Sujet Précédent Sujet Suivant

Pc rame, voici un log hijackthis

Résolu/Fermé
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013 - 15 janv. 2010 à 00:44
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 - 11 mars 2010 à 00:30
Bonjour, mon pc est de plus en plus lent. je vous poste un log hijackthis. d'avance merci de m'aider

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:26:58, on 15/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Downloads\Sanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dailymotion.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=14978&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll (file missing)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: FCTBPos00Pos - {178E24B8-CAB5-4B50-A841-CB18A8DDBFB6} - C:\Program Files\Is Cool\Toolbar.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {326FBCD5-6330-454B-AE5B-643CACF4CF46} - (no file)
O2 - BHO: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7A91F069-BAF9-41D0-9127-05A591FF6D87} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A38C3E02-3AB6-4C97-A184-5A70F20CFFE3} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: (no name) - {e6fa0869-4262-437f-a9f9-74954f326b4b} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll
O3 - Toolbar: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Systran40premi.IEPlugIn - {D3919E1A-D6A5-11D6-AC3E-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O3 - Toolbar: Is Cool - {CA127536-050A-49DF-B02A-3CE87231D790} - C:\Program Files\Is Cool\Toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSPM Startup] c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [iasqm] "c:\documents and settings\propriétaire\local settings\application data\iasqm.exe" iasqm
O4 - HKCU\..\Run: [Ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: orbit.lnk = ?
O4 - Global Startup: Post-it® Digital Notes.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZCfox000
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Propriétaire\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Fichiers communs\BCL Technologies\easyPDF 5\bepldr.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:

49 réponses

Réponse 1 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
15 janv. 2010 à 02:01
Salut kermenguys


Poste ces rapports plus complets, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++ :)
0
Réponse 2 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
15 janv. 2010 à 08:10
salut dédétraqué,
je n'arrive pas à installer RSIT.exe, quand je double clique dessus, il commence à s'intaller et il y a un message d'erreur:

AUTOLT ERROR
line-1:
Error: Subscript used with non-array variable.
OK

il se ferme .tu as une explication? merci
@++
0
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 571
15 janv. 2010 à 12:51
Salut à vous,

Pour le soucis avec RSIT, tu as la solution ici : https://www.commentcamarche.net/faq/25150-rsit-autoit-error

PS : le rapport hijackthis a été fait en mode sans échec ???

@ +
0
Réponse 3 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
15 janv. 2010 à 12:45
Salut kermenguys


Télécharge Navilog1 (de IL-MAFIOSO) sur le bureau http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Double clique sur navilog1 présent sur le bureau

- Appuie sur F ou f valide par Entrée

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

- Choisis l'option 1 appuie sur la touche Entrée pour valider ton choix.

- Patiente jusqu'au message :
*** Scan terminée le..... ***

- Le scan fini un rapport sera affiché poste le contenu de ce rapport.
- Si le résultat du scan ne s'affiche pas tu le trouvera dans C:\cleannavi.txt.

Note : Désactive ton Antivirus et antispyware
https://forum.pcastuces.com/default.asp


@++ :)
0
Réponse 4 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
15 janv. 2010 à 15:55
salut dédétraqué,
j'ai eu quelque pbm avec navilog, il plante le pc avant la fin
je n'ai réussi à le faire fonctionner qu'en mode sans echec, donc le log a été obtenu de cette manière. je ne sais pas si ça te convient? je le poste quand même!

p.s.:ced_king concernant ta question, non le rapport hijackthis n'a pas été fait en mode sans échec

________________________________________________________________________________________

Search Navipromo version 3.7.1 commencé le 15/01/2010 à 15:16:24,70

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Propriétaire ( Administrator )
BOOT : Fail-safe boot

Antivirus : avast! antivirus 4.8.1368 [VPS 100115-0] 4.8.1368 (Not Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:5 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)


Recherche executé en mode sans échec

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\PropriÚtaire\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\AGNES\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ANAS~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\CLAUDE\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\florian\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\PropriÚtaire\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\AGNES\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ANAS~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\CLAUDE\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\florian\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\PropriÚtaire\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\AGNES\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ANAS~1\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\CLAUDE\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\florian\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\PropriÚtaire\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\AGNES\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ANAS~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\CLAUDE\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\florian\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iasqm"="\"c:\\documents and settings\\propriétaire\\local settings\\application data\\iasqm.exe\" iasqm"


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\PropriÚtaire\locals~1\applic~1" :


* Dans "C:\DOCUME~1\AGNES\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ANAS~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\CLAUDE\locals~1\applic~1" :


* Dans "C:\DOCUME~1\florian\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 15/01/2010 à 15:30:58,76 ***
_______________________________________________________________________________________
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
16 janv. 2010 à 00:40
Salut kermenguys


Une vieille version de Navilog et rien bien important dans ce rapport, seulement une clé de registre ce que je doutais bien.

Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur OK

- Si MalwareByte's n'a rien détecté, clique sur OK Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur OK

Tutoriel pour MalwareByte's ici :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/


@++ :)
P.S - Voir avec la solution de Ced_King pour RSIT
0
Réponse 6 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
16 janv. 2010 à 10:02
salut dédétraqué,

voilà le rapport MalwareByte's:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3510
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

16/01/2010 09:07:29
mbam-log-2010-01-16 (09-07-29).txt

Type de recherche: Examen complet (C:\|J:\|)
Eléments examinés: 329889
Temps écoulé: 1 hour(s), 0 minute(s), 5 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 16

