Sujet Précédent Sujet Suivant

Trojon win32:swizzor

Résolu/Fermé
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 - 30 nov. 2008 à 20:49
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 - 9 déc. 2008 à 22:10
Bonjour,tout le monde je viens vous voir car un gros souci j ai un trojan win32:swizzor sur mon ecran de veille et quand je fais un scan kaspersky online et il ne trouve rien dessu. ensuite, j ai fais avec malwarebytes j ai trouvé 151 adawares donc j ai reussi a tout enlever . est ce que ça peut avoir un rapport avec mon ecran qui s eteint et se rallume tout de suite au demarrage une fois et apres ça marche bien. merci d avance aux personnes qui vont prendre le sujet à coeur.

31 réponses

  • 1
  • 2
Réponse 1 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
30 nov. 2008 à 20:50
salut

Télécharge HijackThis (outils de dignostic) ici :

-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe

-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

-> Clique sur Install ensuite sur I Accept

-> Clique sur Do a scan system and save log file

-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
0
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
30 nov. 2008 à 20:55
merci d allee aussi vite Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:22, on 30/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ssstars.scr
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
0
Réponse 2 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
30 nov. 2008 à 21:02
je vois rien de special

si un pro peut aider SVP

peut etre un scan avec Nod32
Poste un rapport Nod32 https://www.eset.com/
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
- C:\Program Files\EsetOnlineScanner\log.txt

voir si il trouve quelque chose
0
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
30 nov. 2008 à 22:39
bon je reviens te voir car nod 32 la barre de progression il ne deflle plus et en plus tu m'as demandé de cocher toutes les cases et je n'ai rien vu de tout ca donc j attend ta reponse et apres je verrais demain merci a toi
0
Réponse 3 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
30 nov. 2008 à 22:44
tu a pas eu un message pour installer activex en haut dans internet explorer?
0
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
1 déc. 2008 à 18:41
bonsoir neor j ai hue beaucoup de mal ce soir a me connecter il s eteint il se r allume je ne ces pas quoi fair je nes pas le rapport de nod 32 dans le dossier que tu ma dit
0
Réponse 4 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
1 déc. 2008 à 18:50
tu a peut etre un probleme materiel si le pc redemarre tout seul
0
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
1 déc. 2008 à 18:59
oui il redemarre tous seul autrement quand je vais sur panneau de config et je vais sur affichage et apres je vais sur ecran de veille et je veux juste fair un apercu sur sur un ecran il me dit que j ai un virus win32:swizzor
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
1 déc. 2008 à 19:54
désinstalle avast et installe nod32 en version d'essai 30j

http://download.eset.com/eval/win/eav/eav_nt32_fra.msi

pour pouvoir faire l'analyse
0
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
2 déc. 2008 à 13:34
bonjour excuse moi car j ai hue de petit probleme de sante donc on revient sur le probleme pour moi et donc j ai installè nod32 et il ma trouver 2 et il sont mis en quarantainedonc je pense que il faux les suprimer mes je vais attendre ta confirmation merci d avance
0
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30 > lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018
2 déc. 2008 à 20:04
bonsoir,

il faudrait les noms des fichiers STP
0
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3 > neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010
2 déc. 2008 à 20:11
bonsoir je te donne sa 02/12/2008 19:37:20 Protection en temps réel du système de fichiers fichier C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP20\A0014851.dll Win32/Toolbar.AskSBar application nettoyé par suppression - mis en quarantaine AUTORITE NT\SYSTEM Un événement s'est produit pendant une tentative d'accès au fichier par l'application : C:\WINDOWS\System32\svchost.exe.
02/12/2008 17:45:47 Protection en temps réel du système de fichiers fichier C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP20\A0014850.exe Win32/Toolbar.AskSBar application nettoyé par suppression - mis en quarantaine AUTORITE NT\SYSTEM Un événement s'est produit pendant une tentative d'accès au fichier par l'application : C:\WINDOWS\System32\svchost.exe.
0
Réponse 6 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
2 déc. 2008 à 20:20
fais ca

--------------------rechercher--------------------------

Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif)


Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
Réponse 7 / 31
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
2 déc. 2008 à 20:42
voilas le rapport

