player" = VLC media player 1.1.9
"WebcamMax" = WebcamMax

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"PhotoFiltre" = PhotoFiltre

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27/01/2011 15:31:59 | Computer Name = PC-de-gwenaelle | Source = Windows Search Service | ID = 3013
Description =

Error - 27/01/2011 15:31:59 | Computer Name = PC-de-gwenaelle | Source = Windows Search Service | ID = 3013
Description =

Error - 27/01/2011 16:57:13 | Computer Name = PC-de-gwenaelle | Source = Windows Search Service | ID = 3013
Description =

Error - 28/01/2011 13:13:24 | Computer Name = PC-de-gwenaelle | Source = WinMgmt | ID = 10
Description =

Error - 28/01/2011 13:13:34 | Computer Name = PC-de-gwenaelle | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 28/01/2011 13:16:38 | Computer Name = PC-de-gwenaelle | Source = Windows Search Service | ID = 3013
Description =

Error - 28/01/2011 13:16:38 | Computer Name = PC-de-gwenaelle | Source = Windows Search Service | ID = 3013
Description =

Error - 28/01/2011 13:16:38 | Computer Name = PC-de-gwenaelle | Source = Windows Search Service | ID = 3013
Description =

Error - 28/01/2011 13:18:41 | Computer Name = PC-de-gwenaelle | Source = Windows Search Service | ID = 3013
Description =

Error - 28/01/2011 13:32:55 | Computer Name = PC-de-gwenaelle | Source = Windows Search Service | ID = 3013
Description =

[ System Events ]
Error - 16/06/2011 20:14:05 | Computer Name = PC-de-gwenaelle | Source = Service Control Manager | ID = 7000
Description =

Error - 16/06/2011 20:18:19 | Computer Name = PC-de-gwenaelle | Source = Service Control Manager | ID = 7009
Description =

Error - 16/06/2011 20:18:19 | Computer Name = PC-de-gwenaelle | Source = Service Control Manager | ID = 7000
Description =

Error - 16/06/2011 20:18:58 | Computer Name = PC-de-gwenaelle | Source = Service Control Manager | ID = 7009
Description =

Error - 16/06/2011 20:18:58 | Computer Name = PC-de-gwenaelle | Source = Service Control Manager | ID = 7000
Description =

Error - 20/06/2011 10:35:43 | Computer Name = PC-de-gwenaelle | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP) pour la carte réseau avec l'adresse réseau 0008D3830E73. Il s'est produit
l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa
propre adresse auprès du serveur d'adresse réseau (DHCP).

Error - 20/06/2011 20:11:15 | Computer Name = PC-de-gwenaelle | Source = Service Control Manager | ID = 7011
Description =

Error - 24/06/2011 07:58:45 | Computer Name = PC-de-gwenaelle | Source = Dhcp | ID = 1000
Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.11 sur
la carte réseau d'adresse réseau 0008D3830E73.

Error - 29/06/2011 06:13:11 | Computer Name = PC-de-gwenaelle | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetbiosSmb car
un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error - 29/06/2011 12:11:16 | Computer Name = PC-de-gwenaelle | Source = Service Control Manager | ID = 7022
Description =

< End of report >

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 17:40:47

Ok je lit cela et je te dis la suite

| Alerter

Répondre à help-manformatique

help-manformatique

29 Juin 2011 17:51:00

Tes bien infecté ^^
Fais ca :

1/

Scan Ad-Remover

Télécharge

Ad-Remover (de C_XX[/#ff]) sur ton Bureau.

[#ff0000]Déconnecte-toi et ferme toutes applications en cours[/#ff]

Double-clique sur AD-R présent sur ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA/7)

Patiente jusqu'à l'apparition du menu principal. A partir de là, clique sur Scanner. On te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.

[#ff0000]Laisse travailler l'outil [/#ff]

Une fenêtre contenant le rapport va s'ouvrir, poste-moi le rapport dans ta prochaine réponse.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Ensuite clique sur Quitter pour fermer Ad-Remover.

Note : Le rapport que Ad-Remover viens de générer se trouve ici : C:\Ad-Report-SCAN

2/

[#FF8000]Télécharge MalwareByte's Anti-Malware :

Installe le programme (aide ici)

Lance-le et met à jour la base de définition.

Choisi ensuite "Exécuter une analyse rapide" puis "Rechercher"

Sélectionne les disques dur et clique sur "Lancer l'examen"

Laisse l'analyse se faire.

A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).

Puis clique sur "Supprimer la sélection" en bas.

Un redémarrage peut être nécessaire.

Un rapport va s'afficher, enregistre-le sur ton bureau.

ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"

3/

Refait un scan OTL avec les mêmes paramètres même si c'est long

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 18:22:02

voici le resulta du raport Malwarebytes'Anti-Malware

http://www.cijoint.fr/cjlink.php?file=cj201106/cijJ5jkm...

| Alerter

Répondre à Tunisiennedu49

Tunisiennedu49

29 Juin 2011 18:24:23

Alor atender je fait le scan ad-remover

| Alerter

Répondre à Tunisiennedu49

Tunisiennedu49

29 Juin 2011 18:29:29

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:26:44 le 29/06/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X64)
gwenaelle@PC-DE-GWENAELLE (Packard Bell IMEDIA X3560 FR)

============== RECHERCHE ==============

Dossier trouvé: C:\Program Files (x86)\Windows Searchqu Toolbar
Dossier trouvé: C:\Program Files (x86)\Ask Search Assistant
Dossier trouvé: C:\Program Files (x86)\Ask.com
Dossier trouvé: C:\Program Files (x86)\Bandoo
Dossier trouvé: C:\Users\gwenaelle\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files (x86)\Conduit
Dossier trouvé: C:\Program Files (x86)\ConduitEngine
Dossier trouvé: C:\Users\gwenaelle\AppData\LocalLow\alot
Dossier trouvé: C:\Program Files (x86)\alot
Dossier trouvé: C:\Program Files (x86)\SpiderMessenger
Dossier trouvé: C:\Users\gwenaelle\AppData\Roaming\Soft2PC
Dossier trouvé: C:\Program Files (x86)\Soft2PC
Dossier trouvé: C:\Program Files (x86)\AGI
Dossier trouvé: C:\Program Files (x86)\Widestream6