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Typelib\{56acb669-4139-5611-cbba-f5acb0f4db09} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\LEO0WTUNO7 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\J8RPLTROBQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iasqm (Trojan.Agent.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\gitoribo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pihuzura.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ritiromo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vulakiye.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\Navilog1\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
J:\sauvegarde de Claude\téléchargement firefox\téléchargement Firefox\Numero.de.serie.adobe.acrobat.9.pro.free.45150.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
J:\sauvegarde de Claude\téléchargement firefox\téléchargement Firefox\1_Million_ser\1 Million serials of softwares By yagami\BONUS\DivX\DVT-Keymaker.exe (Malware.Packer) -> Quarantined and deleted successfully.
J:\sauvegarde de Claude\téléchargement firefox\téléchargement Firefox\1_Million_ser\1 Million serials of softwares By yagami\BONUS\WinRAR\WinRAR patch\RAR Slayer v1.1.exe (Malware.Tool) -> Quarantined and deleted successfully.
J:\sauvegarde de Claude\téléchargement firefox\téléchargement Firefox\Winrar v3.90 32bits\keyGen.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\ANAÏS\Application Data\SYSTEM32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\SYSTEM32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\temp\mc22.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\temp\d.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\temp\e.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\temp\f.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\temp\sshnas.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

@++
0
Réponse 7 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
16 janv. 2010 à 10:51
salut à tous,
pour la solution de ced_king pour RSIT, on demande d'inserer le cd de windows XP service pack 3, or je n'est que le cd du SP2. est-ce important d'avoir le cd du SP3? si oui, vu que j'ai installé le SP3 en le téléchargeant, faut-il le mettre sur cd ou bien est-il quelque part sur mon disque dur?si il est sur le DD, pouvez-vous me dire où et si on peut faire les modif sans le mettre sur cd? d'avance merci
0
Réponse 8 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
16 janv. 2010 à 19:18
Salut kermenguys


Laisse tomber pour RSIT, on verra avec un autre logiciel.

Important Désactive TeaTimer le résident de Spybot pour le reste de la désinfection, il va gêner la désinfection en empêchant la modification des BHO


- Démarre Spybot clique sur Mode coche Mode avancé
- A gauche clique sur Outils ==> Résident

- Décoche la case devant Résident "TeaTimer", voir la capture :

http://apu.mabul.org/up/5/apu-5-gpdx9e06cwz2dypom2q7n6nc.jpg

- Quitte Spybot


-----

[*]Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

Déconnecte-toi et ferme toutes applications en cours

[*]Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
[*]Double-clique sur l'icône AD-Remover située sur ton Bureau
[*]Au menu principal, choisis l'option L.
[*]Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

Aide : https://kerio.probb.fr/t3786-tuto-ad-remover


@++ :)
0
Réponse 9 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
16 janv. 2010 à 21:29
salut dédétraqué,

voici le rapport AD-Remover:

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_H | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 16.01.2010 à 18:36
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:46:46, 16/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: PROPRI-A5E5166D | Utilisateur actuel: Propri‚taire
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
C:\Windows\Installer\147384.msi
C:\WINDOWS\system32\config\systemprofile\Application Data\Dealio
C:\Documents and Settings\CLAUDE\Application Data\Dealio
C:\Documents and Settings\florian\Application Data\Dealio
C:\Documents and Settings\florian\Local Settings\Application Data\Winamp Toolbar\ieToolbar
C:\WINDOWS\system32\config\systemprofile\Application Data\Search Settings
C:\Documents and Settings\CLAUDE\Application Data\Search Settings
C:\Documents and Settings\florian\Application Data\Search Settings