-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 06/22/2006 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Not Activated)
C:\ (Local Disk) - NTFS - Total:180 Go (Free:141 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 02/12/2008|20:38 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\bar\History
C:\Program Files\AskTBar\bar\Settings
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\bar\Settings\setting2.htm
C:\Program Files\AskTBar\bar\Settings\settings.dat
C:\Program Files\AskTBar\PopSwatr\History
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-02-11-39-14
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-02-11-39-14.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-38
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-38.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-49
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-49.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-38-57
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-38-57.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-54-04
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-54-04.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\7_wonders_treasures_of_seven16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\escape_from_the_museum16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\home_sweet_home_216x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_encyclopedia16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\restoring_rhonda16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search_goog.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_hidden_object_show16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_pini_society16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtualvillagers16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\womens_murder_club_fr16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\zuma16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\16x16talismania.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\action.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\arcade.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\bricks_of_egypt16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\buy.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\cards.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\cradle_of_persia16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\cradle_rome16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\deals.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\download.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\farm_frenzy16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\highlight.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\jewelquest16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\jigsaw.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\magic_match16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\mahjong.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\micro_olympics16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\multiplayer.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\mygames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\newGames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\Ocean_Express16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\peril_at_end_house16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\popup_off.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\popup_on.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\puzzle.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\riseAtlantis16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\scurbbles16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\search.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\search_goog.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\seasonmatch16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\sports.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\trial.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\webgame.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42\xango16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01\search_goog.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\16x16talismania.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\bricks_of_egypt16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\cradle_rome16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\download.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\farm_frenzy16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\highlight.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\jewelquest16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\magic_match16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\micro_olympics16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\newGames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\Ocean_Express16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\peril_at_end_house16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\popup_off.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\popup_on.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\riseAtlantis16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\scurbbles16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\search.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\search_goog.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31\xango16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\16x16talismania.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\bricks_of_egypt16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\cradle_of_persia16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\cradle_rome16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\download.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\farm_frenzy16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\highlight.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\jewelquest16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\magic_match16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\micro_olympics16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\newGames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\Ocean_Express16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\peril_at_end_house16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\popup_off.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\popup_on.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\riseAtlantis16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\scurbbles16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\search.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\search_goog.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\seasonmatch16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41\xango16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-38\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16\search_goog.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-38-57\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\heart_of_egypt16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\hells_kitchen16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\highlight.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\newGames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\popup_off.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\popup_on.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\ranch_rush16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\search.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\search_goog.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02\update.gif
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-French.ini
C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\GamesBar\OBGet.exe
C:\Program Files\GamesBar\uninst.exe

-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(HP_Propri‚taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Propri‚taire) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.orange.fr/portail"
"Search Page"="https://fr.search.yahoo.com/?fr=cb-hp06"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="https://fr.search.yahoo.com/?fr=cb-hp06"
"Search Bar"="https://fr.search.yahoo.com/?fr=cb-hp06"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="https://fr.search.yahoo.com/?fr=cb-hp06"
"Search Page"="https://fr.search.yahoo.com/?fr=cb-hp06"
"Start Page"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Search Bar"="https://fr.search.yahoo.com/?fr=cb-hp06"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 02/12/2008|20:39 - Option : [1]

-----------\\ Fin du rapport a 20:39:39,21
0
Réponse 8 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
2 déc. 2008 à 20:44
--------------nettoyage----------------------------

Relance Toolbar-S&D

Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif)

en double-cliquant sur le raccourci.
Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
0
Réponse 9 / 31
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
2 déc. 2008 à 20:52
voici le rapport
-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 06/22/2006 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Not Activated)
C:\ (Local Disk) - NTFS - Total:180 Go (Free:141 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 02/12/2008|20:49 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-05-14-57-42.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-50-01.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-05-12-18-53-31.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-02-11-39-14
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-02-11-39-14.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-39-41.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-38
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-38.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-49
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-19-58-49.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-11-16.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-14-47.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-38-57
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-38-57.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-54-04
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-14-20-54-04.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-08-14-18-05-02.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\7_wonders_treasures_of_seven16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\escape_from_the_museum16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\home_sweet_home_216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_encyclopedia16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\restoring_rhonda16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search_goog.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_hidden_object_show16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_pini_society16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtualvillagers16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\womens_murder_club_fr16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\zuma16x16.gif
Supprime! - C:\Program Files\GamesBar\Localization-French.ini
Supprime! - C:\Program Files\GamesBar\oberontb.dll
Supprime! - C:\Program Files\GamesBar\OBGet.exe
Supprime! - C:\Program Files\GamesBar\uninst.exe
Supprime! - C:\Program Files\AskTBar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
Supprime! - C:\Program Files\GamesBar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(HP_Propri‚taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Propri‚taire) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.orange.fr/portail"
"Search Page"="https://fr.search.yahoo.com/?fr=cb-hp06"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="https://fr.search.yahoo.com/?fr=cb-hp06"
"Search Bar"="https://fr.search.yahoo.com/?fr=cb-hp06"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="https://fr.search.yahoo.com/?fr=cb-hp06"
"Search Page"="https://fr.search.yahoo.com/?fr=cb-hp06"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://fr.search.yahoo.com/?fr=cb-hp06"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 02/12/2008|20:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 02/12/2008|20:50 - Option : [2]

-----------\\ Fin du rapport a 20:50:12,48
0
Réponse 10 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
2 déc. 2008 à 20:57
1- Télécharge : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
Lors de l'installation:
-choisis bien "francais" en langue .
-avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 premières.


Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

---> Utilisation:
! déconnecte toi et ferme toutes applications en cours !
* va dans "nettoyeur" : fais -analyse- puis -nettoyage-
* va dans "registre" : fais -chercher les erreurs- et -réparer toutes les erreurs-
( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
0
Réponse 11 / 31
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
2 déc. 2008 à 21:05
voila tout est fait comme tu m a dit je fais quoi maintenant
0
Réponse 12 / 31
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
2 déc. 2008 à 21:12
tu a toujours des problemes?
0
Réponse 13 / 31
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 790
2 déc. 2008 à 21:16
Bonsoir,


Pour ifno :
swizzor = infection lop


Pour désinfecter ton ordinateur, il faut utiliser le programme LopS&D.

- Désactive ton antivirus.
- Télécharge Lop S&D sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
- Double-clique dessus pour lancer l'installation
- Double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré
- Réactive ton antivirus

Tutoriel pour t’aider : http://www.malekal.com//tutorial_Lop_SD.php



Il serait aussi bon que tu retrouves le rapport de MalwareBytes (dans l'onglet Rapports/logs) et que tu le postes pour voir ce qu'il a supprimé stp
Il est efficace mais il laisse souvent des traces...

0
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
2 déc. 2008 à 21:19
le sauveur :)

j'avais même pas fait attention au swizzor

merci
0
Réponse 14 / 31
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
2 déc. 2008 à 21:17
bah je te dirais bien que j ai un n autre probleme ces que tous les site que je vais voir meme la page orange sur le cotee droite il reste un peu pres 10cm de blanc sa pourrais venir de quoi meme sur ce site ces des deux cotee q il y a une marge blanc est normal
0
neor Messages postés 1084 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 28 janvier 2010 30
2 déc. 2008 à 21:21
fais ce que dit anthony5151 c'est un pro
0
Réponse 15 / 31
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
2 déc. 2008 à 21:30
voilas le rapport

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 06/22/2006 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Not Activated)
C:\ (Local Disk) - NTFS - Total:180 Go (Free:141 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 02/12/2008|21:28 )

--------------------\\ Listing des dossiers dans APPLIC~1

[26/10/2005|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[06/06/2006|04:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[06/06/2006|04:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[06/06/2006|04:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[17/07/2008|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
[06/06/2006|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/09/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[28/11/2008|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/05/2008|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Astar Games
[04/12/2007|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[06/06/2006|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/05/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DivoGames
[28/05/2008|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames
[01/12/2008|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[25/04/2008|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Farm Frenzy
[30/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
[01/06/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
[06/06/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
[01/05/2008|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[23/11/2007|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/06/2006|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[16/05/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[06/06/2006|03:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[06/06/2006|04:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[28/11/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/05/2007|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[06/06/2006|04:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/09/2007|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[06/06/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[24/04/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
[29/05/2008|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
[18/08/2008|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[11/05/2008|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
[30/05/2008|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[06/06/2006|03:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/06/2006|03:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[02/12/2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/11/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[27/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[08/06/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[12/05/2008|00:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
[08/12/2006|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/11/2006|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[11/03/2008|15:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[02/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[06/06/2006|04:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/06/2006|04:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[06/06/2006|04:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[30/11/2008|20:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\aboutlogcopy
[31/07/2008|13:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[27/05/2008|12:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[27/09/2007|14:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ahead
[28/11/2008|21:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[29/11/2008|19:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\bang
[27/06/2008|21:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Boomzap
[07/10/2006|20:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink
[04/01/2008|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dvdcss
[28/05/2008|20:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\eGames
[30/09/2007|20:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\FarStone
[27/04/2008|00:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Fuzzy Games
[12/04/2008|18:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Gamelab
[06/11/2006|19:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[12/11/2006|14:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[02/01/2008|20:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[06/10/2006|19:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[01/07/2008|17:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[04/12/2007|14:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jane s Hotel
[30/05/2008|17:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jane s Hotel Family Hero
[06/10/2006|19:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[14/10/2007|17:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Legends of pirates
[09/06/2008|20:25] C:\DOCUME~1\HP_PRO~1\APPLIC~1\LimeWire
[29/05/2008|15:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[30/11/2007|20:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[02/09/2007|20:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[07/11/2006|18:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[06/06/2007|17:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies
[24/04/2008|17:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\My Games
[29/05/2008|17:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Oberon Games
[18/08/2008|02:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
[28/09/2007|18:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[30/05/2008|14:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sandlot Games
[06/08/2007|18:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Screenshot Sender
[30/10/2008|17:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecuROM
[11/10/2008|19:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skip-Bo
[06/10/2006|19:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[16/11/2006|22:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[16/05/2008|19:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Super-Cow
[02/09/2007|20:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback
[16/06/2008|18:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TaoUSign
[18/10/2006|13:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[05/04/2008|17:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TheScruffs
[03/05/2008|13:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Total Eclipse
[24/02/2008|01:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\U3
[02/03/2008|21:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\uTorrent
[12/05/2008|00:35] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Valusoft
[08/07/2008|20:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ViquaSoft
[29/09/2007|19:35] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Windows Desktop Search
[18/01/2008|19:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Windows Live Writer
[15/08/2007|05:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WinRAR
[28/11/2006|21:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\yoclient
[30/11/2008|18:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Zylom

