oOKHAOSOo

ZHP Cleaner m'a viré les merdouilles restante d'akamai je suppose, je ne lag plus en tout cas. Vraiment une plaie ce soft. Rapport JRT http://www.cjoint.com/c/EFdrNSNMTW6

Rapport ZHP Cleaner http://www.cjoint.com/c/EFcw5aNejQ6

Voici le rapport : http://www.cjoint.com/c/EFcwLNvWsL6 Pt de restauration effectué.

Voici le rapport : http://www.cjoint.com/c/EFcvYHBpoi6

Bouh ?

Bonjour, Suite à l'installation d'un jeu "Echo Of Soul" j'ai de sérieuses lenteur de débit internet. J'ai remarqué que l'install m'avait rajouté Akamai. Je l'ai désinstallé mais le problème subsiste :/ Quelle est la méthode pour résoudre ce problème ? Merci d'avance !

Bonjour niveau malware tout est éradiqué. J'ai également enlevé les pilotes d'une ancienne carte graphique (NVIDIA) . J'ai l'impression que le problème du menu contextuel venait également de là. En tout cas merci mon PC ronronne Résolu ! (j'ai pas trouvé pour éditer le sujet ^^')

Voici les rapports : http://cjoint.com/?EEwmSsUBkYr http://cjoint.com/?EEwmTl2UP6V http://cjoint.com/?EEwmT5ufvWO http://cjoint.com/?EEwmUtr6qYu

Bonjour, Merci de prendre soin du singe ! Le rapport : http://cjoint.com/?EEwluF3poPk

Bonsoir, Comme l'indique le titre mon menu contextuel rame sur le bureau. J'ai pensé que cela venait de catalyst. J'ai enlevé la cle de registre mais apparement cela ne fait rien. Merci d'avance !! Cordialement.

Et bien je vous remercie Je n'ai plus de problème de lenteur par contre merci pour votre aide. Cordialement, oOKHAOSOo.

Bonjour, Apparemment, le logiciel ne trouve rien voici les deux rapports : RogueKiller V4.2.0 par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/10) Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: yo [Droits d'admin] Mode: Recherche -- Date : 14/03/2011 12:06:29 Processus malicieux: 0 Entrees de registre: 0 Fichier HOSTS: 127.0.0.1 localhost 127.0.0.1 activate.adobe.com Termine : << RKreport[1].txt >> RKreport[1].txt ------------------------------------------------------------------------------ RogueKiller V4.2.0 par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/10) Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: yo [Droits d'admin] Mode: Suppression -- Date : 14/03/2011 12:07:38 Processus malicieux: 0 Entrees de registre: 0 Fichier HOSTS: 127.0.0.1 localhost 127.0.0.1 activate.adobe.com Termine : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt --------------------------------------------------------------- Cordialement, oOKHAOSOo

voici le rapport des blocages de malwarebytes 00:13:53 yo IP-BLOCK 58.218.199.147 (Type: incoming) 00:22:44 yo IP-BLOCK 208.73.210.29 (Type: outgoing) 12:05:52 (null) MESSAGE Protection started successfully 12:06:43 yo MESSAGE IP Protection started successfully 12:30:11 yo IP-BLOCK 221.192.199.49 (Type: incoming) 12:41:24 yo IP-BLOCK 58.218.199.147 (Type: incoming) 15:11:22 yo IP-BLOCK 58.218.199.147 (Type: incoming) 17:41:53 yo IP-BLOCK 58.218.199.147 (Type: incoming) 17:42:17 yo IP-BLOCK 221.192.199.49 (Type: incoming) 20:11:55 yo IP-BLOCK 58.218.199.147 (Type: incoming) Cela se produit même quand firefox n'est pas ouvert. Cordialement, oOKHAOSOo

Bien merci pour votre réponse. C'est étrange, j'ai téléchargé nero sur 01.net , gratuit 30 jours et j'ai seulement la version de "Panda Cloud Antivirus Free". Par contre j'ai tjs mwb qui me pop up des onglets de blocage de sites. En ce qui concerne AskBar, je ne trouve pas le programme dans le panneau de conf ; je suppose donc que je ne l'ai pas encore installé , il est toujours dans le .rar avec nero. Un scan supplémentaire pour régler le problème ? Cordialement, oOKHAOSOo

BOnsoir, désolé pour le retard voici le log d'eset : E:\Documents and Settings\yo\Bureau\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe Win32/Toolbar.AskSBar application E:\Program Files\Panda Security\Panda Cloud Antivirus\ObjetsTrouvés\A0115864.exe a variant of Win32/Packed.Themida application ------------------------------------- Voila Je sais pas si c'est grave : le Askbar je ne l'ai pas installé c'est avec une version d'essai de Néro que je n'ai pas non plus encore installé. Pour ce qui concerne Panda, je ne sais pas ce que cela peut interpréter. Cordialement, oOKHAOSOo