Clé trouvée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé trouvée: HKLM\Software\Classes\CLSID\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}
Clé trouvée: HKLM\Software\Classes\Interface\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}
Clé trouvée: HKLM\Software\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé trouvée: HKLM\Software\Classes\CLSID\{1a6dc111-b030-4c3e-be65-299284128b91}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a6dc111-b030-4c3e-be65-299284128b91}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1a6dc111-b030-4c3e-be65-299284128b91}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a6dc111-b030-4c3e-be65-299284128b91}
Clé trouvée: HKLM\Software\Classes\CLSID\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}
Clé trouvée: HKLM\Software\Classes\Interface\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}
Clé trouvée: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Clé trouvée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\CLSID\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
Clé trouvée: HKLM\Software\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé trouvée: HKLM\Software\Classes\CLSID\{5F0986BC-53D0-4C11-863D-B837634E3D23}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5F0986BC-53D0-4C11-863D-B837634E3D23}
Clé trouvée: HKLM\Software\Classes\CLSID\{606d89e9-c72a-4e4d-8d3a-142b2a74ff1b}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{606d89e9-c72a-4e4d-8d3a-142b2a74ff1b}
Clé trouvée: HKLM\Software\Classes\CLSID\{60d7e8fc-8849-46e8-b352-5abbae0c48b4}
Clé trouvée: HKLM\Software\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé trouvée: HKLM\Software\Classes\CLSID\{9b218861-1cad-41e9-8105-1291a91ca488}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9b218861-1cad-41e9-8105-1291a91ca488}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9b218861-1cad-41e9-8105-1291a91ca488}
Clé trouvée: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Clé trouvée: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Clé trouvée: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Clé trouvée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé trouvée: HKLM\Software\Classes\Interface\{54ADB4A4-6C88-4710-A227-820961B9981E}
Clé trouvée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Clé trouvée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé trouvée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé trouvée: HKLM\Software\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Clé trouvée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Clé trouvée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé trouvée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Clé trouvée: HKLM\Software\Classes\Interface\{B690A281-F7D4-4E0F-BA02-A12ADD86277B}
Clé trouvée: HKLM\Software\Classes\Interface\{CC883F50-95BB-4A25-9DBF-B801506F1BC4}
Clé trouvée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Clé trouvée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé trouvée: HKLM\Software\Classes\Interface\{F42A2432-287D-4161-8C94-99C06BEE7A81}
Clé trouvée: HKLM\Software\Classes\Interface\{F44202AE-BE61-41C8-AFEA-5E494EC7595B}
Clé trouvée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé trouvée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé trouvée: HKLM\Software\Classes\TypeLib\{25B7FAD8-85B3-40A4-BBB8-22DBB95831E1}
Clé trouvée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé trouvée: HKLM\Software\Classes\TypeLib\{4FD0EE11-D5B1-41B1-A3BD-F537539804EE}
Clé trouvée: HKLM\Software\Classes\TypeLib\{5D82D8DD-B839-47C1-B8E0-AD754F949BB6}
Clé trouvée: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Clé trouvée: HKLM\Software\Classes\TypeLib\{B52F3553-49FA-4599-81A4-F98951E0B53B}
Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore
Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore.1
Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr
Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr
Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr
Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé trouvée: HKLM\Software\Classes\SoftwareBHO.SOFT2PCBHO
Clé trouvée: HKLM\Software\Classes\SoftwareBHO.SOFT2PCBHO.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT1460988
Clé trouvée: HKLM\Software\Classes\Toolbar.CT1572363
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2004604
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2095689
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2102473
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2121919
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2392836
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2405280
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2445907
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2567681
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2642706
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2905330
Clé trouvée: HKLM\Software\Classes\AppID\BandooCore.EXE
Clé trouvée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé trouvée: HKLM\Software\Classes\AppID\EoRezoBHO.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
Clé trouvée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé trouvée: HKLM\Software\Classes\AppID\Soft2PCBHO.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{AB67D16D-3824-4683-B81A-D66DBA61B1AF}
Clé trouvée: HKLM\Software\bandoo
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKLM\Software\FissaSearch
Clé trouvée: HKLM\Software\SearchquMediabarTb
Clé trouvée: HKLM\Software\soft2PC
Clé trouvée: HKLM\Software\Toolbar
Clé trouvée: HKCU\Software\Ask.com
Clé trouvée: HKCU\Software\AskSearchAsst
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\FissaSearch
Clé trouvée: HKCU\Software\soft2PC
Clé trouvée: HKCU\Software\SpiderMessenger
Clé trouvée: HKCU\Software\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\alot
Clé trouvée: HKCU\Software\AppDataLow\Software\AskToolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
Clé trouvée: HKCU\Software\AppDataLow\Software\ShoppingReport2
Clé trouvée: HKLM\Software\Messenger Plus!\OpenCandy
Clé trouvée: HKLM\Software\Wow6432Node\Messenger Plus!\OpenCandy
Clé trouvée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EF3CAA28-3552-495e-B4A1-3A9B039BC803}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6795114A-1CC4-462b-99E6-2C7B0FA69CDC}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a61376ff-292a-4591-a6b5-d90771424583}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D030D9D2-A3E8-4756-8A29-BED2F6D38B0F}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\alotToolbar
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EoEngine_is1
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EoRezo_is1
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EoTraduction_is1
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox Browser
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu MediaBar
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Soft2PC_is1
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Software_is1
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\alotToolbar
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Soft2PC_is1
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|SpiderMessengerHelper@spidermessenger.com
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|widestream6@spointer.com
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}