[30/11/2008|11:26] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Adobe
[01/12/2008|18:46] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Google
[02/12/2008|08:31] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\HP
[28/11/2008|08:48] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\HPQ
[26/10/2005|23:34] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Identities
[26/11/2008|19:01] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Macromedia
[28/11/2008|14:35] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Malwarebytes
[30/11/2008|10:40] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Microsoft
[30/11/2008|10:49] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Real
[28/11/2008|15:25] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Sun

[21/10/2006|13:22] C:\DOCUME~1\INVIT~1\APPLIC~1\HP
[26/10/2005|16:34] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[05/06/2006|21:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[05/06/2006|21:06] C:\DOCUME~1\INVIT~1\APPLIC~1\Real

[06/06/2006|03:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/06/2006|03:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[28/11/2008 14:24][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job
[02/12/2008 12:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[26/06/2008|08:24] C:\Program Files\aboutlogcopy
[06/06/2006|04:10] C:\Program Files\Adobe
[30/11/2008|12:20] C:\Program Files\Ahead
[25/11/2006|20:05] C:\Program Files\Alwil Software
[06/06/2006|03:48] C:\Program Files\ATI Technologies
[03/06/2008|15:31] C:\Program Files\Betty's Beer Bar
[04/12/2007|20:12] C:\Program Files\Boonty
[29/06/2008|19:27] C:\Program Files\BoontyGames
[29/11/2008|15:34] C:\Program Files\CCleaner
[30/03/2008|13:19] C:\Program Files\Circle Developement
[20/10/2005|20:06] C:\Program Files\ComPlus Applications
[08/06/2008|21:03] C:\Program Files\Cooking Academy
[06/06/2006|04:09] C:\Program Files\CyberLink
[05/01/2008|20:47] C:\Program Files\DivX
[02/11/2006|18:36] C:\Program Files\EA GAMES
[01/12/2008|21:38] C:\Program Files\ESET
[01/12/2008|18:26] C:\Program Files\EsetOnlineScanner
[30/09/2007|19:57] C:\Program Files\FarStone
[08/06/2008|21:03] C:\Program Files\Fashion Boutique
[26/11/2008|18:47] C:\Program Files\Fichiers communs
[01/12/2008|19:46] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[27/10/2008|15:42] C:\Program Files\Gamenext
[06/06/2006|04:24] C:\Program Files\Google
[06/06/2006|04:22] C:\Program Files\Hewlett-Packard
[06/06/2006|04:09] C:\Program Files\HP
[15/12/2006|21:43] C:\Program Files\igLoader
[28/11/2008|14:53] C:\Program Files\InstallShield Installation Information
[06/06/2006|03:44] C:\Program Files\Internet Explorer
[06/06/2006|03:36] C:\Program Files\Java
[08/06/2008|21:01] C:\Program Files\Kitty Luv
[28/07/2007|02:14] C:\Program Files\Lavasoft
[09/06/2008|18:31] C:\Program Files\LimeWire
[08/06/2008|21:05] C:\Program Files\M6 Jeux
[28/11/2008|14:35] C:\Program Files\Malwarebytes' Anti-Malware
[13/07/2008|16:50] C:\Program Files\Maxis
[06/06/2006|03:40] C:\Program Files\Messenger
[07/09/2008|11:21] C:\Program Files\Messenger Plus! Live
[09/05/2007|19:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/10/2005|23:36] C:\Program Files\microsoft frontpage
[06/06/2006|04:12] C:\Program Files\Microsoft Office
[29/09/2007|19:29] C:\Program Files\Microsoft SQL Server Compact Edition
[18/03/2007|20:56] C:\Program Files\Microsoft Visual Studio
[06/06/2006|04:12] C:\Program Files\Microsoft Works
[18/03/2007|20:55] C:\Program Files\Microsoft.NET
[01/12/2008|19:46] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[26/10/2005|23:36] C:\Program Files\Movie Maker
[16/10/2007|18:09] C:\Program Files\Mozilla Firefox
[26/10/2005|23:36] C:\Program Files\MSN
[16/06/2008|21:37] C:\Program Files\MSN Games
[26/10/2005|23:36] C:\Program Files\MSN Gaming Zone
[09/11/2006|19:12] C:\Program Files\MSXML 4.0
[30/11/2008|11:50] C:\Program Files\MSXML 6.0
[06/06/2006|04:14] C:\Program Files\muvee Technologies
[27/09/2007|14:32] C:\Program Files\Nero
[26/10/2005|23:36] C:\Program Files\NetMeeting
[27/10/2008|14:51] C:\Program Files\Oberon Media