Enfin les rapport de mbam : ----------------------------------------------------- Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6005 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 10/03/2011 00:32:49 mbam-log-2011-03-10 (00-32-45).txt Type d'examen: Examen complet (A:\|C:\|D:\|E:\|G:\|) Elément(s) analysé(s): 475754 Temps écoulé: 1 heure(s), 41 minute(s), 10 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 27 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\3ds 2010 install\3ds2010 exe\ISO\Crack\xf-a2010.exe (Trojan.Agent) -> No action taken. c:\adobe cs5 products keygen\adobe indesign cs5.premium v7.0 incl.keymaker-embrace..exe (Malware.Packer.Gen) -> No action taken. e:\documents and settings\yo\Bureau\VIDEO\RGHD\red giant magic bullet instant hd v1.2 windows\Keygen\keygen.exe (Trojan.Downloader) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\02d029e9_17b8cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\1cf3ca77_a2b6cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\20731b14_2bb3cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\2aca62eb_51b2cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\4ce578e3_98b1cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\5a302a16_64b3cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\60cfe618_03b5cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\76c63e36_d8b7cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\784e5e44_31b6cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\86652942_ddb0cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\9cde0251_c0b7cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\bac2df24_4eb3cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\c699ea20_5bb7cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\c8542252_20b1cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\d023e3cb_ecb1cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\d22b324f_c6b5cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\d845ea1d_4bb2cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\d89c9f3a_48b4cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\eca256d7_a9b2cb01\networker.exe (Trojan.Agent) -> No action taken. e:\documents and settings\yo\local settings\Temp\RarSFX0\keygen.exe (Trojan.FakeAlert) -> No action taken. e:\program files\Autodesk\3ds max 2010\xf-a2010.exe (Trojan.Agent) -> No action taken. e:\program files\panda security\panda cloud antivirus\objetstrouvés\A0121556.exe (Malware.Packer.Gen) -> No action taken. e:\system volume information\_restore{6f367955-08bb-4112-a2dc-0c1adb8c3ea5}\RP329\A0136623.exe (Trojan.Agent) -> No action taken. e:\system volume information\_restore{6f367955-08bb-4112-a2dc-0c1adb8c3ea5}\RP334\A0137501.exe (Trojan.Agent) -> No action taken. ------------------------------------------------------------- Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6005 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 10/03/2011 00:35:28 mbam-log-2011-03-10 (00-35-28).txt Type d'examen: Examen complet (A:\|C:\|D:\|E:\|G:\|) Elément(s) analysé(s): 475754 Temps écoulé: 1 heure(s), 41 minute(s), 10 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 27 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\3ds 2010 install\3ds2010 exe\ISO\Crack\xf-a2010.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\adobe cs5 products keygen\adobe indesign cs5.premium v7.0 incl.keymaker-embrace..exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. e:\documents and settings\yo\Bureau\VIDEO\RGHD\red giant magic bullet instant hd v1.2 windows\Keygen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\02d029e9_17b8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\1cf3ca77_a2b6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\20731b14_2bb3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\2aca62eb_51b2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\4ce578e3_98b1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\5a302a16_64b3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\60cfe618_03b5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\76c63e36_d8b7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\784e5e44_31b6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\86652942_ddb0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\9cde0251_c0b7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\bac2df24_4eb3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\c699ea20_5bb7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\c8542252_20b1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\d023e3cb_ecb1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\d22b324f_c6b5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\d845ea1d_4bb2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\d89c9f3a_48b4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\application data\assembly\dl3\TBO6TB2Q.G42\D88HXVNT.P79\b39403d7\eca256d7_a9b2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\documents and settings\yo\local settings\Temp\RarSFX0\keygen.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. e:\program files\Autodesk\3ds max 2010\xf-a2010.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\program files\panda security\panda cloud antivirus\objetstrouvés\A0121556.exe (Malware.Packer.Gen) -> Delete on reboot. e:\system volume information\_restore{6f367955-08bb-4112-a2dc-0c1adb8c3ea5}\RP329\A0136623.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\system volume information\_restore{6f367955-08bb-4112-a2dc-0c1adb8c3ea5}\RP334\A0137501.exe (Trojan.Agent) -> Quarantined and deleted successfully. -------------------------------------------------- Voila j'attend de voir si tout se passe bien , je suis toujours à l'écoute de vos conseils pour une autre manip a executer. Cordialement, oOKHAOSOo

Voici les rapport de ROGUEKILLER : ------------------------------------------------- RogueKiller V4.2.0 par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/9) Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: yo [Droits d'admin] Mode: Recherche -- Date : 09/03/2011 22:40:15 Processus malicieux: 1 [APPDT/TMP/DESKTOP] Panda_URL_Filtering.exe -- e:\documents and settings\all users\application data\panda security url filtering\panda_url_filtering.exe -> KILLED Entrees de registre: 1 [APPDT/TMP/DESKTOP] HKLM\[...]\Run : Panda Security URL Filtering ("E:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe") -> FOUND Fichier HOSTS: 127.0.0.1 localhost 127.0.0.1 activate.adobe.com Termine : << RKreport[1].txt >> RKreport[1].txt ------------------------------------------------------------ RogueKiller V4.2.0 par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/9) Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: yo [Droits d'admin] Mode: Suppression -- Date : 09/03/2011 22:42:02 Processus malicieux: 0 Entrees de registre: 1 [APPDT/TMP/DESKTOP] HKLM\[...]\Run : Panda Security URL Filtering ("E:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe") -> DELETED Fichier HOSTS: 127.0.0.1 localhost 127.0.0.1 activate.adobe.com Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt

Merci pour votre réactivité voici sur ce premier post les rapport de ADD-R Pour le logiciel Ad j'ai malencontreusement desinstaller le logiciel avant de recupérer le rapport du clean j'ai donc recommencé pour en avoir un. Donc pour resumer sur add le premier rapport de scan ensuite le second scan et enfin le second clean. -----------SCAN ADD-R N°1-------------------- ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF E:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 15:18:52 le 09/03/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) yo@YO-0218C43EECE5 ( ) ============== RECHERCHE ============== Fichier trouvé: E:\WINDOWS\system32\Utils.dll Dossier trouvé: E:\Documents and Settings\yo\Local Settings\Application Data\Conduit Dossier trouvé: E:\Program Files\Conduit Dossier trouvé: E:\Documents and Settings\yo\Local Settings\Application Data\ConduitEngine Dossier trouvé: E:\Program Files\ConduitEngine Dossier trouvé: E:\Documents and Settings\yo\Application Data\PriceGong Dossier trouvé: E:\Documents and Settings\yo\Local Settings\Application Data\networker Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé trouvée: HKLM\Software\Classes\CLSID\{B0C6A63B-23A4-415C-911E-B3A61C086E2E} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B0C6A63B-23A4-415C-911E-B3A61C086E2E} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0C6A63B-23A4-415C-911E-B3A61C086E2E} Clé trouvée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Clé trouvée: HKLM\Software\Classes\Conduit.Engine Clé trouvée: HKLM\Software\Classes\Toolbar.CT2851639 Clé trouvée: HKLM\Software\Install Pedia Limited Clé trouvée: HKLM\Software\Conduit Clé trouvée: HKLM\Software\conduitEngine Clé trouvée: HKCU\Software\Conduit Clé trouvée: HKCU\Software\conduitEngine Clé trouvée: HKCU\Software\PriceGong Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30991EDA-71DC-4AA8-8714-EC83A9981F4B} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.15 (fr)] **** Plugins\npPandoWebInst.dll (Pando Networks) Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\@gamersfirst.com/LiveLauncher (x) HKLM_MozillaPlugins\@ogplanet.com/npOGPPlugin (x) HKLM_Extensions|widgetruntime@surfsecret.com - E:\Program Files\Panda Security\Panda ID Protect\Firefox HKLM_Extensions|{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - E:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} HKCU_Extensions|{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - E:\Program Files\DAP\DAPFireFox -- E:\Documents and Settings\yo\Application Data\Mozilla\FireFox\Profiles\qx4hu3jv.default -- Extensions\FoxdieGraphite@tanjihay.com (Foxdie (Graphite)) Extensions\foxdie_ext_ocelot@foxdie.us (Foxdie for Firefox) Prefs.js - browser.download.lastDir, E:\\Documents and Settings\\yo\\Bureau Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15 ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - "DeviceVM Url Search Hook" (E:\WINDOWS\system32\dvmurl.dll) HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKCU_SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - "?" (?) HKCU_SearchScopes\{F3C409FB-A1BA-4b8e-8F10-304D3D056F87} - "SpeedBit Search" (hxxp://home.speedbit.com/search.aspx?aff=206&q={searchTerms}) HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKCU_Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} (E:\Program Files\ConduitEngine\ConduitEngine.dll) HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (E:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll) HKLM_Toolbar|{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (E:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll) HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (E:\Program Files\ConduitEngine\ConduitEngine.dll) HKLM_ElevationPolicy\{10BEDBEF-25EE-374B-B9D6-9E33A40C4EF5} - E:\Program Files\Panda Security\Panda ID Protect\Panda ID Protect.exe (?) HKLM_ElevationPolicy\{30991EDA-71DC-4AA8-8714-EC83A9981F4B} - E:\Program Files\ConduitEngine\ConduitEngineHelper.exe (?) HKLM_ElevationPolicy\{3644F00E-747A-44aa-8DC3-139CCBEF5BFB} - E:\Program Files\Pando Networks\Media Booster\PMB.exe (?) HKLM_ElevationPolicy\{52B4CC5B-0E1D-49C1-80CD-DD2A71320D49} - E:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - E:\Program Files\Fichiers communs\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited) HKLM_ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - E:\Program Files\Panda Security\Panda Security Toolbar\uninstall.exe (Visicom Media Inc.) HKLM_ElevationPolicy\{BB2DE08D-AF76-42f2-80E9-E5EEE624A973} - E:\Program Files\Panda Security\Panda Security Toolbar\ieUtils.exe (Visicom Media Inc.) HKLM_ElevationPolicy\{d7359d7c-fe79-4bf6-8ad0-3242c460149a} - E:\Program Files\Panda Security\Panda ID Protect\IEToolbar\FormFiller.dll (SurfSecret LLC) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (E:\Program Files\uTorrentBar_FR\tbuTor.dll) BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (E:\Program Files\ConduitEngine\ConduitEngine.dll) BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?) BHO\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - "Panda Security Toolbar" (E:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll) BHO\{FF6C3CF0-4B15-11D1-ABED-709549C10000} - "Download Accelerator Plus Integration" (E:\PROGRA~1\DAP\DAPIEL~1.DLL) ======================================== E:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) E:\Program Files\Ad-Remover\Backup: 1 Fichier(s) E:\Ad-Report-SCAN[1].txt - 09/03/2011 15:18:56 (7417 Octet(s)) Fin à: 15:19:21, 09/03/2011 ============== E.O.F ============== --------------------------------------------------------------------- -------------------SCAN ADD-R n°2------------------------- ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF E:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:28:57 le 09/03/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) yo@YO-0218C43EECE5 ( ) ============== RECHERCHE ============== ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.15 (fr)] **** Plugins\npPandoWebInst.dll (Pando Networks) Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\@gamersfirst.com/LiveLauncher (x) HKLM_MozillaPlugins\@ogplanet.com/npOGPPlugin (x) HKLM_Extensions|widgetruntime@surfsecret.com - E:\Program Files\Panda Security\Panda ID Protect\Firefox HKLM_Extensions|{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - E:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} HKCU_Extensions|{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - E:\Program Files\DAP\DAPFireFox -- E:\Documents and Settings\yo\Application Data\Mozilla\FireFox\Profiles\qx4hu3jv.default -- Extensions\FoxdieGraphite@tanjihay.com (Foxdie (Graphite)) Extensions\foxdie_ext_ocelot@foxdie.us (Foxdie for Firefox) Prefs.js - browser.download.lastDir, E:\\Documents and Settings\\yo\\Bureau Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15 ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - "DeviceVM Url Search Hook" (E:\WINDOWS\system32\dvmurl.dll) HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKCU_SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - "?" (?) HKCU_SearchScopes\{F3C409FB-A1BA-4b8e-8F10-304D3D056F87} - "SpeedBit Search" (hxxp://home.speedbit.com/search.aspx?aff=206&q={searchTerms}) HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (E:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll) HKLM_Toolbar|{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (E:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll) HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKLM_ElevationPolicy\{10BEDBEF-25EE-374B-B9D6-9E33A40C4EF5} - E:\Program Files\Panda Security\Panda ID Protect\Panda ID Protect.exe (?) HKLM_ElevationPolicy\{3644F00E-747A-44aa-8DC3-139CCBEF5BFB} - E:\Program Files\Pando Networks\Media Booster\PMB.exe (?) HKLM_ElevationPolicy\{52B4CC5B-0E1D-49C1-80CD-DD2A71320D49} - E:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - E:\Program Files\Fichiers communs\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited) HKLM_ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - E:\Program Files\Panda Security\Panda Security Toolbar\uninstall.exe (Visicom Media Inc.) HKLM_ElevationPolicy\{BB2DE08D-AF76-42f2-80E9-E5EEE624A973} - E:\Program Files\Panda Security\Panda Security Toolbar\ieUtils.exe (Visicom Media Inc.) HKLM_ElevationPolicy\{d7359d7c-fe79-4bf6-8ad0-3242c460149a} - E:\Program Files\Panda Security\Panda ID Protect\IEToolbar\FormFiller.dll (SurfSecret LLC) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (E:\Program Files\uTorrentBar_FR\tbuTor.dll) BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?) BHO\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - "Panda Security Toolbar" (E:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll) BHO\{FF6C3CF0-4B15-11D1-ABED-709549C10000} - "Download Accelerator Plus Integration" (E:\PROGRA~1\DAP\DAPIEL~1.DLL) ======================================== E:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) E:\Program Files\Ad-Remover\Backup: 1 Fichier(s) E:\Ad-Report-SCAN[1].txt - 09/03/2011 22:29:01 (4801 Octet(s)) Fin à: 22:29:25, 09/03/2011 ============== E.O.F ============== ----------------------------------------------------------------- ---------------------CLEAN ADD-R N°2------------------------------------ ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF E:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:29:57 le 09/03/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) yo@YO-0218C43EECE5 ( ) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.15 (fr)] **** Plugins\npPandoWebInst.dll (Pando Networks) Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\@gamersfirst.com/LiveLauncher (x) HKLM_MozillaPlugins\@ogplanet.com/npOGPPlugin (x) HKLM_Extensions|widgetruntime@surfsecret.com - E:\Program Files\Panda Security\Panda ID Protect\Firefox HKLM_Extensions|{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - E:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} HKCU_Extensions|{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - E:\Program Files\DAP\DAPFireFox -- E:\Documents and Settings\yo\Application Data\Mozilla\FireFox\Profiles\qx4hu3jv.default -- Extensions\FoxdieGraphite@tanjihay.com (Foxdie (Graphite)) Extensions\foxdie_ext_ocelot@foxdie.us (Foxdie for Firefox) Prefs.js - browser.download.lastDir, E:\\Documents and Settings\\yo\\Bureau Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15 ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - "DeviceVM Url Search Hook" (E:\WINDOWS\system32\dvmurl.dll) HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKCU_SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - "?" (?) HKCU_SearchScopes\{F3C409FB-A1BA-4b8e-8F10-304D3D056F87} - "SpeedBit Search" (hxxp://home.speedbit.com/search.aspx?aff=206&q={searchTerms}) HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (E:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll) HKLM_Toolbar|{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (E:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll) HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (E:\Program Files\uTorrentBar_FR\tbuTor.dll) HKLM_ElevationPolicy\{10BEDBEF-25EE-374B-B9D6-9E33A40C4EF5} - E:\Program Files\Panda Security\Panda ID Protect\Panda ID Protect.exe (?) HKLM_ElevationPolicy\{3644F00E-747A-44aa-8DC3-139CCBEF5BFB} - E:\Program Files\Pando Networks\Media Booster\PMB.exe (?) HKLM_ElevationPolicy\{52B4CC5B-0E1D-49C1-80CD-DD2A71320D49} - E:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - E:\Program Files\Fichiers communs\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited) HKLM_ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - E:\Program Files\Panda Security\Panda Security Toolbar\uninstall.exe (Visicom Media Inc.) HKLM_ElevationPolicy\{BB2DE08D-AF76-42f2-80E9-E5EEE624A973} - E:\Program Files\Panda Security\Panda Security Toolbar\ieUtils.exe (Visicom Media Inc.) HKLM_ElevationPolicy\{d7359d7c-fe79-4bf6-8ad0-3242c460149a} - E:\Program Files\Panda Security\Panda ID Protect\IEToolbar\FormFiller.dll (SurfSecret LLC) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (E:\Program Files\uTorrentBar_FR\tbuTor.dll) BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?) BHO\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - "Panda Security Toolbar" (E:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll) BHO\{FF6C3CF0-4B15-11D1-ABED-709549C10000} - "Download Accelerator Plus Integration" (E:\PROGRA~1\DAP\DAPIEL~1.DLL) ======================================== E:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) E:\Program Files\Ad-Remover\Backup: 15 Fichier(s) E:\Ad-Report-CLEAN[1].txt - 09/03/2011 22:30:00 (4847 Octet(s)) E:\Ad-Report-SCAN[1].txt - 09/03/2011 22:29:01 (4939 Octet(s)) E:\Ad-Report-SCAN[2].txt - 09/03/2011 22:29:38 (4939 Octet(s)) Fin à: 22:31:14, 09/03/2011 ============== E.O.F ==============