============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp64&d=0709&m=imedia_x3560_fr
HKCU_Main|Search Page - hxxp://french.eazel.com/fr/index.php?rvs=hompag
HKCU_Main|Start Page - hxxp://y.lo.st
HKLM_Main|Default_Page_URL - hxxp://mywebs.tv
HKLM_Main|Default_Search_URL - hxxp://mywebs.tv
HKLM_Main|Search Page - hxxp://french.eazel.com/fr/index.php?rvs=hompag
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://french.eazel.com/fr/index.php?rvs=hompag
HKCU_URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} - "UrlSearchHook Class" (C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll)
HKCU_URLSearchHooks|{33727f97-486d-4d19-97c3-23f432ef93fc} - "mywebsites.pro-FR Toolbar" (C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll)
HKCU_URLSearchHooks|{1c491116-c175-45e1-a570-6fb14fea8b7b} - "PHPNukeFR Toolbar" (C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll)
HKCU_URLSearchHooks|{59994074-c06d-4a75-9768-49e5a8c21264} - "Messenger Plus Live France Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll)
HKCU_URLSearchHooks|{00bf7b9c-acd2-4080-bea8-b1c41987070f} - "TranslatorBar 1 Toolbar" (C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll)
HKCU_URLSearchHooks|{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - "Eazel-FR Toolbar" (C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll)
HKCU_URLSearchHooks|{280b5d37-4a76-467a-b3d6-942fca90acde} - "Shareware.Pro-FR Toolbar" (C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll)
HKCU_URLSearchHooks|{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - "Softonic-Eng7 Toolbar" (C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll)
HKCU_URLSearchHooks|{b9b97401-98e1-4942-930d-c36652dab7f2} - "TranslatorBar 5 Toolbar" (C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll)
HKLM_URLSearchHooks|{33727f97-486d-4d19-97c3-23f432ef93fc} - "mywebsites.pro-FR Toolbar" (C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll)
HKLM_URLSearchHooks|{1c491116-c175-45e1-a570-6fb14fea8b7b} - "PHPNukeFR Toolbar" (C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll)
HKLM_URLSearchHooks|{59994074-c06d-4a75-9768-49e5a8c21264} - "Messenger Plus Live France Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll)
HKLM_URLSearchHooks|{00bf7b9c-acd2-4080-bea8-b1c41987070f} - "TranslatorBar 1 Toolbar" (C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll)
HKLM_URLSearchHooks|{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - "Eazel-FR Toolbar" (C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll)
HKLM_URLSearchHooks|{280b5d37-4a76-467a-b3d6-942fca90acde} - "Shareware.Pro-FR Toolbar" (C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll)
HKLM_URLSearchHooks|{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - "Softonic-Eng7 Toolbar" (C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll)
HKLM_URLSearchHooks|{b9b97401-98e1-4942-930d-c36652dab7f2} - "TranslatorBar 5 Toolbar" (C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll)
HKLM_URLSearchHooks|{3d4d238c-9c48-47cd-a95c-53259acf9e56} - "Messenger Plus FR Toolbar" (C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll)
HKLM_URLSearchHooks|{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - "ooVoo Video Chat Toolbar" (C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll)
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA} - "Search" (hxxp://www.pucuy.com/google?q={searchTerms}&sa=Search&cx=partner-pub-35468619388...)
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Search" (hxxp://start.facemoods.com/?a=adj&s={searchTerms}&f=4)
HKCU_SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - "Search the web (Babylon)" (hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588)
HKCU_SearchScopes\{10B4E706-0FB5-43BE-88B2-C3CC5CCFECC8} - "Surf Canyon" (hxxp://search.surfcanyon.com/search?f=sb&q={searchTerms})
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=CLM&o=15427&src=crm&q={searchTerm...)
HKCU_SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2} - "Ask" (hxxp://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?})
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a2e800d9000000000...)
HKCU_SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} - "ALOT Search" (hxxp://search.alot.com/web?q={searchTerms})
HKCU_SearchScopes\{5D168EFE-2EAD-472F-AA1A-055877171064} - "http://french.eazel.com/fr/index.php?rvs=hompag" (hxxp://french.eazel.com/fr/index.php?rvs=hompag)
HKCU_SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&q={SearchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "ooVoo Video Chat Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9} - "Fissa" (hxxp://www.fissa.com/fr/results/?s=b&c=1103144698&suid=EnmZS89...{s...)
HKCU_SearchScopes\{EF3CAA28-3552-495e-B4A1-3A9B039BC803} - "ASK Jeeves" (hxxp://adsearches.net/ask_tracking.asp?q={searchTerms}&d={language})
HKCU_SearchScopes\{f3d17ef2-8118-4fa3-afea-bb2e18a69054} - "iadah" (hxxp://www.iadah.com/web?search&q={searchTerms})
HKLM_SearchScopes\{5D168EFE-2EAD-472F-AA1A-055877171064} - "http://french.eazel.com/fr/index.php?rvs=hompag" (hxxp://french.eazel.com/fr/index.php?rvs=hompag)
HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "ooVoo Video Chat Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_Toolbar\WebBrowser|{33727F97-486D-4D19-97C3-23F432EF93FC} (C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll)
HKCU_Toolbar\WebBrowser|{1C491116-C175-45E1-A570-6FB14FEA8B7B} (C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll)
HKCU_Toolbar\WebBrowser|{59994074-C06D-4A75-9768-49E5A8C21264} (C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll)
HKCU_Toolbar\WebBrowser|{00BF7B9C-ACD2-4080-BEA8-B1C41987070F} (C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll)
HKCU_Toolbar\WebBrowser|{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} (C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll)
HKCU_Toolbar\WebBrowser|{280B5D37-4A76-467A-B3D6-942FCA90ACDE} (C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll)
HKCU_Toolbar\WebBrowser|{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} (C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll)
HKCU_Toolbar\WebBrowser|{B9B97401-98E1-4942-930D-C36652DAB7F2} (C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll)
HKCU_Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
HKCU_Toolbar\WebBrowser|{E5A1E26F-0D1D-4307-868F-FBD9A374AB54} (C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll)
HKLM_Toolbar|{33727f97-486d-4d19-97c3-23f432ef93fc} (C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll)
HKLM_Toolbar|{1c491116-c175-45e1-a570-6fb14fea8b7b} (C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll)
HKLM_Toolbar|{59994074-c06d-4a75-9768-49e5a8c21264} (C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll)
HKLM_Toolbar|{00bf7b9c-acd2-4080-bea8-b1c41987070f} (C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll)
HKLM_Toolbar|{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} (C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll)
HKLM_Toolbar|{280b5d37-4a76-467a-b3d6-942fca90acde} (C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll)
HKLM_Toolbar|{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} (C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll)
HKLM_Toolbar|{b9b97401-98e1-4942-930d-c36652dab7f2} (C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
HKLM_Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll)
HKLM_Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020} (C:\PROGRA~2\WI9130~1\ToolBar\SearchquDx.dll)
HKLM_Toolbar|{3d4d238c-9c48-47cd-a95c-53259acf9e56} (C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_Toolbar|{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} (C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll)
HKLM_Toolbar|{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} (C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll)
HKLM_Toolbar|{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} (C:\Program Files (x86)\alot\bin\alot.dll)
HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files (x86)\Ask.com\SaUpdate.exe (?)