[26/10/2005|23:36] C:\Program Files\Online Services
[26/10/2005|23:36] C:\Program Files\Outlook Express
[11/10/2007|09:06] C:\Program Files\PacificPoker
[03/06/2008|17:59] C:\Program Files\Paradise Pet Salon
[28/11/2008|08:46] C:\Program Files\PC-Doctor 5 for Windows
[14/10/2007|17:46] C:\Program Files\Pirateville
[23/11/2007|22:49] C:\Program Files\QuickTime
[06/06/2006|04:06] C:\Program Files\Real
[14/10/2007|17:14] C:\Program Files\ReflexiveArcade
[28/11/2008|14:21] C:\Program Files\SAGEM
[08/06/2008|21:06] C:\Program Files\Sallys Salon
[27/06/2008|19:41] C:\Program Files\Sallys Spa
[01/12/2008|19:46] C:\Program Files\SDHelper (Spybot - Search & Destroy)
[22/10/2006|13:50] C:\Program Files\Securitoo
[26/11/2008|20:14] C:\Program Files\Services en ligne
[02/12/2007|13:43] C:\Program Files\Share_Accelerator_MM
[06/06/2006|04:07] C:\Program Files\Sonic
[01/12/2008|19:51] C:\Program Files\Spybot - Search & Destroy
[01/12/2008|19:46] C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[30/11/2008|20:51] C:\Program Files\Trend Micro
[20/10/2005|20:06] C:\Program Files\Uninstall Information
[27/12/2007|18:25] C:\Program Files\uTorrent
[30/11/2008|19:10] C:\Program Files\VideoLAN
[02/12/2008|21:02] C:\Program Files\Wanadoo
[29/09/2007|19:29] C:\Program Files\Windows Desktop Search
[28/02/2008|03:01] C:\Program Files\Windows Live
[30/11/2007|20:28] C:\Program Files\Windows Live Favorites
[07/09/2008|19:30] C:\Program Files\Windows Live Safety Center
[30/11/2007|20:28] C:\Program Files\Windows Live Toolbar
[25/12/2006|15:40] C:\Program Files\Windows Media Connect 2
[06/06/2006|03:35] C:\Program Files\Windows Media Player
[26/10/2005|23:36] C:\Program Files\Windows NT
[20/10/2005|20:05] C:\Program Files\WindowsUpdate
[16/08/2007|13:04] C:\Program Files\WinRAR
[26/10/2005|23:37] C:\Program Files\xerox
[29/11/2008|22:10] C:\Program Files\Yahoo!
[28/09/2007|08:27] C:\Program Files\Zapu
[06/07/2008|17:26] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[06/06/2006|04:10] C:\Program Files\Fichiers communs\Adobe
[04/12/2007|14:37] C:\Program Files\Fichiers communs\BOONTY Shared
[18/03/2007|20:56] C:\Program Files\Fichiers communs\DESIGNER
[06/06/2006|03:55] C:\Program Files\Fichiers communs\Hewlett-Packard
[06/06/2006|03:52] C:\Program Files\Fichiers communs\HP
[06/06/2006|04:21] C:\Program Files\Fichiers communs\InstallShield
[06/06/2006|03:36] C:\Program Files\Fichiers communs\Java
[06/06/2006|04:08] C:\Program Files\Fichiers communs\LightScribe
[06/06/2006|04:12] C:\Program Files\Fichiers communs\Microsoft Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\MSSoap
[06/06/2006|04:14] C:\Program Files\Fichiers communs\muvee Technologies
[08/06/2008|21:05] C:\Program Files\Fichiers communs\Oberon Media
[26/10/2005|23:35] C:\Program Files\Fichiers communs\ODBC
[06/06/2006|04:06] C:\Program Files\Fichiers communs\Real
[26/10/2005|23:35] C:\Program Files\Fichiers communs\Services
[06/06/2006|04:07] C:\Program Files\Fichiers communs\Sonic Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\SpeechEngines
[06/06/2006|04:07] C:\Program Files\Fichiers communs\SureThing Shared
[26/11/2008|18:50] C:\Program Files\Fichiers communs\Symantec Shared
[26/10/2005|23:36] C:\Program Files\Fichiers communs\System
[06/06/2006|04:07] C:\Program Files\Fichiers communs\TiVo Shared
[07/03/2008|16:43] C:\Program Files\Fichiers communs\Vitalize
[13/11/2007|19:14] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/06/2006|04:06] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 42 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-02 21:29:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:14][D:0]-> C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\Temp
[F:9][D:0]-> C:\DOCUME~1\HP_PRO~1.NOM\Cookies
[F:251][D:3]-> C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 02/12/2008|21:28 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 02/12/2008|21:30 - Option : [1]

--------------------\\ Fin du rapport a 21:30:08
0
Réponse 16 / 31
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 790
2 déc. 2008 à 21:32
L'infection est indiquée ici :