Bonsoir, Voici mon problème, J'ai des pop-up de pubs intempestives sur firefox, Malware Bytes m'en bloque quelques unes mais le scan ne résout pas le problème. Je constate également pas mal de lenteur pour ouvrir firefox (30 sec/1min) ainsi que l'ouverture de projets sous photoshop. Comment doi-je procéder pour palier à ce problème ? Cordialement, oOKHAOSOo. Ci dessous un rapport hidjack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:45:19, on 08/03/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Bonjour\mDNSResponder.exe E:\Program Files\GIGABYTE\EnergySaver\GSvr.exe E:\Program Files\Java\jre6\bin\jqs.exe E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe E:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe E:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe E:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\RTHDCPL.EXE E:\WINDOWS\SOUNDMAN.EXE E:\WINDOWS\system32\LVCOMSX.EXE E:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe E:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe E:\Program Files\Fichiers communs\Java\Java Update\jusched.exe E:\WINDOWS\system32\RUNDLL32.EXE E:\Program Files\DAP\DAP.EXE E:\WINDOWS\system32\ctfmon.exe E:\WINDOWS\system32\wbem\wmiapsrv.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Program Files\Mozilla Firefox\plugin-container.exe E:\Documents and Settings\yo\Mes documents\Téléchargements\HiJackThis.exe E:\WINDOWS\system32\msfeedssync.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?linkid=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/'>http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - E:\WINDOWS\system32\dvmurl.dll R3 - URLSearchHook: uTorrentBar_FR Toolbar - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - E:\Program Files\uTorrentBar_FR\tbuTor.dll O2 - BHO: uTorrentBar_FR Toolbar - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - E:\Program Files\uTorrentBar_FR\tbuTor.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - E:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - E:\PROGRA~1\DAP\DAPIEL~1.DLL O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - E:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll O3 - Toolbar: uTorrentBar_FR Toolbar - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - E:\Program Files\uTorrentBar_FR\tbuTor.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngine.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "E:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] E:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [PSUNMain] "E:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Panda Security URL Filtering] "E:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] E:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKCU\..\Run: [DownloadAccelerator] "E:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Clean Traces - E:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - E:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - E:\Program Files\DAP\dapextie2.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - E:\Program Files\GIGABYTE\EnergySaver\GSvr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - E:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - E:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - E:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - E:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - E:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 9356 bytes