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\AskHomepage
HKCU\software\appdatalow\AskToolbarInfo
HKCU\software\Ask.com
HKCU\software\Dealio
HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{C94E154B-1459-4A47-966B-4B843BEFC7DB}
HKCU\software\Search Settings
HKLM\software\appdatalow\AskBarDis
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\software\classes\appid\GenericAskToolbar.DLL
HKLM\software\classes\AxMetaStream.MetaStreamCtl
HKLM\software\classes\AxMetaStream.MetaStreamCtl.1
HKLM\software\classes\AxMetaStream.MetaStreamCtlSecondary
HKLM\software\classes\AxMetaStream.MetaStreamCtlSecondary.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
HKLM\software\classes\SearchSettings.BHO
HKLM\software\classes\SearchSettings.BHO.1
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{4F7D1B07-6203-41F0-947B-A29CC9ECD9B0}
HKLM\Software\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
HKLM\software\Dealio
HKLM\software\MetaStream
HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Plugin
HKLM\software\microsoft\shared tools\msconfig\startupreg\SearchSettings
HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0292226F570267D459357AF78015E534
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\03285961954D5824C85975D955031EE8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AC3985F4D64C2245A96D31569D1BF40
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\855847FA0E25FBA46B8516389DFDD4B3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9DC2844D0E3E8924C8973C3B3BAE1F58
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\AFEB575AA30ACB243B748619F62F0782
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F461B8DD96FF5AA41A52D14E1D7B69C7
HKLM\software\microsoft\windows\currentversion\uninstall\ViewpointMediaPlayer
HKLM\software\Search Settings
HKLM\software\Trymedia Systems
HKLM\software\Viewpoint
HKU\.default\software\Dealio
HKU\.default\software\Search Settings
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.7 [fr] *
.
Nom du profil: znakvopg.default (Propri‚taire)
.
(PROPRI~1, prefs.js) Browser.download.dir, C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\téléchargement Firefox
(PROPRI~1, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\téléchargement Firefox
(PROPRI~1, prefs.js) Browser.startup.homepage, hxxp://www.google.com/intl/fr/
(PROPRI~1, prefs.js) Extensions.enabledItems, DTToolbar@toolbarnet.com:1.0.8.0552,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,jqs@sun.com:1.0,jiwack@akryus.net:2.3.3.9,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
.
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Enable Browser Extensions: yes
Use Search Asst: no
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\ANAØS\Application Data\BitTorrent\open canvas plus 4.0 with serial .rar.torrent
C:\Documents and Settings\ANAØS\Application Data\BitTorrent\Winrar 3.71 French + Keygen.torrent
C:\Documents and Settings\CLAUDE\Mes documents\CLAUDE\logiciels\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial).rar
C:\Documents and Settings\CLAUDE\Mes documents\logiciels\DvdReMake.Pro.v3.1.4.Retail.Cracked-WDYL.rar
C:\Documents and Settings\CLAUDE\Mes documents\logiciels\DvdReMake_Pro_v3.5.3_CRACKED.rar
C:\Documents and Settings\CLAUDE\Mes documents\logiciels\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial).rar
C:\Documents and Settings\CLAUDE\Mes documents\logiciels\DvdReMake.Pro.v3.1.4.Retail.Cracked-WDYL\dvdremakepro.exe
C:\Documents and Settings\CLAUDE\Mes documents\logiciels\DvdReMake.Pro.v3.1.4.Retail.Cracked-WDYL\wdyl.nfo
C:\Documents and Settings\Propri‚taire\Application Data\BitTorrent\Adobe Acrobat 9 Pro Extended Serial with Patch Only [MKDEV TEAM].torrent
C:\Documents and Settings\Propri‚taire\Application Data\BitTorrent\Adobe.Audition.v3.WinAll.Cracked-NoPE.torrent
C:\Documents and Settings\Propri‚taire\Local Settings\temp\-{SUMOTorrent.com}-_Nero_9_Keygen_ST2632221.torrent
C:\Documents and Settings\Propri‚taire\Local Settings\temp\Adobe Acrobat 9 Pro Extended Serial with Patch Only [MKDEV TEAM].torrent
C:\Documents and Settings\Propri‚taire\Local Settings\temp\Adobe Acrobat 9 Pro Extended Serial( In ISO Format Not ISZ ).torrent
C:\Documents and Settings\Propri‚taire\Local Settings\temp\Lightroom Keygen.exe
C:\Documents and Settings\Propri‚taire\Local Settings\temp\Nero 9 Premium (+KeyGen)-exe.torrent
C:\Documents and Settings\Propri‚taire\Local Settings\temp\Nero 9 ULTRA EDITION + SERIALS (FULL WORKING).torrent
C:\Documents and Settings\Propri‚taire\Local Settings\temp\Nero.v9.4.13.2.Incl.Keygen-BetaMaster.torrent
C:\Documents and Settings\Propri‚taire\Local Settings\temp\NERO02000120\backitup\program files\Nero\Nero BackItUp & Burn\Nero BackItUp\SetSerial.exe
C:\Documents and Settings\Propri‚taire\Local Settings\temp\NERO02000128\backitup\program files\Nero\Nero BackItUp & Burn\Nero BackItUp\SetSerial.exe
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Adobe Acrobat 9 Pro Extended Serial with Patch Only [MKDEV TEAM]\DAMN NFO Viewer 2.10.0032.RC3\DAMN_NFO_Viewer_v2-10-0032-RC3.exe
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Adobe Acrobat 9 Pro Extended Serial with Patch Only [MKDEV TEAM]\PATCH & SERIAL MKDEV TEAM\MKDEV TEAM Adobe.Acrobat.9.Pro.Extended.SERIAL.MKDEV.TEAM+FIX.nfo
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Adobe.Audition.v3.WinAll.Cracked-NoPE\nope.nfo
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Adobe.Audition.v3.WinAll.Cracked-NoPE\CRACK\Audition.exe
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Adobe.Audition.v3.WinAll.Cracked-NoPE\setup\Audition3_EFGJSI_Trial.exe
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Adobe.Photoshop.Lightroom.v2.0.481478.Incl.Keymaker-EMBRACE\keygen.exe
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Ink Saver 2\KeyGen\ror.nfo
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Movavi.Video.Converter.6.3.FULL.CRACKED-MKDEV.TEAM\MKDEV.nfo
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Movavi.Video.Converter.6.3.FULL.CRACKED-MKDEV.TEAM\videoconvertersetup.exe
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Movavi.Video.Converter.6.3.FULL.CRACKED-MKDEV.TEAM\CRACK.MKDEV.TEAM\CRACK.MKDEV.TEAM.rar
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Nero.v9.4.13.2.Incl.Keygen-BetaMaster\Murlok.nfo
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\divers\bit torrent\Nero.v9.4.13.2.Incl.Keygen-BetaMaster\Nero.v9.4.13.2b.Incl.Keygen-BetaMaster\Nero.v9.4.13.2b.Incl.Keygen-BetaMaster\Nero-9.4.13.2b_trial.exe
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\t‚l‚chargement Firefox\acronis-true-image-home-2010 + crack.rar
C:\Documents and Settings\Propri‚taire\Mes documents\CLAUDE\t‚l‚chargement Firefox\acronis-true-image-home-2010 + crack\acronis-true-image-home-2010 + crack\acronis-true-image-home-2010_acronis_true_image_home_2010_13_build_6053_francais_47746.exe
C:\Documents and Settings\Propri‚taire\Mes documents\logiciels\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial).rar
C:\Documents and Settings\Propri‚taire\Mes documents\logiciels\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\zzz - Nero 7 Premium 7.5.9.0.exe
C:\Documents and Settings\Propri‚taire\Mes documents\logiciels\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\Nero 7.x.x.x - Keymaker\N7Kg.exe
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\bit torrent\Movavi.Video.Converter.6.3.FULL.CRACKED-MKDEV.TEAM\CRACK.MKDEV.TEAM\MKDEV.nfo
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\bit torrent\Movavi.Video.Converter.6.3.FULL.CRACKED-MKDEV.TEAM\CRACK.MKDEV.TEAM\VideoConverter.exe
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\bit torrent\Movavi.Video.Converter.6.3.FULL.CRACKED-MKDEV.TEAM\CRACK.MKDEV.TEAM\CRACK.MKDEV.TEAM\MKDEV.nfo
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\bit torrent\Movavi.Video.Converter.6.3.FULL.CRACKED-MKDEV.TEAM\CRACK.MKDEV.TEAM\CRACK.MKDEV.TEAM\VideoConverter.exe
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\Nouveau dossier (2)\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\zzz - Nero 7 Premium 7.5.9.0.exe
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\Nouveau dossier (2)\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\zzz - Nero 7 Premium 7.5.9.0.exe
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\Nouveau dossier (2)\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\Nero 7.x.x.x - Keymaker\N7Kg.exe
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\zzz - Nero 7 Premium 7.5.9.0.exe
C:\Documents and Settings\Propriétaire\Mes documents\CLAUDE\divers\zzz - Nero 7 Premium 7.5.9.0 - Multilangages(Incl-Serial)\Nero 7.x.x.x - Keymaker\N7Kg.exe
.
===================================
.
1116 Octet(s) - C:\Ad-Report-CLEAN[1].log
13906 Octet(s) - C:\Ad-Report-CLEAN[2].log
.
5076 Fichier(s) - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
460 Fichier(s) - C:\WINDOWS\Temp
11 Fichier(s) - C:\WINDOWS\Prefetch
.
20 Fichier(s) - C:\Ad-Remover\BACKUP
1299 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 21:09:58 | 16/01/2010 - CLEAN[2]
.
============== E.O.F ==============
.
à te relire @+
0
Réponse 10 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
16 janv. 2010 à 22:27
Salut kermenguys