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe



Relance Lop S&D
Choisis cette fois-ci l'option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)




P.S : N'oublie pas d'aller rechercher l'ancien rapport de MalwareBytes stp

0
Réponse 17 / 31
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
2 déc. 2008 à 21:37
donc voilas le rapport

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 06/22/2006 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Not Activated)
C:\ (Local Disk) - NTFS - Total:180 Go (Free:141 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 02/12/2008|21:35 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[26/10/2005|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[06/06/2006|04:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[06/06/2006|04:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[06/06/2006|04:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[06/06/2006|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/09/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[28/11/2008|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/05/2008|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Astar Games
[04/12/2007|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[06/06/2006|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/05/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DivoGames
[28/05/2008|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames
[01/12/2008|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[25/04/2008|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Farm Frenzy
[30/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
[01/06/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
[06/06/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
[01/05/2008|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[23/11/2007|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/06/2006|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[16/05/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[06/06/2006|03:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[06/06/2006|04:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[28/11/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/05/2007|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[06/06/2006|04:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/09/2007|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[06/06/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[24/04/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
[29/05/2008|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
[18/08/2008|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[11/05/2008|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
[30/05/2008|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[06/06/2006|03:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/06/2006|03:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[02/12/2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/11/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[27/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[08/06/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[12/05/2008|00:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
[08/12/2006|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/11/2006|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[11/03/2008|15:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[02/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[06/06/2006|04:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/06/2006|04:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[06/06/2006|04:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[30/11/2008|20:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\aboutlogcopy
[31/07/2008|13:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[27/05/2008|12:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[27/09/2007|14:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ahead
[28/11/2008|21:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[29/11/2008|19:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\bang
[27/06/2008|21:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Boomzap
[07/10/2006|20:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink
[04/01/2008|14:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dvdcss
[28/05/2008|20:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\eGames
[30/09/2007|20:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\FarStone
[27/04/2008|00:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Fuzzy Games
[12/04/2008|18:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Gamelab
[06/11/2006|19:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[12/11/2006|14:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[02/01/2008|20:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[06/10/2006|19:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[01/07/2008|17:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[04/12/2007|14:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jane s Hotel
[30/05/2008|17:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jane s Hotel Family Hero
[06/10/2006|19:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[14/10/2007|17:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Legends of pirates
[09/06/2008|20:25] C:\DOCUME~1\HP_PRO~1\APPLIC~1\LimeWire
[29/05/2008|15:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[30/11/2007|20:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[02/09/2007|20:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[07/11/2006|18:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[06/06/2007|17:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies
[24/04/2008|17:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\My Games
[29/05/2008|17:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Oberon Games
[18/08/2008|02:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
[28/09/2007|18:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[30/05/2008|14:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sandlot Games
[06/08/2007|18:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Screenshot Sender
[30/10/2008|17:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecuROM
[11/10/2008|19:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skip-Bo
[06/10/2006|19:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[16/11/2006|22:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[16/05/2008|19:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Super-Cow
[02/09/2007|20:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback
[16/06/2008|18:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TaoUSign
[18/10/2006|13:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[05/04/2008|17:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TheScruffs
[03/05/2008|13:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Total Eclipse
[24/02/2008|01:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\U3
[02/03/2008|21:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\uTorrent
[12/05/2008|00:35] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Valusoft
[08/07/2008|20:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ViquaSoft
[29/09/2007|19:35] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Windows Desktop Search
[18/01/2008|19:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Windows Live Writer
[15/08/2007|05:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WinRAR
[28/11/2006|21:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\yoclient
[30/11/2008|18:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Zylom

[30/11/2008|11:26] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Adobe
[01/12/2008|18:46] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Google
[02/12/2008|08:31] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\HP
[28/11/2008|08:48] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\HPQ
[26/10/2005|23:34] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Identities
[26/11/2008|19:01] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Macromedia
[28/11/2008|14:35] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Malwarebytes
[30/11/2008|10:40] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Microsoft
[30/11/2008|10:49] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Real
[28/11/2008|15:25] C:\DOCUME~1\HP_PRO~1.NOM\APPLIC~1\Sun

[21/10/2006|13:22] C:\DOCUME~1\INVIT~1\APPLIC~1\HP
[26/10/2005|16:34] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[05/06/2006|21:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[05/06/2006|21:06] C:\DOCUME~1\INVIT~1\APPLIC~1\Real