Voici le rapport apres supression : # DelFix v7.1 - Rapport créé le 21/01/2011 à 23:37 # Mis à jour le 16/01/11 à 15h30 par Xplode # Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3 # Nom d'utilisateur : yo - YO-0218C43EECE5 (Administrateur) # Exécuté depuis : E:\Documents and Settings\yo\Mes documents\Téléchargements\DelFix.exe # Option [suppression] ~~~~~~ Dossier(s) ~~~~~~ Supprimé : E:\USBFix Supprimé : E:\_OTM ~~~~~~ Fichier(s) ~~~~~~ Supprimé : E:\UsbFix.txt Supprimé : E:\UsbFix_Upload_Me_YO-0218C43EECE5.zip Supprimé : E:\Documents and Settings\yo\Bureau\OTL.exe Supprimé : E:\Documents and Settings\yo\Bureau\OTL.Txt Supprimé : E:\Documents and Settings\yo\Bureau\OTM.exe Supprimé : E:\Documents and Settings\yo\Bureau\Extras.Txt Supprimé : E:\Documents and Settings\yo\Bureau\hijackthis.log Supprimé : E:\Documents and Settings\yo\Mes documents\Téléchargements\UsbFix.exe Supprimé : E:\Documents and Settings\yo\Mes documents\Téléchargements\HiJackThis.exe ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\SOFTWARE\USBFix Clé Supprimée : HKLM\Software\OldTimer Tools Clé Supprimée : HKLM\Software\TrendMicro Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hijackthis Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe ~~~~~~ Autre ~~~~~~ ########## EOF - "E:\DelFixSuppr.txt" - [1552 octets] ########## Je fais la désinstallation puis je restaure Encore merci ! Cordialement, Khaos

Bon apparemment, tout fonctionne parfaitement, je n'ai plus de pop up et firefox se lance bien plus vite ! Un grand merci pour votre aide ! Cordialement, Khaos