Beaucoup de cracks sur le PC, je te met en garde sur le téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..) http://forum.malekal.com/ftopic893.php


Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Double clique sur OTL.exe pour lancer le.
- Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche "Minimal Output". Fais de même avec "Scan All Users".
- Coche également les cases à côté de "LOP Check" et "Purity Check".
- Sous Custom Scans (en bas), copie/colle ceci :

%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.

- Clique sur le bouton Run Scan.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

- Copie/colle ici le contenu des deux fichiers. Utilise un message par rapport.


@++ :)
0
Réponse 11 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
17 janv. 2010 à 01:19
voilà le rapport Extras.txt:

OTL Extras logfile created on: 17/01/2010 00:39:38 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Propriétaire\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 022,00 Mb Total Physical Memory | 513,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 93,68 Gb Free Space | 40,23% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PROPRI-A5E5166D
Current User Name: Propriétaire
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-299502267-616249376-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntiVirusOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AOL 9.0a\waol.exe" = C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\Is Cool\TroubleShooter.exe" = C:\Program Files\Is Cool\TroubleShooter.exe:*:Enabled:Is Cool (Helper) -- (FreeCause Inc.)
"C:\Program Files\Is Cool\ToolbarUpdate.exe" = C:\Program Files\Is Cool\ToolbarUpdate.exe:*:Enabled:Is Cool (Update) -- (FreeCause Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"C:\Program Files\adslTV\adsltv.exe" = C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv -- (adsltv.org)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0004040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 CD-ROM 2
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02245a87-74c1-4b5b-a08b-8bc0e2e532dd}" =
"{038A524F-58DB-438A-8391-8F7F0CA14B9E}" = Microsoft® Winter Fun Pack 2004 for Windows® XP
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0c1c8f77-9047-4b9d-9def-5714f549b324}" =
"{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{11e3f6c6-e5c9-4e53-ac99-7a1bf77d06b1}" =
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14bdd562-f374-4306-8828-4a49017d7164}" = SecurDisc Viewer
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{18148c5e-d5f5-4ce1-abec-9c14f091051e}" =
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1b6bf4cd-320d-4259-92e7-b6a99039dec8}" =
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Giga Ethernet Utility
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{21C6344A-918B-4D35-ADB6-7614F97B78EA}" = Sony Media Manager for PSP 3.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{235BBFC6-D863-4066-A01A-3BD504C31036}" = Nero 7 Ultra Edition
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2C3738C9-56FA-410A-BCB5-79C5DFD238F0}" = TuneUp Utilities 2004
"{2e2f95f5-d5e2-4591-bcce-5c9293bfdb3f}" = Nero 9 Trial
"{2e5c9fbc-e1ed-4506-8247-5a226196810f}" =
"{326aa303-0e7b-4eee-a43c-0e99637f6c92}" =
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{357863f3-89bc-48b5-b88b-3f128c8bf470}" =
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3B278088-36FD-4AE5-9676-5AC836E08D41}" = MiCôSystème
"{3cdee24e-fecc-49c5-8c86-67463cf6a6cd}" =
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4025244F-7F7C-4AB8-BF9A-F4A017AE6674}" = InkSaver
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4FFB0B3B-BF82-4248-A275-630AC5F7EFC5}" = Adobe Photoshop Lightroom 2.4
"{523B1E21-0B29-4402-9B8A-339086462028}_is1" = VirtualDub-MPEG2 v1.6.15 b24600 Fr
"{530AFAFF-6F0A-48BB-88D0-04F9658322D3}" = Adobe Premiere Elements 3.0
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{53d1a2fb-1b7c-49ba-9136-73e2d067acd0}" =
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5cde9cb1-d7f9-4fe1-adec-3ce68697a859}" =
"{5DB51C61-5EB5-4615-BF65-687034EA7E21}" = Micro Application - Vos Photos à la Télé sur CD-DVD 2006
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5ee92490-6b62-4304-bb5b-08426f6c7fe9}" =
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69d61035-5fb4-415d-80ab-84bc35aa8c75}" =
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EACDDF4-4220-49A3-9204-984C86852C3D}" = Adobe Premiere Elements 3.0 Templates
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74086643-8CB3-4AF7-B590-9390EBF9D496}" = Paint.NET v3.01
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.7
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9e2d6170-fe83-45ab-b301-33a4b5e65570}" = SecurDisc Viewer
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}" = Hercules Webcam
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.0 - Français
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AD7E724E-700B-40C4-8AE3-9CCA8EFBF9E8}" = Nitro PDF Professional
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AEM384L1-28E3-1232-1233-1JD74JDIEK32}_is1" = PDFTigerDriver
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C179292C-735A-47EC-AD6D-AC6C6BE20017}" = VirginMega.Fr Premium
"{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}" = Acronis True Image Home
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}" = Search Settings 1.2
