Probleme avec TR/Fakealert.aft

licke · le 30 juillet 2009

Bonjour

Un probleme avec TR/Fakealert.aft

Si vous pouviez me donner un petit coup de main

Ci-joint rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:18:43, on 30/07/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Search Settings\SearchSettings.exe

C:\Documents and Settings\user\Application Data\Google\edpgz16420882.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\program files\valve\steam\steam.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe

C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\LZ73580N\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://meteo-pont-saint-mard.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [Thunderbird] "f:\Mozilla Thunderbird\thunderbird.exe"

O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 5.0\SetHook.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe

O4 - HKLM\..\Run: [realteks] "C:\Documents and Settings\user\Application Data\Google\edpgz16420882.exe" 2

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent

O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

O4 - HKCU\..\Run: [qmaii] "c:\documents and settings\user\local settings\application data\qmaii.exe" qmaii

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe

O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 10226 bytes

En vous remerciant par avance

Licke

Falkra · le 30 juillet 2009

Bonjour,

la machine est infectée. Je vais te demander deux rapports.

Désactive tes protections résidentes (Antivirus, ...) tu les réactivera après ces deux scans

Télécharge Lop S&D < ici

Double-clique sur Lop S&D.exe présent sur ton bureau

Sélectionne la langue souhaitée, puis choisis l'Option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

----------

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

Lance le fichier téléchargé par clic droit, exécuter en tant qu'administrateur.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré. (C:\TB.txt)

licke · le 30 juillet 2009

Re

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4600+ )

BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12

USER : user ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:74 Go (Free:6 Go)

D:\ (CD or DVD)

E:\ (Local Disk) - NTFS - Total:232 Go (Free:181 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [1] ( 30/07/2009|15:35 )

--------------------\\ Listing des dossiers dans APPLIC~1

[17/02/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[01/08/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[01/08/2007|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[08/04/2008|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aspyr

[24/12/2008|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[13/01/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations

[13/01/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix

[13/01/2008|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fellowes

[16/05/2009|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[21/04/2008|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations

[13/01/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe

[27/06/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[08/03/2009|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[15/07/2009|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help

[27/06/2007|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero

[21/04/2008|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite

[18/07/2009|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm

[16/11/2008|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype

[06/10/2007|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[24/12/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Video Converter Studio

[11/01/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[10/01/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[27/06/2007|16:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/01/2008|17:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[27/06/2007|16:20] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Microsoft

[27/06/2007|16:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/07/2009|16:01] C:\DOCUME~1\user\APPLIC~1\Adobe

[20/07/2009|16:01] C:\DOCUME~1\user\APPLIC~1\Ahead

[20/07/2009|16:01] C:\DOCUME~1\user\APPLIC~1\Apple Computer

[20/07/2009|16:01] C:\DOCUME~1\user\APPLIC~1\ArcSoft

[08/05/2009|21:23] C:\DOCUME~1\user\APPLIC~1\DivX

[27/02/2009|20:17] C:\DOCUME~1\user\APPLIC~1\dvdcss

[28/10/2007|23:57] C:\DOCUME~1\user\APPLIC~1\FileZilla

[08/01/2009|16:04] C:\DOCUME~1\user\APPLIC~1\Gearbox Software

[30/07/2009|15:08] C:\DOCUME~1\user\APPLIC~1\Google

[26/09/2007|09:17] C:\DOCUME~1\user\APPLIC~1\Help

[27/06/2007|16:29] C:\DOCUME~1\user\APPLIC~1\Identities

[08/07/2009|16:20] C:\DOCUME~1\user\APPLIC~1\InstallShield

[13/01/2008|20:03] C:\DOCUME~1\user\APPLIC~1\InstallShield Installation Information

[28/10/2007|16:22] C:\DOCUME~1\user\APPLIC~1\KompoZer

[09/07/2009|14:31] C:\DOCUME~1\user\APPLIC~1\LG Electronics

[30/01/2008|20:02] C:\DOCUME~1\user\APPLIC~1\Macromedia

[18/07/2009|19:10] C:\DOCUME~1\user\APPLIC~1\Microsoft

[10/01/2009|13:06] C:\DOCUME~1\user\APPLIC~1\Mozilla

[01/12/2008|19:22] C:\DOCUME~1\user\APPLIC~1\Nero

[22/04/2008|18:01] C:\DOCUME~1\user\APPLIC~1\Nokia

[21/04/2008|19:05] C:\DOCUME~1\user\APPLIC~1\PC Suite

[24/12/2008|19:31] C:\DOCUME~1\user\APPLIC~1\Search Settings

[04/05/2008|16:27] C:\DOCUME~1\user\APPLIC~1\SecuROM

[30/07/2009|15:06] C:\DOCUME~1\user\APPLIC~1\Skype

[30/07/2009|10:07] C:\DOCUME~1\user\APPLIC~1\skypePM

[18/11/2007|20:38] C:\DOCUME~1\user\APPLIC~1\Talkback

[15/03/2008|19:36] C:\DOCUME~1\user\APPLIC~1\THQ

[19/11/2007|16:01] C:\DOCUME~1\user\APPLIC~1\Thunderbird

[18/01/2009|16:43] C:\DOCUME~1\user\APPLIC~1\ubi.com

[27/06/2007|22:00] C:\DOCUME~1\user\APPLIC~1\vlc

[28/06/2007|21:06] C:\DOCUME~1\user\APPLIC~1\WinRAR

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[18/07/2009 13:17][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[30/07/2009 14:35][--ah-----] C:\WINDOWS\tasks\SA.DAT