Voila, j'ai effectué l'opération comme vous me l'aviez demandé, voici le rapport : ############################## | UsbFix 7.038 | [suppression] Utilisateur: yo (Administrateur) # YO-0218C43EECE5 [ ] Mis à jour le 14/01/2011 par El Desaparecido / C_XX Lancé à 14:21:25 | 21/01/2011 Site Web: TeamXscript : AD-Remover - FindyKill - UsbFix Contact: eldesaparecido@teamxscript.org CPU: Intel® Core2 Duo CPU E8400 @ 3.00GHz CPU 2: Intel® Core2 Duo CPU E8400 @ 3.00GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Pare-feu Windows: Activé Antivirus: Panda Cloud Antivirus 01.03.00.0000 [Enabled | Updated] RAM -> 3326 Mo C:\ -> Disque fixe # 596 Go (256 Go libre(s) - 43%) [DATA] # NTFS D:\ -> CD-ROM E:\ (%systemdrive%) -> Disque fixe # 298 Go (97 Go libre(s) - 32%) [XP] # NTFS F:\ -> Disque fixe # 466 Go (4 Go libre(s) - 1%) [Lacie] # NTFS G:\ -> CD-ROM ################## | Éléments infectieux | Supprimé! E:\WINDOWS\system32\autorun.inf Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1134193477-2947509257-1621386144-1000 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1134193477-2947509257-1621386144-1001 Supprimé! C:\Recycler\S-1-5-21-682003330-1957994488-2146954855-1003 Supprimé! E:\$RECYCLE.BIN\S-1-5-21-1134193477-2947509257-1621386144-1000 Supprimé! E:\Recycler\S-1-5-21-682003330-1957994488-2146954855-1003 Supprimé! F:\$RECYCLE.BIN\S-1-5-21-1134193477-2947509257-1621386144-1000 Supprimé! F:\Recycler\S-1-5-21-682003330-1957994488-2146954855-1003 ################## | Registre | Supprimé! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{3ff72473-a795-11df-adfb-001fd09217f3} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8e57df6f-ef6e-11df-917d-001fd09217f3} ################## | Listing | [21/01/2011 - 14:27:34 | SHD ] C:\$RECYCLE.BIN [19/11/2010 - 18:36:05 | N | 0] C:\2556_26583484_MVM_0.tmp [19/11/2010 - 18:36:05 | N | 0] C:\2556_26583484_MVM_1.tmp [19/11/2010 - 18:36:05 | N | 0] C:\2556_26583484_MVM_2.tmp [19/11/2010 - 18:36:05 | N | 0] C:\2556_26583484_MVM_3.tmp [19/11/2010 - 18:36:05 | N | 0] C:\2556_26583484_MVM_5.tmp [07/01/2011 - 22:26:30 | D ] C:\Adobe CS5 [20/01/2011 - 21:24:45 | D ] C:\Adobe CS5 Products Keygen [13/02/2010 - 18:08:09 | D ] C:\ADOBE PREMIERE SVG [11/02/2010 - 14:26:56 | D ] C:\AFTER [20/02/2010 - 00:46:32 | D ] C:\Bazar cvm [23/01/2010 - 19:21:53 | D ] C:\C4D [15/12/2009 - 17:06:12 | D ] C:\Capture AdobePro [26/11/2010 - 14:09:31 | D ] C:\Courriers cv [03/09/2009 - 18:23:33 | D ] C:\cs4 [15/09/2010 - 22:24:18 | N | 9411257] C:\cv sep 2010.psd [27/12/2010 - 20:30:36 | D ] C:\download [13/01/2011 - 18:25:09 | N | 1518734468] C:\Final 01 2011.avi [11/02/2010 - 16:34:19 | D ] C:\Fonts [05/01/2011 - 18:30:05 | N | 0] C:\IO.SYS [01/12/2009 - 15:19:54 | D ] C:\kit [05/01/2011 - 18:30:05 | N | 0] C:\MSDOS.SYS [04/01/2011 - 13:18:23 | D ] C:\msdownld.tmp [27/12/2010 - 21:28:19 | D ] C:\NetmarbleGlobal [25/10/2009 - 10:28:49 | D ] C:\Nouveau dossier [11/02/2010 - 14:20:07 | D ] C:\Photos [11/02/2010 - 14:15:54 | D ] C:\Photoshop W templates [15/11/2010 - 12:45:25 | D ] C:\Program Files [08/09/2009 - 21:55:03 | D ] C:\REALFLOW [21/01/2011 - 14:27:37 | SHD ] C:\RECYCLER [30/03/2010 - 23:11:22 | D ] C:\sauvegarde ovh [16/12/2010 - 10:59:57 | D ] C:\Sauvegarde xp [19/11/2010 - 01:35:17 | D ] C:\Second Life [21/01/2011 - 10:27:06 | N | 125] C:\service.log [08/01/2011 - 12:56:49 | SHD ] C:\System Volume Information [09/03/2010 - 19:46:46 | D ] C:\Temp [28/02/2010 - 22:29:11 | D ] C:\Templates joomla [06/11/2010 - 11:43:45 | D ] C:\textures [11/02/2010 - 14:11:41 | D ] C:\tri d'un programme iconnu dans d vrac [10/09/2009 - 20:41:53 | D ] C:\TUTO C4D [08/04/2010 - 13:42:07 | D ] C:\usb [10/09/2010 - 11:22:27 | D ] C:\Users [12/09/2009 - 15:48:58 | D ] C:\Video Copilot [12/01/2010 - 18:13:04 | D ] C:\VIDEOS SITE [15/11/2010 - 12:45:29 | D ] C:\WINDOWS [01/03/2010 - 20:05:23 | SHD ] E:\$RECYCLE.BIN [29/05/2010 - 10:54:18 | D ] E:\66cf77ef0a9a6fc47be902421957e4 [01/03/2010 - 18:16:51 | D ] E:\ATI [01/03/2010 - 18:39:19 | N | 211] E:\boot.ini [05/08/2004 - 13:00:00 | N | 4952] E:\Bootfont.bin [15/01/2011 - 13:09:31 | D ] E:\Config.Msi [01/03/2010 - 18:09:20 | N | 197] E:\csb.log [01/03/2010 - 18:01:02 | D ] E:\Documents and Settings [27/12/2010 - 15:45:01 | D ] E:\Download [16/12/2010 - 11:54:43 | N | 8482] E:\fraglist.luar [16/12/2010 - 11:54:43 | N | 6704] E:\fraglist.txt [01/03/2010 - 22:53:43 | D ] E:\GAME [21/06/2010 - 20:42:34 | D ] E:\GAMIGO [01/03/2010 - 18:03:47 | D ] E:\Intel [27/12/2010 - 21:59:24 | D ] E:\NetmarbleGlobal [05/08/2004 - 13:00:00 | N | 47564] E:\NTDETECT.COM [01/03/2010 - 18:39:30 | N | 252240] E:\ntldr [02/06/2010 - 14:12:52 | D ] E:\NVIDIA [21/01/2011 - 10:26:04 | ASH | 2145386496] E:\pagefile.sys [20/01/2011 - 21:07:42 | D ] E:\Program Files [11/09/2010 - 09:10:50 | D ] E:\ProgramData [21/01/2011 - 14:27:37 | SHD ] E:\RECYCLER [08/01/2011 - 12:56:49 | SHD ] E:\System Volume Information [05/08/2010 - 12:49:39 | D ] E:\Temp [09/06/2010 - 17:27:18 | D ] E:\tools [21/01/2011 - 14:27:37 | D ] E:\UsbFix [21/01/2011 - 14:27:36 | A | 5253] E:\UsbFix.txt [20/01/2011 - 21:09:21 | D ] E:\WINDOWS [20/01/2011 - 21:07:40 | D ] E:\_OTM [29/01/2009 - 16:04:21 | D ] F:\$AVG8.VAULT$ [14/01/2009 - 22:50:04 | SHD ] F:\$RECYCLE.BIN [12/10/2008 - 12:43:44 | N | 15325] F:\0190000000380668.jpg [19/11/2010 - 18:36:05 | N | 0] F:\2556_26583484_MVM_7.tmp [12/10/2008 - 12:44:31 | N | 78403] F:\6832_CDPocket.jpg [22/07/2009 - 17:23:54 | N | 3865480] F:\6832_CDPocket.psd [12/10/2008 - 12:01:43 | N | 23126] F:\72473_top_subhero_f.jpg [12/10/2008 - 13:14:59 | N | 339313] F:\celexx_portfolio_cdrom_by_newdawnfades.jpg [03/05/2008 - 14:57:20 | N | 5334240] F:\dvd CVM ROND CD.psd [03/05/2008 - 14:57:39 | N | 454691] F:\essai cd cvm 2.jpg [02/05/2008 - 21:25:49 | N | 463043] F:\essai cd cvm.jpg [20/05/2008 - 16:47:50 | N | 13925171] F:\Flash.Decompiler.Trillix.v3.0.0.400.Cracked-iNViSiBLE.rar [19/01/2009 - 15:50:22 | D ] F:\fonts [15/01/2009 - 01:58:36 | D ] F:\lionel [12/10/2008 - 12:59:51 | N | 267976] F:\MPj03992930000[1].jpg [22/05/2009 - 23:19:35 | D ] F:\msdownld.tmp [12/10/2008 - 13:02:43 | N | 94888] F:\multimedia Duplication.jpg [12/10/2008 - 12:38:02 | N | 272850] F:\nec_lcd4000_big.jpg [12/10/2008 - 12:13:42 | N | 99875] F:\promeo504.JPG [15/01/2009 - 02:06:18 | D ] F:\rachel [21/01/2011 - 14:27:37 | SHD ] F:\RECYCLER [12/10/2008 - 12:02:06 | N | 34169] F:\reunion entreprise.jpg [12/10/2008 - 13:23:27 | N | 53850] F:\RF_company_profile_by_sijerry.jpg [27/10/2008 - 03:51:27 | N | 2900290838] F:\Runes_of_Magic.rar [26/01/2009 - 22:16:12 | D ] F:\Sauvegardes [06/12/2008 - 17:53:37 | N | 22216792] F:\Second_Life_1-21-6-99587_Setup.exe [25/09/2008 - 16:42:28 | N | 29] F:\Serial.Office.2007.Pro.FRENCH..[emule-island.com].txt [09/09/2010 - 22:42:48 | N | 198] F:\service.log [15/07/2008 - 20:54:57 | N | 2311848787] F:\Setup_Atlantica.exe [25/04/2008 - 18:38:29 | D ] F:\sl [30/11/2010 - 01:04:45 | D ] F:\Slife [12/10/2008 - 12:04:43 | N | 119994] F:\smallstaff.jpg [15/01/2009 - 06:23:49 | D ] F:\Sound [15/12/2008 - 00:24:25 | N | 350184706] F:\StreetGears_client.exe [19/01/2009 - 13:31:07 | SHD ] F:\System Volume Information [12/10/2008 - 12:12:25 | N | 100130] F:\tarifs.jpg [06/11/2010 - 16:35:18 | D ] F:\textures [20/11/2010 - 22:17:05 | ASH | 57856] F:\Thumbs.db [15/01/2009 - 06:27:30 | D ] F:\WOLBER [25/09/2008 - 16:57:39 | N | 47813442] F:\ZBrush 3+3.1+KeyGen+CORRECT INSTALL INSTRUCTIONS.rar [22/10/2008 - 10:02:15 | N | 985837568] F:\[CINEMA4D.????].TLF-SOFT-Maxon.CINEMA.4D.R10.Architecture.Edition-SHooTERS.iso [12/10/2008 - 12:05:14 | N | 252554] F:\_Images_Marketing.jpg ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) E:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: E:\UsbFix_Upload_Me_YO-0218C43EECE5.zip Upload TeamXscript Merci de votre contribution. ################## | E.O.F | Pour le moment pas de popup, je vous confirme en fin d'après midi. Cordialement, Khaos