"{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}" = Hercules WebCam Station
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 Trial
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{D4A8FCAB-9D30-4509-A3F1-D0B7E1BE9F00}" = Devil May Cry 3 Special Edition
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 ESD
"{D7E7EC5E-4349-4E40-B37C-4342188B86EC}" = Monopoly
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DE252510-5687-4C60-A705-C43E19F12C9D}_is1" = PDFTiger Kernel
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{DFC6573E-124D-4026-BFA4-B433C9D3FF21}" = ISO Recorder
"{E1423608-F529-40A1-93CA-C7F396F30DF0}" = Google SketchUp
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E5430A11-6799-41E0-A9D5-F68BDC67AAD8}" = OpenOffice.org 2.1
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{e66a74ba-d847-4af3-af04-d158d69f3a27}" =
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ec4c13c7-718d-49f8-88e4-82de64058a8a}" =
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"3D Ultra Pinball Nascar xxx" = 3D Ultra Pinball Nascar xxx
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"AC3ACM" = AC-3 ACM Codec
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Premiere 6.0" = Adobe Premiere 6.0
"Ad-Remover" = Ad-Remover By C_XX
"adsl TV" = adsl TV
"Ask Toolbar_is1" = Ask Toolbar
"a-squared Free_is1" = a-squared Free 4.0
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"AVIcodec" = AVIcodec (remove only)
"AviScreen Classic (Freeware)_is1" = AviScreen Classic Version 1.3
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"AZPrint2" = AZPrint2
"BigNSISTest" = BigNSISTest (remove only)
"Canon ScanGear Toolbox CS 2.2" = Canon ScanGear Toolbox CS 2.2
"CCleaner" = CCleaner (remove only)
"Chopper_is1" = Chopper XP 2.7
"CloneCD" = CloneCD
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Decrypter 3.5.4.0 Fr" = DVD Decrypter 3.5.4.0 Fr
"DVD Shrink_is1" = DVD Shrink 3.2
"Fakeanoid 1.10" = Fakeanoid
"Firebird SQL Server UK" = Firebird SQL Server - MAGIX Edition
"FLVplayer" = FLV Player 1.3.3
"Google Video Uploader" = Google Video Uploader
"GoogleVideoPlayer" = Google Video Player
"HijackThis" = HijackThis 2.0.2
"hp deskjet 3820 series" = hp deskjet 3820 series (Supprimer uniquement)
"iColorFolder" = iColorFolder
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"IFOEdit 0.971 Fr" = IFOEdit 0.971 Fr
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{4025244F-7F7C-4AB8-BF9A-F4A017AE6674}" = InkSaver
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Is Cool" = Is Cool
"IsoBuster_is1" = IsoBuster 2.7
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.9.5 (Full)
"LameACM" = Lame ACM MP3 Codec
"MAGIX 3D Maker UK" = MAGIX 3D Maker (embeded)
"MAGIX Movie Edit Pro 15 Plus Download version UK" = MAGIX Movie Edit Pro 15 Plus Download version 8.0.5.8 (UK)
"MAGIX Screenshare UK" = MAGIX Screenshare 4.3.6.1987 (UK)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.5.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MKVtoolnix" = MKVtoolnix 2.3.0
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Multi Install 2.4.5" = Multi Install 2.4.5
"Multi Virus Cleaner 2009_is1" = Multi Virus Cleaner 2009
"Navilog1_is1" = Navilog1 3.7.1
"Net Transport_is1" = Net Transport 1.90.267
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Online TV Toolbar" = Online TV Toolbar
"Orbit_is1" = Orbit Downloader
"PDFTiger_is1" = PDFTiger
"PhotoFiltre" = PhotoFiltre
"PowerArchiver" = PowerArchiver
"PremElem30" = Adobe Premiere Elements 3.0
"quickSkin" = quickSkin
"RealPlayer 6.0" = RealPlayer Basic
"Replay Media Catcher2.10" = Replay Media Catcher
"Revo Uninstaller" = Revo Uninstaller 1.85
"Ri4m v5.0.1d" = Ri4m v5.0.1d
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Secured Internet Explorer" = Secured Internet Explorer
"securedie Toolbar" = securedie Toolbar
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SID Video Cutter & Splitter_is1" = SID Video Cutter & Splitter 1.8.0.2
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"ST6UNST #1" = Aston Downloader
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SUPER ©" = SUPER © Version 2008.bld.30 (Mar 22, 2008)
"SuperCopier2" = SuperCopier2
"Switch" = Switch Sound File Converter
"Systran Professional Premium 4.0" = Systran Professional Premium 4.0
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"Videovac_is1" = Videovac 1.6
"VirtualDub 1.6.9 Fr" = VirtualDub 1.6.9 Fr
"VirtualDubMOD 1.5.10.2 b2540 Fr" = VirtualDubMOD 1.5.10.2 b2540 Fr
"Virtualis Crédit Mutuel" = Virtualis Crédit Mutuel
"VLC media player" = VLC media player 1.0.3
"VobEdit 0.6 Fr" = VobEdit 0.6 Fr
"WavePad" = WavePad Uninstall
"Webshots Desktop" = Webshots Desktop
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinGTK-2_is1" = GTK+ 2.10.6 runtime environment
"WinRAR archiver" = Archiveur WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZoneAlarm" = ZoneAlarm

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-299502267-616249376-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 09/11/2009 15:25:29 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\ANAÏS\Local Settings\Temporary Internet Files\Content.IE5\V1XC7QFK\search[2]
failed, 0000A413.

Error - 22/11/2009 15:20:42 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\ANAÏS\Local Settings\Temporary Internet Files\Content.IE5\H1IR4JLQ\10[1]
failed, 0000A413.