HKCU_ElevationPolicy\{D3DE705E-0BB6-47E6-AB61-6FF78BE040A0} - C:\Program Files (x86)\Internet Explorer\minftnet.exe (Synersoft)
HKLM_ElevationPolicy\126b13e1-423f-46bd-92bf-fb9c04635c18 - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (?)
HKLM_ElevationPolicy\26b1955b-63c3-45ed-8ac4-39b965a0899e - C:\Program Files (x86)\Eazel-FR\Eazel-FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\29d7ac1d-a925-4787-a13b-90e3f6e23417 - C:\Program Files (x86)\mywebsites.pro-FR\mywebsites.pro-FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\2a1abd25-5536-41b0-a90e-6c7080a9bd5a - C:\Program Files (x86)\Shareware.Pro-FR\Shareware.Pro-FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\34111a1f-b1ac-4791-bd59-583fc8aee660 - C:\Program Files (x86)\TranslatorBar_1\TranslatorBar_1ToolbarHelper.exe (?)
HKLM_ElevationPolicy\353fddc2-c969-450e-9e4f-5c7c5a5a2c51 - C:\Program Files (x86)\Nova-FR\Nova-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\42ad415e-3dc9-4ce8-b7b7-9d2bd044c6fe - C:\Program Files (x86)\Softonic-Eng7\Softonic-Eng7ToolbarHelper.exe (?)
HKLM_ElevationPolicy\459f16a0-c1c1-4aff-927f-b5cc844b1e99 - C:\Program Files (x86)\PHPNukeFR\PHPNukeFRToolbarHelper.exe (?)
HKLM_ElevationPolicy\5c54117f-4e30-421e-9cec-3e98039840c4 - C:\Program Files (x86)\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)
HKLM_ElevationPolicy\607cef6c-561f-448b-810b-5afb0ddf5c9d - C:\Program Files (x86)\Shareware.Pro-FR\Shareware.Pro-FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\8696d440-117b-47a9-bbe9-bc892763125b - C:\Program Files (x86)\Softonic-Eng7\Softonic-Eng7ToolbarHelper.exe (?)
HKLM_ElevationPolicy\984aae6c-e71c-4e2a-866a-2cdf3fdf8088 - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (?)
HKLM_ElevationPolicy\98f695e0-91bd-495b-97fe-192cff5c0598 - C:\Program Files (x86)\mywebsites.pro-FR\mywebsites.pro-FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\9e4f6931-5f3b-4050-8ba7-584c40a7317f - C:\Program Files (x86)\Eazel-FR\Eazel-FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\a31902ae-9d84-4cde-aade-d653d81ef617 - C:\Program Files (x86)\PHPNukeFR\PHPNukeFRToolbarHelper.exe (?)
HKLM_ElevationPolicy\a46bd9b0-28b1-4e36-a259-4c27140ce79c - C:\Program Files (x86)\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)
HKLM_ElevationPolicy\b30c836b-e67c-4378-b403-7688c648abeb - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (?)
HKLM_ElevationPolicy\be248cea-c208-4d23-a263-1a4da0e2410c - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (?)
HKLM_ElevationPolicy\cef3187f-b933-4e8e-990b-bd331eecc859 - C:\Program Files (x86)\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)
HKLM_ElevationPolicy\d59d40d0-47b2-41ab-888d-85e2db4619a9 - C:\Program Files (x86)\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)
HKLM_ElevationPolicy\e0373acd-a156-4cd0-99c6-3be4f03be8c0 - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (?)
HKLM_ElevationPolicy\e88f4d38-ab49-4031-8732-2c8689898e1e - C:\Program Files (x86)\TranslatorBar_1\TranslatorBar_1ToolbarHelper.exe (?)
HKLM_ElevationPolicy\f465f929-9c3f-4d13-9e7c-45fa313cace9 - C:\Program Files (x86)\mywebsites.pro-FR\mywebsites.pro-FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\{1B01980B-112E-45D4-A471-BD89C8D164C4} - C:\Users\gwenaelle\AppData\Local\Conduit\CT2567681\Messenger_Plus_Live_FranceAutoUpdaterHelper.exe (x)
HKLM_ElevationPolicy\{2E482D6A-B6C6-41F3-8032-51F904AA80F5} - C:\Program Files (x86)\Eazel-FR\Eazel-FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} - C:\Program Files (x86)\Bandoo\BndCore.exe (x)
HKLM_ElevationPolicy\{506BA9FC-F199-4568-B54D-B8AA7004709E} - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (?)
HKLM_ElevationPolicy\{5C600962-D80C-4F62-9214-95F2A365EEDD} - C:\Program Files (x86)\ooVoo_Video_Chat\ooVoo_Video_ChatToolbarHelper.exe (?)
HKLM_ElevationPolicy\{6795114A-1CC4-462b-99E6-2C7B0FA69CDC} - C:\Program Files (x86)\alot\bin\ALOTSettings.exe (?)
HKLM_ElevationPolicy\{68F57830-947C-461A-95AE-9CF60CEBA118} - C:\Users\gwenaelle\AppData\Local\Conduit\CT2095689\Eazel-FRAutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{7BD9A644-9DC6-42be-8872-CBF5524276BD} - C:\Program Files (x86)\Common Files\Software Update Utility\dnu.exe (AOL LLC)
HKLM_ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} - C:\Program Files (x86)\Bandoo\ExtensionsManager.exe (x)
HKLM_ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WI9130~1\ToolBar\uninstall.exe (Discordia Ltd.)
HKLM_ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} - C:\Program Files (x86)\Bandoo\Bandoo.exe (x)
HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files (x86)\Ask.com\SaUpdate.exe (?)
HKLM_ElevationPolicy\{a61376ff-292a-4591-a6b5-d90771424583} - C:\Program Files (x86)\Widestream6\spointer\widestream6_air.exe (Widestream6)
HKLM_ElevationPolicy\{AE8EB130-7693-454F-897A-FC4D4DA993E2} - C:\Program Files (x86)\Messenger_Plus_FR\Messenger_Plus_FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\{BE427653-62CE-4CFF-852C-CE28DDDA003F} - C:\Users\gwenaelle\AppData\Local\Conduit\CT1572363\ooVoo_Video_ChatAutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{C467675C-7459-45BA-A809-D5FF854A60EC} - C:\Users\gwenaelle\AppData\Local\Conduit\CT2905330\Messenger_Plus_FRAutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{D030D9D2-A3E8-4756-8A29-BED2F6D38B0F} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?)
HKLM_ElevationPolicy\{E698126F-62B3-4FFB-985D-CD00BA08580E} - C:\Program Files (x86)\TranslatorBar_5\TranslatorBar_5ToolbarHelper.exe (?)
HKLM_ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} - C:\Program Files (x86)\Bandoo\BandooUI.exe (x)
HKLM_ElevationPolicy\{FFDF9EF3-3C3A-4f05-9A6E-5D3B778EC567} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
BHO\{00bf7b9c-acd2-4080-bea8-b1c41987070f} - "TranslatorBar 1 Toolbar" (C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll)
BHO\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - "ALOT Toolbar Helper" (C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll)
BHO\{1a6dc111-b030-4c3e-be65-299284128b91} - "Interest recogniser for Widestream6 (powered by Spointer)" (C:\Program Files (x86)\Widestream6\spointer\extensions\widestream6_air_ie.dll)
BHO\{1c491116-c175-45e1-a570-6fb14fea8b7b} - "PHPNukeFR Toolbar" (C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll)
BHO\{280b5d37-4a76-467a-b3d6-942fca90acde} - "Shareware.Pro-FR Toolbar" (C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
BHO\{33727f97-486d-4d19-97c3-23f432ef93fc} - "mywebsites.pro-FR Toolbar" (C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll)
BHO\{3475D2C4-BBD1-4255-A70D-4125A4D30956} - "SOFT2PCBHO Class" (C:\Program Files (x86)\Soft2PC\soft2pcBHO.dll)
BHO\{3d4d238c-9c48-47cd-a95c-53259acf9e56} - "Messenger Plus FR Toolbar" (C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll)
BHO\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - "Softonic-Eng7 Toolbar" (C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll)
BHO\{465E08E7-F005-4389-980F-1D8764B3486C} (?)
BHO\{59994074-c06d-4a75-9768-49e5a8c21264} - "Messenger Plus Live France Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll)
BHO\{5AB7104A-B71F-49AD-9154-F7F8806AE848} - "Surf Canyon Search Engine Assistant" (C:\Program Files (x86)\Surf Canyon\surfcanyon.dll)
BHO\{64182481-4F71-486b-A045-B233BD0DA8FC} - "CescrtHlpr Object" (C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll)
BHO\{7FF99715-3016-4381-84CE-E4E4C9673020} - "Searchqu Toolbar" (C:\PROGRA~2\WI9130~1\ToolBar\SearchquDx.dll)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
BHO\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - "Eazel-FR Toolbar" (C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll)
BHO\{b9b97401-98e1-4942-930d-c36652dab7f2} - "TranslatorBar 5 Toolbar" (C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll)
BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} - "Ask Toolbar" (C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll)
BHO\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - "ooVoo Video Chat Toolbar" (C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 29/06/2011 20:27:16 (33978 Octet(s))