Bonjour Voici le rapport usb fix, j'ai désactivé malwareb et l'antivirus. ############################## | UsbFix 7.038 | [Recherche] Utilisateur: yo (Administrateur) # YO-0218C43EECE5 [ ] Mis à jour le 14/01/2011 par El Desaparecido / C_XX Lancé à 10:42:09 | 21/01/2011 Site Web: TeamXscript : AD-Remover - FindyKill - UsbFix Contact: eldesaparecido@teamxscript.org CPU: Intel® Core2 Duo CPU E8400 @ 3.00GHz CPU 2: Intel® Core2 Duo CPU E8400 @ 3.00GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Pare-feu Windows: Activé Antivirus: Panda Cloud Antivirus 01.03.00.0000 [(!) Disabled | Updated] RAM -> 3326 Mo C:\ -> Disque fixe # 596 Go (256 Go libre(s) - 43%) [DATA] # NTFS D:\ -> CD-ROM E:\ (%systemdrive%) -> Disque fixe # 298 Go (97 Go libre(s) - 32%) [XP] # NTFS G:\ -> CD-ROM ################## | Éléments infectieux | Présent! E:\WINDOWS\system32\autorun.inf ################## | Registre | Présent! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{3ff72473-a795-11df-adfb-001fd09217f3} Shell\AutoRun\Command = F:\DmailerSync_v9_0_15109.exe HKCU\.\.\.\.\Explorer\MountPoints2\{8e57df6f-ef6e-11df-917d-001fd09217f3} Shell\AutoRun\Command = F:\start.exe ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F | Cordialement, Khaos