Error - 05/12/2009 04:21:06 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\ANAÏS\APPLICATION DATA\3M\PDNOTES\PSNDATA failed, 00000005.


Error - 31/12/2009 14:19:41 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
https://www.msn.com/fr-fr?ocid=iehp failed, 00000070.

Error - 31/12/2009 14:19:51 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://estj.msn.com/br/intl/INTLChannels/js/2/setrack.js failed, 00000070.

Error - 31/12/2009 14:19:51 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://db2.stj.s-msn.com/br//hp/v12/fr-fr/js/21/hp.js failed, 00000070.

Error - 31/12/2009 14:19:52 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://analytics.live.com/Analytics/wlanalytics.js failed, 00000070.

Error - 31/12/2009 14:19:54 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://estj.msn.com/as/poll1.3/js/pudhtml.js failed, 00000070.

Error - 31/12/2009 14:20:25 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fhome.php failed, 00000070.

Error - 31/12/2009 14:20:32 | Computer Name = PROPRI-A5E5166D | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://static.ak.fbcdn.net/rsrc.php/z99GU/hash/alkn9s5f.js failed, 00000070.

[ Application Events ]
Error - 16/01/2010 08:07:31 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = ASSERT: at 0: Unlocking an unlocked container at gy.a(Boolean, String)
at
ig.a(Boolean) at bh.g() at e3.a(Message&) at System.Windows.Forms.ControlNativeWindow.OnMessage(Message&)
at
System.Windows.Forms.ControlNativeWindow.WndProc(Message&) at System.Windows.Forms.NativeWindow.Callback(IntPtr,
Int32, IntPtr, IntPtr) at System.Windows.Forms.NativeWindow.DefWndProc(Message&)
at
System.Windows.Forms.NativeWindow.WndProc(Message&) at bn.a(Message&) at System.Windows.Forms.NativeWindow.Callback(IntPtr,
Int32, IntPtr, IntPtr) at Microsoft.Win32.UnsafeNativeMethods.DefWindowProc(IntPtr,
Int32, IntPtr, IntPtr) at Microsoft.Win32.SystemEvents.WindowProc(IntPtr, Int32,
IntPtr, IntPtr) at System.Windows.Forms.UnsafeNativeMethods.PeekMessage(MSG&, HandleRef,
Int32, Int32, Int32) at System.Windows.Forms.ComponentManager.System.Windows.Forms.UnsafeNativeMethods+IMsoComponentManager.FPushMessageLoop(Int32,
Int32, Int32) at System.Windows.Forms.ThreadContext.RunMessageLoopInner(Int32, ApplicationContext)
at
System.Windows.Forms.ThreadContext.RunMessageLoop(Int32, ApplicationContext) at
System.Windows.Forms.Application.Run() at e3.h()

Error - 16/01/2010 08:08:47 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = EOF

Error - 16/01/2010 08:08:48 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = EOF

Error - 16/01/2010 08:13:46 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = ASSERT: at 0: Logic Error: A logic error was encountered when choosing
the XCZoomRect Animation path. at gy.a(Boolean, String) at gy.a(Boolean, String,
String) at r.b() at f0.g() at cs.i() at bi.a(u, fo) at if.p(Object, EventArgs) at System.Windows.Forms.MenuItem.OnClick(EventArgs)
at
System.Windows.Forms.MenuItemData.Execute() at System.Windows.Forms.Command.Invoke()
at
System.Windows.Forms.Control.WmCommand(Message&) at System.Windows.Forms.Control.WndProc(Message&)
at
System.Windows.Forms.ScrollableControl.WndProc(Message&) at System.Windows.Forms.ContainerControl.WndProc(Message&)
at
System.Windows.Forms.UserControl.WndProc(Message&) at System.Windows.Forms.ControlNativeWindow.OnMessage(Message&)
at
System.Windows.Forms.ControlNativeWindow.WndProc(Message&) at System.Windows.Forms.NativeWindow.Callback(IntPtr,
Int32, IntPtr, IntPtr) at System.Windows.Forms.NativeWindow.DefWndProc(Message&)
at
System.Windows.Forms.NativeWindow.WndProc(Message&) at e6.a(Message&) at System.Windows.Forms.NativeWindow.Callback(IntPtr,
Int32, IntPtr, IntPtr) at System.Windows.Forms.NativeWindow.DefWndProc(Message&)
at
System.Windows.Forms.NativeWindow.WndProc(Message&) at e6.a(Message&) at System.Windows.Forms.NativeWindow.Callback(IntPtr,
Int32, IntPtr, IntPtr) at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG&)
at
System.Windows.Forms.ComponentManager.System.Windows.Forms.UnsafeNativeMethods+IMsoComponentManager.FPushMessageLoop(Int32,
Int32, Int32) at System.Windows.Forms.ThreadContext.RunMessageLoopInner(Int32, ApplicationContext)
at
System.Windows.Forms.ThreadContext.RunMessageLoop(Int32, ApplicationContext) at
System.Windows.Forms.Application.Run() at e3.h()

Error - 16/01/2010 10:40:19 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = EOF

Error - 16/01/2010 10:40:41 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = EOF

Error - 16/01/2010 16:11:31 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = EOF

Error - 16/01/2010 16:11:43 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = EOF

Error - 16/01/2010 16:21:49 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = EOF

Error - 16/01/2010 16:21:58 | Computer Name = PROPRI-A5E5166D | Source = Post-it(R) Digital Notes - Lite | ID = 0
Description = EOF

[ System Events ]
Error - 16/01/2010 03:04:10 | Computer Name = PROPRI-A5E5166D | Source = Service Control Manager | ID = 7001
Description = Le service Assistance TCP/IP NetBIOS dépend du service AFD qui n'a
pas pu démarrer en raison de l'erreur : %%31