[06/06/2006|03:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/06/2006|03:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[28/11/2008 14:24][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job
[02/12/2008 12:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[26/06/2008|08:24] C:\Program Files\aboutlogcopy
[06/06/2006|04:10] C:\Program Files\Adobe
[30/11/2008|12:20] C:\Program Files\Ahead
[25/11/2006|20:05] C:\Program Files\Alwil Software
[06/06/2006|03:48] C:\Program Files\ATI Technologies
[03/06/2008|15:31] C:\Program Files\Betty's Beer Bar
[04/12/2007|20:12] C:\Program Files\Boonty
[29/06/2008|19:27] C:\Program Files\BoontyGames
[29/11/2008|15:34] C:\Program Files\CCleaner
[20/10/2005|20:06] C:\Program Files\ComPlus Applications
[08/06/2008|21:03] C:\Program Files\Cooking Academy
[06/06/2006|04:09] C:\Program Files\CyberLink
[05/01/2008|20:47] C:\Program Files\DivX
[02/11/2006|18:36] C:\Program Files\EA GAMES
[01/12/2008|21:38] C:\Program Files\ESET
[01/12/2008|18:26] C:\Program Files\EsetOnlineScanner
[30/09/2007|19:57] C:\Program Files\FarStone
[08/06/2008|21:03] C:\Program Files\Fashion Boutique
[26/11/2008|18:47] C:\Program Files\Fichiers communs
[01/12/2008|19:46] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[27/10/2008|15:42] C:\Program Files\Gamenext
[06/06/2006|04:24] C:\Program Files\Google
[06/06/2006|04:22] C:\Program Files\Hewlett-Packard
[06/06/2006|04:09] C:\Program Files\HP
[15/12/2006|21:43] C:\Program Files\igLoader
[28/11/2008|14:53] C:\Program Files\InstallShield Installation Information
[06/06/2006|03:44] C:\Program Files\Internet Explorer
[06/06/2006|03:36] C:\Program Files\Java
[08/06/2008|21:01] C:\Program Files\Kitty Luv
[28/07/2007|02:14] C:\Program Files\Lavasoft
[09/06/2008|18:31] C:\Program Files\LimeWire
[08/06/2008|21:05] C:\Program Files\M6 Jeux
[28/11/2008|14:35] C:\Program Files\Malwarebytes' Anti-Malware
[13/07/2008|16:50] C:\Program Files\Maxis
[06/06/2006|03:40] C:\Program Files\Messenger
[07/09/2008|11:21] C:\Program Files\Messenger Plus! Live
[09/05/2007|19:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/10/2005|23:36] C:\Program Files\microsoft frontpage
[06/06/2006|04:12] C:\Program Files\Microsoft Office
[29/09/2007|19:29] C:\Program Files\Microsoft SQL Server Compact Edition
[18/03/2007|20:56] C:\Program Files\Microsoft Visual Studio
[06/06/2006|04:12] C:\Program Files\Microsoft Works
[18/03/2007|20:55] C:\Program Files\Microsoft.NET
[01/12/2008|19:46] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[26/10/2005|23:36] C:\Program Files\Movie Maker
[16/10/2007|18:09] C:\Program Files\Mozilla Firefox
[26/10/2005|23:36] C:\Program Files\MSN
[16/06/2008|21:37] C:\Program Files\MSN Games
[26/10/2005|23:36] C:\Program Files\MSN Gaming Zone
[09/11/2006|19:12] C:\Program Files\MSXML 4.0
[30/11/2008|11:50] C:\Program Files\MSXML 6.0
[06/06/2006|04:14] C:\Program Files\muvee Technologies
[27/09/2007|14:32] C:\Program Files\Nero
[26/10/2005|23:36] C:\Program Files\NetMeeting
[27/10/2008|14:51] C:\Program Files\Oberon Media
[26/10/2005|23:36] C:\Program Files\Online Services
[26/10/2005|23:36] C:\Program Files\Outlook Express
[11/10/2007|09:06] C:\Program Files\PacificPoker
[03/06/2008|17:59] C:\Program Files\Paradise Pet Salon
[28/11/2008|08:46] C:\Program Files\PC-Doctor 5 for Windows
[14/10/2007|17:46] C:\Program Files\Pirateville
[23/11/2007|22:49] C:\Program Files\QuickTime
[06/06/2006|04:06] C:\Program Files\Real
[14/10/2007|17:14] C:\Program Files\ReflexiveArcade
[28/11/2008|14:21] C:\Program Files\SAGEM
[08/06/2008|21:06] C:\Program Files\Sallys Salon
[27/06/2008|19:41] C:\Program Files\Sallys Spa
[01/12/2008|19:46] C:\Program Files\SDHelper (Spybot - Search & Destroy)
[22/10/2006|13:50] C:\Program Files\Securitoo
[26/11/2008|20:14] C:\Program Files\Services en ligne
[02/12/2007|13:43] C:\Program Files\Share_Accelerator_MM
[06/06/2006|04:07] C:\Program Files\Sonic
[01/12/2008|19:51] C:\Program Files\Spybot - Search & Destroy
[01/12/2008|19:46] C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[30/11/2008|20:51] C:\Program Files\Trend Micro
[20/10/2005|20:06] C:\Program Files\Uninstall Information
[27/12/2007|18:25] C:\Program Files\uTorrent
[30/11/2008|19:10] C:\Program Files\VideoLAN
[02/12/2008|21:02] C:\Program Files\Wanadoo
[29/09/2007|19:29] C:\Program Files\Windows Desktop Search
[28/02/2008|03:01] C:\Program Files\Windows Live
[30/11/2007|20:28] C:\Program Files\Windows Live Favorites
[07/09/2008|19:30] C:\Program Files\Windows Live Safety Center
[30/11/2007|20:28] C:\Program Files\Windows Live Toolbar
[25/12/2006|15:40] C:\Program Files\Windows Media Connect 2
[06/06/2006|03:35] C:\Program Files\Windows Media Player
[26/10/2005|23:36] C:\Program Files\Windows NT
[20/10/2005|20:05] C:\Program Files\WindowsUpdate
[16/08/2007|13:04] C:\Program Files\WinRAR
[26/10/2005|23:37] C:\Program Files\xerox
[29/11/2008|22:10] C:\Program Files\Yahoo!
[28/09/2007|08:27] C:\Program Files\Zapu
[06/07/2008|17:26] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[06/06/2006|04:10] C:\Program Files\Fichiers communs\Adobe
[04/12/2007|14:37] C:\Program Files\Fichiers communs\BOONTY Shared
[18/03/2007|20:56] C:\Program Files\Fichiers communs\DESIGNER
[06/06/2006|03:55] C:\Program Files\Fichiers communs\Hewlett-Packard
[06/06/2006|03:52] C:\Program Files\Fichiers communs\HP
[06/06/2006|04:21] C:\Program Files\Fichiers communs\InstallShield
[06/06/2006|03:36] C:\Program Files\Fichiers communs\Java
[06/06/2006|04:08] C:\Program Files\Fichiers communs\LightScribe
[06/06/2006|04:12] C:\Program Files\Fichiers communs\Microsoft Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\MSSoap
[06/06/2006|04:14] C:\Program Files\Fichiers communs\muvee Technologies
[08/06/2008|21:05] C:\Program Files\Fichiers communs\Oberon Media
[26/10/2005|23:35] C:\Program Files\Fichiers communs\ODBC
[06/06/2006|04:06] C:\Program Files\Fichiers communs\Real
[26/10/2005|23:35] C:\Program Files\Fichiers communs\Services
[06/06/2006|04:07] C:\Program Files\Fichiers communs\Sonic Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\SpeechEngines
[06/06/2006|04:07] C:\Program Files\Fichiers communs\SureThing Shared
[26/11/2008|18:50] C:\Program Files\Fichiers communs\Symantec Shared
[26/10/2005|23:36] C:\Program Files\Fichiers communs\System
[06/06/2006|04:07] C:\Program Files\Fichiers communs\TiVo Shared
[07/03/2008|16:43] C:\Program Files\Fichiers communs\Vitalize
[13/11/2007|19:14] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/06/2006|04:06] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 40 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-02 21:36:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:14][D:0]-> C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\Temp
[F:9][D:0]-> C:\DOCUME~1\HP_PRO~1.NOM\Cookies
[F:256][D:3]-> C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 02/12/2008|21:28 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 02/12/2008|21:30 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 02/12/2008|21:37 - Option : [2]