Je met donc le rapport de Malewarbytes ici : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5561 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 20/01/2011 23:07:50 mbam-log-2011-01-20 (23-07-50).txt Type d'examen: Examen complet (A:\|C:\|D:\|E:\|G:\|) Elément(s) analysé(s): 422939 Temps écoulé: 1 heure(s), 46 minute(s), 52 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 11 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\adobe cs5 products keygen\adobe dreamweaver cs5 keymaker-embrace.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. c:\adobe cs5 products keygen\adobe flash professiona .cs5 keymaker-embrace.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. c:\adobe cs5 products keygen\adobe indesign cs5.premium v7.0 incl.keymaker-embrace..exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. c:\adobe cs5 products keygen\adobe photoshop cs5.extended v12.0.keymaker-embrace.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. c:\adobe cs5 products keygen\core adobe master collection cs5\adobe_keygen_mc_cs5.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\c4d\install\maxon\_keygen\cinema 4d r11_keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\system volume information\_restore{6f367955-08bb-4112-a2dc-0c1adb8c3ea5}\rp281\a0121556.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. c:\system volume information\_restore{6f367955-08bb-4112-a2dc-0c1adb8c3ea5}\rp281\a0121557.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\system volume information\_restore{6f367955-08bb-4112-a2dc-0c1adb8c3ea5}\rp281\a0121558.exe (Trojan.Downloader) -> Quarantined and deleted successfully. e:\program files\jdownloader\downloads\3DS2\activation\keygens\xf-a2011-32bits.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. e:\program files\jdownloader\downloads\3DS2\activation\keygens\xf-a2011-64bits.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. Les liens des rapports OTL : Fichier OTL : Cijoint.fr - Service gratuit de dépôt de fichiers Extra : Cijoint.fr - Service gratuit de dépôt de fichiers Voila pour le moment je n'ai pas de pop up mais en principe les popup commence après un moment , je vous tiens au courant. Cordialement, khaos

Voila le 1er rapport OTM : All processes killed ========== SERVICES/DRIVERS ========== Error: No service named Backup IP Network was found to stop! Service\Driver key Backup IP Network not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Panda Security Toolbar Antiphishing deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\installer deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sdmBackupIP\ deleted successfully. ========== FILES ========== e:\documents and settings\all users\application data\panda security toolbar antiphishing\panda2_0dn.exe moved successfully. e:\program files\Installer folder moved successfully. e:\windows\BackupIP folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56502 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: yo ->Temp folder emptied: 2203237 bytes ->Temporary Internet Files folder emptied: 12744744 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 632144712 bytes ->Flash cache emptied: 82540 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2134506 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 20970 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 70387696 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 687,00 mb OTM by OldTimer - Version 3.1.17.2 log created on 01202011_210740 Files moved on Reboot... File E:\WINDOWS\temp\Perflib_Perfdata_7f8.dat not found! Registry entries deleted on Reboot... Je lance malwarebytes et je poste la suite.