Error - 16/01/2010 03:04:10 | Computer Name = PROPRI-A5E5166D | Source = Service Control Manager | ID = 7001
Description = Le service TrueVector Internet Monitor dépend du service vsdatant
qui n'a pas pu démarrer en raison de l'erreur : %%31

Error - 16/01/2010 03:04:10 | Computer Name = PROPRI-A5E5166D | Source = Service Control Manager | ID = 7001
Description = Le service Apple Mobile Device dépend du service Pilote du protocole
TCP/IP qui n'a pas pu démarrer en raison de l'erreur : %%31

Error - 16/01/2010 03:04:10 | Computer Name = PROPRI-A5E5166D | Source = Service Control Manager | ID = 7001
Description = Le service Service Bonjour dépend du service Pilote du protocole TCP/IP
qui n'a pas pu démarrer en raison de l'erreur : %%31

Error - 16/01/2010 03:04:10 | Computer Name = PROPRI-A5E5166D | Source = Service Control Manager | ID = 7001
Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas
pu démarrer en raison de l'erreur : %%31

Error - 16/01/2010 03:04:10 | Computer Name = PROPRI-A5E5166D | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Aavmker4 AFD AmdK8 aswSP aswTdi ElbyCDIO Fips IPSec KLIF MRxSmb NetBIOS NetBT RasAcd
Rdbss
Tcpip
vsdatant

Error - 16/01/2010 03:04:33 | Computer Name = PROPRI-A5E5166D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 16/01/2010 03:04:44 | Computer Name = PROPRI-A5E5166D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman
avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 16/01/2010 04:09:16 | Computer Name = PROPRI-A5E5166D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 16/01/2010 04:12:19 | Computer Name = PROPRI-A5E5166D | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : mv614x ViaIde videX32 xfilt


< End of report >
0
Réponse 12 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
17 janv. 2010 à 01:33
le 2eme ne passe pas, je réessaierai demain

@+
0
Réponse 13 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
17 janv. 2010 à 01:46
Salut kermenguys


Utilise cjoint.com pour poster en lien ton rapport :
https://www.cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.


@++ :)
0
Réponse 14 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
17 janv. 2010 à 02:02
salut dédétraqué,

voilà le lien:
https://www.cjoint.com/?brcaUvAj1D

@+
0
Réponse 15 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
17 janv. 2010 à 23:08
Salut kermenguys


Télécharge Toolbar-S&D (de la Team IDN) sur ton Bureau.

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

- Double clique l’icône ToolBar S&D sur le bureau
- Choisi F pour français et valide
- Au menu principal de ToolBar S&D choisi l’option 1 (Recherche)
- Le menu Démarrer et les icônes vont disparaîtrent, c'est normal
- La recherche s'effectue, cela peut prendre plusieurs minutes, ne touche à rien.
- Une fois l'analyse terminée, le rapport de recherche s'ouvre dans le Bloc-Note. (Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\TB.txt)


Copier/coller le rapport dans ton prochain poste


@++ :)
0
Réponse 16 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
17 janv. 2010 à 23:34
salut dédétraqué,

voici le rapport toolbar S&D:


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1368 [VPS 100117-1] 4.8.1368 (Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:93 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 17/01/2010|23:26 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\Resources
C:\Program Files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\az.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\Config.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dtt16.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dtt32.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\favicon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameS.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameSA.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\genre.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hide.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ImageS.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ImageSA.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuTr.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Radio.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioE.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioG.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioN.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioW.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rbcheck.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rbtxt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RssA.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RssA1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\s2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\show.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\style.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_back.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\WebS.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\WebSa.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi14.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico
C:\WINDOWS\iun6002.exe

-----------\\ Extensions

(AGNES) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user

(ANAÏS) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(ANAÏS) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(ANAÏS) - {E7D21632-7AF1-62D6-9FE4-2BE8625A6FD6} => skyrock
(ANAÏS) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar

(CLAUDE) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user

(florian) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} => freecorder
(florian) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user

(Propriétaire) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search bar"="http://www.bing.com/spresults.aspx"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\PROPRI~1\Local Settings\temp\-{SUMOTorrent.com}-_Nero_9_Keygen_ST2632221.torrent
C:\DOCUME~1\PROPRI~1\Local Settings\temp\Lightroom Keygen.exe
C:\DOCUME~1\PROPRI~1\Local Settings\temp\Nero 9 Premium (+KeyGen)-exe.torrent
C:\DOCUME~1\PROPRI~1\Local Settings\temp\Nero.v9.4.13.2.Incl.Keygen-BetaMaster.torrent
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\winrar3.90 + keygen.doc
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\divers\bit torrent\Nero.v9.4.13.2.Incl.Keygen-BetaMaster
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\divers\bit torrent\Adobe.Photoshop.Lightroom.v2.0.481478.Incl.Keymaker-EMBRACE\keygen.exe
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\divers\bit torrent\Ink Saver 2\KeyGen
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\divers\bit torrent\Ink Saver 2\KeyGen\ror.nfo
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\divers\bit torrent\Nero.v9.4.13.2.Incl.Keygen-BetaMaster\Murlok.nfo
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\divers\bit torrent\Nero.v9.4.13.2.Incl.Keygen-BetaMaster\Nero.v9.4.13.2b.Incl.Keygen-BetaMaster
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\divers\bit torrent\Nero.v9.4.13.2.Incl.Keygen-BetaMaster\Nero.v9.4.13.2b.Incl.Keygen-BetaMaster\Nero.v9.4.13.2b.Incl.Keygen-BetaMaster
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\divers\bit torrent\Nero.v9.4.13.2.Incl.Keygen-BetaMaster\Nero.v9.4.13.2b.Incl.Keygen-BetaMaster\Nero.v9.4.13.2b.Incl.Keygen-BetaMaster\Nero-9.4.13.2b_trial.exe
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\téléchargement Firefox\acronis-true-image-home-2010 + crack
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\téléchargement Firefox\acronis-true-image-home-2010 + crack.rar
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\téléchargement Firefox\acronis-true-image-home-2010 + crack\acronis-true-image-home-2010 + crack
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\téléchargement Firefox\acronis-true-image-home-2010 + crack\acronis-true-image-home-2010 + crack\acronis-true-image-home-2010_acronis_true_image_home_2010_13_build_6053_francais_47746.exe
C:\DOCUME~1\PROPRI~1\Mes documents\CLAUDE\téléchargement Firefox\acronis-true-image-home-2010 + crack\acronis-true-image-home-2010 + crack\serial acronis.txt
C:\DOCUME~1\PROPRI~1\Recent\acronis-true-image-home-2010 + crack.rar.lnk
C:\DOCUME~1\ALLUSE~1\Application Data\Lavasoft\Ad-Aware\Quarantine\keygen.exe.939bea927e195da7a351b8580953fa6.a4758bb915a1c4215b46413d40bcd739.aawqff
C:\DOCUME~1\ALLUSE~1\Application Data\Lavasoft\Ad-Aware\Quarantine\keygen.exe.b8e1f3a9a899f8ea87fc8b6d9c9577c6.aawqff
C:\DOCUME~1\ALLUSE~1\Application Data\Lavasoft\Ad-Aware\Quarantine\keygen.exe.fc3c609951598d253ea16e50781538.b040bcf85b44cb401c1e105b1d6c2a81.aawqff
C:\DOCUME~1\ALLUSE~1\Application Data\Lavasoft\Ad-Aware\Quarantine\Lightroom Keygen.exe.beef448247308af841c4585dbb74b51.f9952fddae991a410c8a6db28b79a79.aawqff