Fin à: 20:28:13, 29/06/2011

============== E.O.F ==============

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 18:31:23

Ok pas de soucis. Faites ceci :

Fix Ad-Remover

[#ff0000]Déconnecte-toi et ferme toutes applications en cours[/#ff]

Relance Ad-Remover. (Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA/7)

Patiente jusqu'à l'apparition du menu principal. A partir de là, clique sur Nettoyer. On te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.

[#ff0000]Laisse travailler l'outil [/#ff]

Une fenêtre contenant un nouveau rapport va s'ouvrir, poste-moi le rapport dans ta prochaine réponse.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Ensuite clique sur Quitter pour fermer Ad-Remover.

Note : Le rapport que Ad-Remover viens de générer se trouve ici : C:\Ad-Report-FIX

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 18:37:15

voici le resulta de l'analyse.!

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 6977

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

29/06/2011 20:35:07
mbam-log-2011-06-29 (20-35-07).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 164658
Temps écoulé: 3 minute(s), 41 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 18:39:46

Ta fait ce que j'ai dit avec l'option "nettoyer" d'ad-r ?

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 18:44:44

je refait un scan OTL apret je vais faire Fix Ad-Remover

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 18:46:21

t'aurait d'abord du faire le fix et après le scan

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 18:46:36

voici les resulta du scan OTL.!

OTL logfile created on: 29/06/2011 20:42:15 - Run 2
OTL by OldTimer - Version 3.2.24.2 Folder = C:\Users\gwenaelle\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 62,01% Memory free
6,20 Gb Paging File | 4,23 Gb Available in Paging File | 68,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,44 Gb Total Space | 206,90 Gb Free Space | 73,00% Space Free | Partition Type: NTFS

Computer Name: PC-DE-GWENAELLE | User Name: gwenaelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Downloads\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2010/12/09 11:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\cspep\cspep.exe
PRC - [2010/11/17 09:51:12 | 000,128,296 | ---- | M] () -- C:\Program Files (x86)\Hercules\WiFiStationN\WiFiN.exe
PRC - [2010/11/17 09:51:12 | 000,053,544 | ---- | M] (Guillemot Corporation) -- C:\Windows\SysWOW64\HerculesWiFiService.exe
PRC - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/08/05 09:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2010/08/05 09:46:00 | 001,016,792 | ---- | M] (PC Tool) -- C:\Program Files (x86)\Registry Mechanic\Alert.exe
PRC - [2010/06/30 17:49:34 | 000,207,968 | ---- | M] (Globe7 HK Ltd) -- C:\Program Files (x86)\adobs\msats.exe
PRC - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2009/06/26 18:24:16 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2008/09/18 11:13:00 | 000,099,896 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe
PRC - [2008/09/18 11:13:00 | 000,079,416 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe
PRC - [2008/07/07 17:26:28 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
PRC - [2008/05/29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) -- C:\Windows\SysWOW64\HidService.exe
PRC - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

========== Modules (SafeList) ==========

MOD - [2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Downloads\OTL.exe
MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/11/17 09:51:12 | 000,053,544 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\\HerculesWiFiService.exe -- (HerculesWiFi)
SRV - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/06/30 17:49:34 | 000,207,968 | ---- | M] (Globe7 HK Ltd) [Auto | Running] -- C:\Program Files (x86)\adobs\msats.exe -- (Log Events)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/03/30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/04 21:35:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/05/29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) [Auto | Running] -- C:\Windows\SysWow64\HidService.exe -- (GenericHidService)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)

========== Driver Services (SafeList) ==========

DRV - [2010/02/11 21:35:50 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/01/25 07:41:46 | 000,466,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSviA64.sys -- (IDSVia64)
DRV - [2008/07/16 13:56:06 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://mywebs.tv
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://mywebs.tv
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://french.eazel.com/fr/index.php?rvs=hompag
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=adj&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://french.eazel.com/fr/index.php?rvs=hompag
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/home.php?ref=hp [binary data]
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/07/09 14:33:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\SpiderMessengerHelper@spidermessenger.com:
FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com
FF - HKLM\software\mozilla\Firefox\Extensions\\widestream6@spointer.com: C:\Program Files (x86)\Widestream6\spointer\extensions\widestream6@spointer.com [2011/03/14 02:30:48 | 000,000,000 | ---D | M]

[2010/11/11 13:43:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/11 13:43:57 | 000,000,000 | ---D | M] (SC) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D1F30069-9E00-468c-8CB6-3FB6C4ECE8C6}
[2010/11/09 22:10:22 | 000,000,000 | ---D | M] (Toolbar Iadah) -- C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com
[2011/03/03 15:48:38 | 000,002,423 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/03/31 13:19:50 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchAdj.xml