--------------------\\ Fin du rapport a 21:37:03
0
Réponse 18 / 31
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
2 déc. 2008 à 21:43
et voilas le rapport malwarebyte le dernier
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1441
Windows 5.1.2600 Service Pack 2

01/12/2008 20:34:36
mbam-log-2008-12-01 (20-34-36).txt

Type de recherche: Examen rapide
Eléments examinés: 58573
Temps écoulé: 37 minute(s), 7 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 19 / 31
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 790
2 déc. 2008 à 21:51
J'aurai besoin de celui où tu as trouvé 151 infections...
Merci

0
Réponse 20 / 31
lea4449 Messages postés 319 Date d'inscription dimanche 6 juillet 2008 Statut Membre Dernière intervention 23 mars 2018 3
3 déc. 2008 à 18:53
bonsoir je suis revenu je te donne sa de suite
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1430
Windows 5.1.2600 Service Pack 2

28/11/2008 14:44:00
mbam-log-2008-11-28 (14-44-00).txt

Type de recherche: Examen rapide
Eléments examinés: 56631
Temps écoulé: 5 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 50
Fichier(s) infecté(s): 101

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.22 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\bin (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\icons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_6 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_7 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_8 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Paroles (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Telechargement (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_6 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_7 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_8 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Paroles (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Telechargement (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\egnmmwt_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\egnmmwt_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\egnmmwt.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\Starware370Config.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\Starware370Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_60.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_70.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_80.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Tem2D3.tmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
0

Discussions similaires

Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Que fait le virus LPI Win32 Pup-Gen
Tristan Chrome -
Tristan Chrome -

2 réponses
win32 bogent [susp]
hidalgo -
papajohn -

36 réponses