1 - "C:\ToolBar SD\TB_1.txt" - 17/01/2010|23:31 - Option : [1]

-----------\\ Fin du rapport a 23:31:25,89

@+
0
Réponse 17 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
18 janv. 2010 à 00:16
Salut kermenguys


Important Désactive ton Antivirus et antispyware avant le scan avec DiagHelp :
https://forum.pcastuces.com/default.asp


Télécharge DiagHelp sur le bureau ici :

http://www.malekal.com/download/DiagHelp.zip

Lire et suivre attentivement le tutoriel ici :

http://www.malekal.com/DiagHelp/DiagHelp.php


- Choisi l'option 1 (Lister Fichiers), enregistre-le sur le bureau.

---

Utilise ensuite cjoint.com pour poster en lien ton rapport :
https://www.cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Poste aussi un nouveau rapport HijackThis


@++ :)
0
Réponse 18 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
18 janv. 2010 à 22:20
salut dédétraqué,
un léger soucis avec diaghelp: le scan s'est apparement bien déroulé mais au moment d'envoyer le fichier C:\upload_moi_xxxxxx.zip, ça ne passe pas. j'espére que ça n'est pas tres important. j'essaierai de l'envoyer plus tard. en attendant, voilà le rapport:
https://www.cjoint.com/?bswtIcQygW
0
Réponse 19 / 49
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
19 janv. 2010 à 23:30
Salut kermenguys


Faire un scan de ce fichier azylo6wu.SYS ici :

https://www.virustotal.com/gui/


Clique sur Parcourir et copie/colle ceci :
C:\WINDOWS\System32\Drivers\azylo6wu.SYS
Après tu clique sur Envoyer le fichier et attendre le résultat de l’analyse.

Si il te dit que le fichier a déjà été analysé, sélectionne le bouton :
Reanalyse le fichier maintenant et attendre le résultat de l'analyse, poste le résultat au complet.

Poste le résultat au complet

Aide : http://bibou0007.com/scans-en-ligne-f75/tutorial-sur-virustotal-t190.htm


-----


Télécharge SystemLook sur ton Bureau :
http://jpshortstuff.247fixes.com/SystemLook.exe

- Double-clique sur SystemLook.exe pour le lancer.

- Copie le contenu en gras ci-dessous et colle-le dans la zone texte de SystemLook :

:reg
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Option /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment /s

- Clique sur le bouton Look pour démarrer l'examen.
- A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.


@++ :)
0
Réponse 20 / 49
kermenguys Messages postés 44 Date d'inscription jeudi 14 janvier 2010 Statut Membre Dernière intervention 3 février 2013
20 janv. 2010 à 00:11
salut dédétraqué,
je n'ai pas trouvé azylo6wu.SYS, donc pas de scan avec virustotal
par contre, voilà le rapport de systemlook:

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 00:03 on 20/01/2010 by Propriétaire (Administrator - Elevation successful)

========== reg ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot­\Option]
(Unable to open key - key not found)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"CLASSPATH"=".;C:\Program Files\Java\jre6\lib\ext\QTJava.zip"
"CNVPATH"="C:\Program Files\Systran\4_0\Premium\Dicts"
"ComSpec"="%SystemRoot%\system32\cmd.exe"
"FP_NO_HOST_CHECK"="NO"
"LANG"="fr"
"NUMBER_OF_PROCESSORS"="2"
"OS"="Windows_NT"
"Path"="C:\Program Files\PC Connectivity Solution\;%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Ulead Systems\DVD;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\DivX Shared\;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3;C:\Program Files\Fichiers communs\Acronis\SnapAPI\"
"PATHEXT"=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH"
"PROCESSOR_ARCHITECTURE"="x86"
"PROCESSOR_IDENTIFIER"="x86 Family 15 Model 75 Stepping 2, AuthenticAMD"
"PROCESSOR_LEVEL"="15"
"PROCESSOR_REVISION"="4b02"
"QTJAVA"="C:\Program Files\Java\jre6\lib\ext\QTJava.zip"
"TEMP"="%SystemRoot%\TEMP"
"TMP"="%SystemRoot%\TEMP"
"tvdumpflags"="8"
"windir"="%SystemRoot%"


-=End Of File=-
0