O1 HOSTS File: ([2006/09/18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {1a6dc111-b030-4c3e-be65-299284128b91} - C:\Program Files (x86)\Widestream6\spointer\extensions\widestream6_air_ie.dll (Widestream6)
O2 - BHO: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O2 - BHO: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O2 - BHO: (SOFT2PCBHO Class) - {3475D2C4-BBD1-4255-A70D-4125A4D30956} - C:\Program Files (x86)\Soft2PC\soft2pcBHO.dll (Soft2PC)
O2 - BHO: (Messenger Plus FR Toolbar) - {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D8764B3486C} - No CLSID value found.
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O2 - BHO: (Surf Canyon Search Engine Assistant) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Eazel-FR Toolbar) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ooVoo Video Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus FR Toolbar) - {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Eazel-FR Toolbar) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (ooVoo Video Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (TranslatorBar 1 Toolbar) - {00BF7B9C-ACD2-4080-BEA8-B1C41987070F} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (PHPNukeFR Toolbar) - {1C491116-C175-45E1-A570-6FB14FEA8B7B} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Shareware.Pro-FR Toolbar) - {280B5D37-4A76-467A-B3D6-942FCA90ACDE} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (mywebsites.pro-FR Toolbar) - {33727F97-486D-4D19-97C3-23F432EF93FC} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Eazel-FR Toolbar) - {A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (TranslatorBar 5 Toolbar) - {B9B97401-98E1-4942-930D-C36652DAB7F2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (ooVoo Video Chat Toolbar) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [WebcammaxMoniter] C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [ccleaner] File not found
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/Gam... ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/Gam... (UnoCtrl Class)
O16 - DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} http://cdn03.oovoo.com/oovoomelink/oovoome/webvc/ooVooW... (ooVooWebCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_9418.cab (FTMediaPlayer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/download/imikimi_plugin_0.5.1.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab569... (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\SysWOW64\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4091ab22-7d9c-11de-8a8c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4091ab22-7d9c-11de-8a8c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/29 20:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover
[2011/06/29 20:00:43 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Malwarebytes
[2011/06/29 20:00:28 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/29 20:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/29 20:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/29 20:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/28 21:06:41 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\vlc
[2011/06/23 01:54:33 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Adobe
[2011/06/20 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Apple
[2011/06/17 02:12:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/17 02:12:40 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/17 02:12:39 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/17 02:12:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/15 20:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2011/06/15 20:22:19 | 000,000,000 | ---D | C] -- C:\rsit
[2011/06/15 17:49:40 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Macromedia
[2011/06/15 17:43:40 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Apple Computer
[2011/06/15 17:42:24 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Adobe
[2011/06/15 17:37:59 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\Tracing
[2011/06/15 17:36:20 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Packard Bell
[2011/06/15 17:36:15 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\WebcamMax
[2011/06/15 17:36:11 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\VirtualStore
[2011/06/14 22:24:12 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Temp
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Windows Live Writer
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Windows Live Writer
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\Documents\My Weblog Posts
[2011/06/14 21:03:39 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\TuneUp Software
[2011/06/14 21:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/06/14 21:02:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/06/11 22:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2011/06/04 20:57:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011/06/04 20:57:01 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011/06/04 20:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alot
[2011/06/04 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/06/04 20:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/06/04 20:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011/06/02 20:54:18 | 001,414,440 | ---- | C] (Nero AG) -- C:\Windows\SysWow64\ShellManager310E2D762.dll
[2011/05/31 01:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Executive Software
[2010/09/12 19:36:17 | 002,736,736 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbSoft.dll
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/29 20:27:01 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/29 20:24:32 | 000,001,692 | ---- | M] () -- C:\Users\gwenaelle\Desktop\AD-R.lnk
[2011/06/29 20:00:29 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/29 19:58:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/29 19:00:36 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2011/06/29 18:06:26 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/29 18:03:51 | 3220,414,464 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/29 11:28:05 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/06/26 14:45:22 | 000,010,990 | ---- | M] () -- C:\Users\gwenaelle\Desktop\biographie de michael jackson.rtf
[2011/06/26 14:19:18 | 000,002,419 | ---- | M] () -- C:\Users\gwenaelle\Desktop\musique de michael jackson Cède-moi ( give in to me ).rtf
[2011/06/23 02:00:47 | 000,000,104 | ---- | M] () -- C:\Users\gwenaelle\Desktop\Corbeille.lnk
[2011/06/23 01:59:47 | 000,577,867 | ---- | M] () -- C:\Users\gwenaelle\Desktop\pole-emploi.fr - Détail d'une offre.webarchive
[2011/06/15 20:06:31 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2011/06/15 19:05:22 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/15 19:05:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/15 17:43:53 | 000,000,680 | ---- | M] () -- C:\Users\gwenaelle\AppData\Local\d3d9caps.dat
[2011/06/09 13:15:08 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011/06/02 20:23:31 | 000,000,236 | ---- | M] () -- C:\Windows\wininit.ini
[2011/06/02 20:03:59 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/29 20:24:32 | 000,001,692 | ---- | C] () -- C:\Users\gwenaelle\Desktop\AD-R.lnk
[2011/06/29 20:00:29 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/26 14:45:22 | 000,010,990 | ---- | C] () -- C:\Users\gwenaelle\Desktop\biographie de michael jackson.rtf
[2011/06/26 13:56:50 | 000,002,419 | ---- | C] () -- C:\Users\gwenaelle\Desktop\musique de michael jackson Cède-moi ( give in to me ).rtf
[2011/06/23 02:00:47 | 000,000,104 | ---- | C] () -- C:\Users\gwenaelle\Desktop\Corbeille.lnk
[2011/06/23 01:59:47 | 000,577,867 | ---- | C] () -- C:\Users\gwenaelle\Desktop\pole-emploi.fr - Détail d'une offre.webarchive
[2011/06/15 17:43:52 | 000,000,680 | ---- | C] () -- C:\Users\gwenaelle\AppData\Local\d3d9caps.dat
[2011/06/02 20:54:18 | 000,773,120 | ---- | C] () -- C:\Windows\SysWow64\NEROINSTAEC43759.DB
[2010/12/26 14:44:34 | 000,099,944 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/11/01 16:45:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/10/03 20:19:54 | 000,000,949 | ---- | C] () -- C:\ProgramData\Turn Off Monitor.ini
[2010/09/12 19:36:16 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2010/08/01 20:20:36 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2010/07/12 12:36:41 | 001,053,056 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys
[2010/04/19 22:10:59 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/02/15 14:45:07 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/02/15 14:44:33 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/02/15 14:44:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/02/14 19:13:34 | 000,000,840 | ---- | C] () -- C:\Windows\_delis32.ini
[2010/02/07 15:01:00 | 000,000,236 | ---- | C] () -- C:\Windows\wininit.ini
[2010/02/07 15:00:10 | 000,000,102 | ---- | C] () -- C:\Windows\Kit.ini
[2010/02/06 10:59:56 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/01/25 12:55:45 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/01/25 12:55:38 | 000,008,468 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/07/31 08:48:28 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/06/26 18:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2009/02/04 21:33:43 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/02/04 21:26:28 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\hidservice.ini
[2009/02/04 20:31:55 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\SysWow64\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP

1B5B4F1

< End of report >

mtn je vais faire l'option "nettoyer" d'ad-r

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 18:51:35

Ok pas de soucis

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 19:05:04

voici le resulta de "nettoyer" d'ad-r

http://www.cijoint.fr/cjlink.php?file=cj201106/cijRL5Ig...

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 19:08:02

Refait un scan OTL pour voir si il y a encore des traces

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 19:13:11

d'acor le scan de OTL ce fait

| Alerter

Répondre à Tunisiennedu49

Tunisiennedu49

29 Juin 2011 19:22:08

voici le resulta du scan de OTL.!

http://www.cijoint.fr/cjlink.php?file=cj201106/cijdeUVG...

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 19:33:38

Voilà, sa va déjà un peu mieux mais c'est pas fini, je te prépare un fix OTL, faut un peu patientez le temps que je lise chaque ligne du rapport

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 19:55:10

d'acord

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 20:47:05

Voici la suite,
/!\ Enregistre tout tes fichiers importants sur un périphérique externe /!\

[#ff9000]Fix OTL :[/#ff]

Relance OTL.exe.

Copie exactement le texte ci-dessous :

:OTL
IE - HKLM\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
[2010/11/09 22:10:22 | 000,000,000 | ---D | M] (Toolbar Iadah) -- C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com
O2 - BHO: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O2 - BHO: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O2 - BHO: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus FR Toolbar) - {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O2 - BHO: (Eazel-FR Toolbar) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O2 - BHO: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O2 - BHO: (ooVoo Video Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus FR Toolbar) - {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Eazel-FR Toolbar) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (ooVoo Video Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (TranslatorBar 1 Toolbar) - {00BF7B9C-ACD2-4080-BEA8-B1C41987070F} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (PHPNukeFR Toolbar) - {1C491116-C175-45E1-A570-6FB14FEA8B7B} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Shareware.Pro-FR Toolbar) - {280B5D37-4A76-467A-B3D6-942FCA90ACDE} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (mywebsites.pro-FR Toolbar) - {33727F97-486D-4D19-97C3-23F432EF93FC} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Eazel-FR Toolbar) - {A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (TranslatorBar 5 Toolbar) - {B9B97401-98E1-4942-930D-C36652DAB7F2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (ooVoo Video Chat Toolbar) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D1B5B4F1
:commands
[emptytemp]

Colle-le dans le cadre Personnalisation en bas à gauche.

Clique sur le bouton [#ff9000]Correction[/#ff] en haut à gauche.

Si le pc te demande de redémarrer, confirme l'opération.

Un rapport après le redémarrage va apparaître, copie/colle-le dans ta prochaine réponse.

| Alerter

Répondre à help-manformatique

Tunisiennedu49

29 Juin 2011 21:20:47

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ deleted successfully.
C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{3d4d238c-9c48-47cd-a95c-53259acf9e56} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ deleted successfully.
C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ deleted successfully.
C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ deleted successfully.
C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{280b5d37-4a76-467a-b3d6-942fca90acde}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ deleted successfully.
C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33727f97-486d-4d19-97c3-23f432ef93fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727f97-486d-4d19-97c3-23f432ef93fc}\ deleted successfully.
C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ not found.
File C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ deleted successfully.
C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b9b97401-98e1-4942-930d-c36652dab7f2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ deleted successfully.
C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ not found.
File C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{280b5d37-4a76-467a-b3d6-942fca90acde} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ not found.
File FR\tbSha1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{33727f97-486d-4d19-97c3-23f432ef93fc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727f97-486d-4d19-97c3-23f432ef93fc}\ not found.
File FR\tbmyw0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3d4d238c-9c48-47cd-a95c-53259acf9e56} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ not found.
File C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
File Eng7\tbSof1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ deleted successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ not found.
File FR\prxtbEaze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ not found.
File C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00BF7B9C-ACD2-4080-BEA8-B1C41987070F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00BF7B9C-ACD2-4080-BEA8-B1C41987070F}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1C491116-C175-45E1-A570-6FB14FEA8B7B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C491116-C175-45E1-A570-6FB14FEA8B7B}\ not found.
File C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{280B5D37-4A76-467A-B3D6-942FCA90ACDE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280B5D37-4A76-467A-B3D6-942FCA90ACDE}\ not found.
File FR\tbSha1.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{33727F97-486D-4D19-97C3-23F432EF93FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727F97-486D-4D19-97C3-23F432EF93FC}\ not found.
File FR\tbmyw0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{59994074-C06D-4A75-9768-49E5A8C21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-C06D-4A75-9768-49E5A8C21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
File C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE}\ not found.
File FR\prxtbEaze.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B9B97401-98E1-4942-930D-C36652DAB7F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9B97401-98E1-4942-930D-C36652DAB7F2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E5A1E26F-0D1D-4307-868F-FBD9A374AB54} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5A1E26F-0D1D-4307-868F-FBD9A374AB54}\ not found.
File C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll not found.
ADS C:\ProgramData\TEMP

1B5B4F1 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: gwenaelle
->Temp folder emptied: 1995894 bytes
->Temporary Internet Files folder emptied: 16612410 bytes
->Apple Safari cache emptied: 43438080 bytes
->Flash cache emptied: 19317 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 551424 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6043 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2284964 bytes

Total Files Cleaned = 62,00 mb

OTL by OldTimer - Version 3.2.24.2 log created on 06292011_230104

Files\Folders moved on Reboot...
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background-banner-middle-v3[1].jpg moved successfully.
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background-banner-right-v3[1].jpg moved successfully.
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background_banner_green_50_v3[1].jpg moved successfully.
File\Folder C:\Windows\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...

| Alerter

Répondre à Tunisiennedu49

help-manformatique

29 Juin 2011 21:22:32

1)

[#ff9000]TDSS Killer[/#ff]

telecharge sur ton bureau http://support.kaspersky.com/downloads/utils/tdsskiller... , dezippe le et execute le , un rapport sera crée ici:

C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/utils/tdsskiller...

o execute le , La fenêtre suivante va s'ouvrir::

o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:

o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

o Si Suspicious file est indiqué, laisse l'option cochée sur Skip

o Clique sur Continue puis sur Reboot now pour redémarrer le PC.

o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

tutoriel--> http://support.kaspersky.com/viruses/solutions?qid=2082...

| Alerter

Répondre à help-manformatique

Tunisiennedu49

30 Juin 2011 10:25:25

http://www.cijoint.fr/cjlink.php?file=cj201106/cijpxeMB...

sa me mes une fenetre comme sa apret le scan moi

| Alerter

Répondre à Tunisiennedu49

help-manformatique

30 Juin 2011 14:57:41

C'est bon, Fait un dernier OTL pour voir si tu es encore infecté

| Alerter

Répondre à help-manformatique

Tunisiennedu49

1 Juillet 2011 15:46:02

Dèsolè de te dire sa mes sa me deconecte toujour tout seul.! HELP

| Alerter

Répondre à Tunisiennedu49

Tunisiennedu49

1 Juillet 2011 15:56:52

OTL logfile created on: 01/07/2011 17:46:16 - Run 4
OTL by OldTimer - Version 3.2.24.2 Folder = C:\Users\gwenaelle\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 42,48% Memory free
6,20 Gb Paging File | 4,14 Gb Available in Paging File | 66,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,44 Gb Total Space | 205,95 Gb Free Space | 72,66% Space Free | Partition Type: NTFS

Computer Name: PC-DE-GWENAELLE | User Name: gwenaelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2011/01/25 09:07:44 | 022,504,120 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2010/12/09 11:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\cspep\cspep.exe
PRC - [2010/11/17 09:51:12 | 000,128,296 | ---- | M] () -- C:\Program Files (x86)\Hercules\WiFiStationN\WiFiN.exe
PRC - [2010/11/17 09:51:12 | 000,053,544 | ---- | M] (Guillemot Corporation) -- C:\Windows\SysWOW64\HerculesWiFiService.exe
PRC - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/08/05 09:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2010/06/30 17:49:34 | 000,207,968 | ---- | M] (Globe7 HK Ltd) -- C:\Program Files (x86)\adobs\msats.exe
PRC - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2009/06/26 18:24:16 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2008/09/18 11:13:00 | 000,099,896 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe
PRC - [2008/09/18 11:13:00 | 000,079,416 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe
PRC - [2008/07/07 17:26:28 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
PRC - [2008/05/29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) -- C:\Windows\SysWOW64\HidService.exe
PRC - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

========== Modules (SafeList) ==========

MOD - [2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/11/17 09:51:12 | 000,053,544 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\\HerculesWiFiService.exe -- (HerculesWiFi)
SRV - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/06/30 17:49:34 | 000,207,968 | ---- | M] (Globe7 HK Ltd) [Auto | Running] -- C:\Program Files (x86)\adobs\msats.exe -- (Log Events)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/03/30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/04 21:35:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/05/29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) [Auto | Running] -- C:\Windows\SysWow64\HidService.exe -- (GenericHidService)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)

========== Driver Services (SafeList) ==========

DRV - [2010/02/11 21:35:50 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/01/25 07:41:46 | 000,466,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSviA64.sys -- (IDSVia64)
DRV - [2008/07/16 13:56:06 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a2e800d90000000000000008d3830e73&tlver=1.4.19.19&ss=1&affID=18026
IE - HKLM\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/home.php?ref=hp [binary data]
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&mntrId=a2e800d9...
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/07/09 14:33:16 | 000,000,000 | ---D | M]

[2011/06/29 23:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/11 13:43:57 | 000,000,000 | ---D | M] (SC) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D1F30069-9E00-468c-8CB6-3FB6C4ECE8C6}
[2011/06/29 21:47:53 | 000,002,428 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/03/31 13:19:50 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchAdj.xml

O1 HOSTS File: ([2006/09/18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D8764B3486C} - No CLSID value found.
O2 - BHO: (Surf Canyon Search Engine Assistant) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - File not found
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [WebcammaxMoniter] C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [ccleaner] File not found
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/Gam... ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/Gam... (UnoCtrl Class)
O16 - DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} http://cdn03.oovoo.com/oovoomelink/oovoome/webvc/ooVooW... (ooVooWebCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_9418.cab (FTMediaPlayer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/download/imikimi_plugin_0.5.1.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab569... (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\SysWOW64\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4091ab22-7d9c-11de-8a8c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4091ab22-7d9c-11de-8a8c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/29 23:01:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/29 21:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2011/06/29 20:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover
[2011/06/29 20:00:43 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Malwarebytes
[2011/06/29 20:00:28 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/29 20:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/29 20:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/29 20:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/29 18:32:42 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
[2011/06/28 21:06:41 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\vlc
[2011/06/23 01:54:33 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Adobe
[2011/06/20 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Apple
[2011/06/17 02:12:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/17 02:12:40 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/17 02:12:39 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/17 02:12:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/15 20:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2011/06/15 20:22:19 | 000,000,000 | ---D | C] -- C:\rsit
[2011/06/15 17:49:40 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Macromedia
[2011/06/15 17:43:40 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Apple Computer
[2011/06/15 17:42:24 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Adobe
[2011/06/15 17:37:59 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\Tracing
[2011/06/15 17:36:20 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Packard Bell
[2011/06/15 17:36:15 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\WebcamMax
[2011/06/15 17:36:11 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\VirtualStore
[2011/06/14 22:24:12 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Temp
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Windows Live Writer
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Windows Live Writer
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\Documents\My Weblog Posts
[2011/06/14 21:03:39 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\TuneUp Software
[2011/06/14 21:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/06/14 21:02:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/06/11 22:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2011/06/04 20:57:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011/06/04 20:57:01 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011/06/04 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/06/04 20:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/06/04 20:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011/06/02 20:54:18 | 001,414,440 | ---- | C] (Nero AG) -- C:\Windows\SysWow64\ShellManager310E2D762.dll
[2010/09/12 19:36:17 | 002,736,736 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbSoft.dll

========== Files - Modified Within 30 Days ==========

[2011/07/01 17:27:04 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/01 17:27:04 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/01 16:59:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/01 16:59:52 | 3220,414,464 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/29 20:24:32 | 000,001,692 | ---- | M] () -- C:\Users\gwenaelle\Desktop\AD-R.lnk
[2011/06/29 20:00:29 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/29 19:00:36 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
[2011/06/29 11:28:05 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/06/23 02:00:47 | 000,000,104 | ---- | M] () -- C:\Users\gwenaelle\Desktop\Corbeille.lnk
[2011/06/15 20:06:31 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2011/06/15 19:05:22 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/15 19:05:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/15 17:43:53 | 000,000,680 | ---- | M] () -- C:\Users\gwenaelle\AppData\Local\d3d9caps.dat
[2011/06/09 13:15:08 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011/06/02 20:23:31 | 000,000,236 | ---- | M] () -- C:\Windows\wininit.ini
[2011/06/02 20:03:59 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini

========== Files Created - No Company Name ==========

[2011/06/29 20:24:32 | 000,001,692 | ---- | C] () -- C:\Users\gwenaelle\Desktop\AD-R.lnk
[2011/06/29 20:00:29 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/23 02:00:47 | 000,000,104 | ---- | C] () -- C:\Users\gwenaelle\Desktop\Corbeille.lnk
[2011/06/15 17:43:52 | 000,000,680 | ---- | C] () -- C:\Users\gwenaelle\AppData\Local\d3d9caps.dat
[2011/06/02 20:54:18 | 000,773,120 | ---- | C] () -- C:\Windows\SysWow64\NEROINSTAEC43759.DB
[2010/12/26 14:44:34 | 000,099,944 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/11/01 16:45:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/10/03 20:19:54 | 000,000,949 | ---- | C] () -- C:\ProgramData\Turn Off Monitor.ini
[2010/09/12 19:36:16 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2010/08/01 20:20:36 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2010/07/12 12:36:41 | 001,053,056 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys
[2010/04/19 22:10:59 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/02/15 14:45:07 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/02/15 14:44:33 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/02/15 14:44:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/02/14 19:13:34 | 000,000,840 | ---- | C] () -- C:\Windows\_delis32.ini
[2010/02/07 15:01:00 | 000,000,236 | ---- | C] () -- C:\Windows\wininit.ini
[2010/02/07 15:00:10 | 000,000,102 | ---- | C] () -- C:\Windows\Kit.ini
[2010/02/06 10:59:56 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/01/25 12:55:45 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/01/25 12:55:38 | 000,008,468 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/07/31 08:48:28 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/06/26 18:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2009/02/04 21:33:43 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/02/04 21:26:28 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\hidservice.ini
[2009/02/04 20:31:55 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\SysWow64\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP

1B5B4F1

< End of report >

| Alerter

Répondre à Tunisiennedu49