[02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[27/06/2007|17:23] C:\Program Files\802.11 Wireless LAN

[23/04/2008|09:12] C:\Program Files\Activision

[17/02/2008|14:07] C:\Program Files\Adobe

[27/06/2007|16:37] C:\Program Files\AMD

[27/06/2007|16:36] C:\Program Files\Analog Devices

[06/10/2007|22:05] C:\Program Files\AoA Audio Extractor

[03/09/2008|19:01] C:\Program Files\Apple Software Update

[20/09/2008|08:20] C:\Program Files\ArcSoft

[08/04/2008|19:10] C:\Program Files\Aspyr

[25/12/2008|00:19] C:\Program Files\AVIConverter

[24/12/2008|12:09] C:\Program Files\Avira

[18/07/2007|23:10] C:\Program Files\AviSynth 2.5

[18/11/2007|20:35] C:\Program Files\BackupFox

[18/10/2008|22:47] C:\Program Files\Common Files

[27/06/2007|16:17] C:\Program Files\ComPlus Applications

[30/01/2008|12:21] C:\Program Files\Core Design

[26/09/2007|08:29] C:\Program Files\Croteam

[20/03/2009|21:38] C:\Program Files\Crypto

[24/12/2008|19:35] C:\Program Files\Dealio

[21/04/2008|19:04] C:\Program Files\DIFX

[08/05/2009|21:20] C:\Program Files\DivX

[06/10/2007|23:13] C:\Program Files\DVDVIDEOSOFT

[29/10/2007|19:35] C:\Program Files\EA GAMES

[14/07/2009|19:27] C:\Program Files\EA SPORTS

[05/11/2008|16:52] C:\Program Files\Eidos

[14/07/2009|19:27] C:\Program Files\Eidos Interactive

[02/02/2008|11:45] C:\Program Files\Electronic Arts

[16/12/2008|14:27] C:\Program Files\eMule

[23/09/2007|11:00] C:\Program Files\EPSON

[18/07/2007|23:10] C:\Program Files\eRightSoft

[13/01/2008|20:02] C:\Program Files\Fellowes

[08/05/2009|21:20] C:\Program Files\Fichiers communs

[28/10/2007|15:56] C:\Program Files\FileZilla Client

[24/10/2008|20:53] C:\Program Files\Free Audio Pack

[13/07/2009|17:45] C:\Program Files\Free Video Converter

[17/01/2009|18:14] C:\Program Files\GameSpy Arcade

[16/05/2009|09:21] C:\Program Files\Google

[08/05/2009|08:53] C:\Program Files\GT Interactive

[08/07/2009|16:21] C:\Program Files\InstallShield Installation Information

[30/07/2009|13:08] C:\Program Files\Internet Explorer

[17/07/2009|17:24] C:\Program Files\InternetGameBox

[23/01/2008|19:53] C:\Program Files\iPod

[23/01/2008|19:53] C:\Program Files\iTunes

[20/09/2008|08:16] C:\Program Files\JL2005C

[08/07/2009|16:21] C:\Program Files\LG Electronics

[09/07/2009|14:32] C:\Program Files\LG PC Suite II

[20/01/2008|21:16] C:\Program Files\LivePix 1.1

[23/07/2007|22:15] C:\Program Files\Logitech

[17/09/2008|14:19] C:\Program Files\LogMeIn

[13/01/2008|17:49] C:\Program Files\lphant

[18/10/2008|23:04] C:\Program Files\Messenger

[26/04/2009|20:04] C:\Program Files\Messenger Plus! Live

[10/01/2009|12:47] C:\Program Files\Microsoft

[27/06/2007|16:20] C:\Program Files\microsoft frontpage

[19/07/2008|20:22] C:\Program Files\Microsoft Games

[08/03/2009|12:58] C:\Program Files\Microsoft Money 2005

[26/09/2007|17:00] C:\Program Files\Microsoft Office

[19/07/2007|12:57] C:\Program Files\Microsoft Visual Studio

[05/10/2007|16:37] C:\Program Files\Microsoft Works

[19/07/2007|12:53] C:\Program Files\Microsoft.NET

[17/01/2009|17:22] C:\Program Files\Mindscape

[08/05/2009|23:47] C:\Program Files\Movie Maker

[30/07/2009|15:04] C:\Program Files\Mozilla Firefox

[11/03/2009|18:38] C:\Program Files\MSBuild

[27/06/2007|16:16] C:\Program Files\MSN

[27/06/2007|16:17] C:\Program Files\MSN Gaming Zone

[09/07/2009|18:00] C:\Program Files\MSXML 4.0

[27/06/2007|18:45] C:\Program Files\Nero

[18/10/2008|22:56] C:\Program Files\NetMeeting

[15/03/2008|13:54] C:\Program Files\NRJ

[27/06/2007|16:17] C:\Program Files\Online Services

[08/05/2009|23:47] C:\Program Files\Outlook Express

[21/04/2008|19:04] C:\Program Files\PC Connectivity Solution

[23/01/2008|19:52] C:\Program Files\QuickTime

[08/07/2009|12:56] C:\Program Files\Red Storm Entertainment

[11/03/2009|18:37] C:\Program Files\Reference Assemblies

[24/12/2008|19:18] C:\Program Files\Search Settings

[27/06/2007|16:19] C:\Program Files\Services en ligne

[18/07/2009|15:59] C:\Program Files\Siber Systems

[18/07/2009|16:01] C:\Program Files\Sierra On-Line

[16/11/2008|13:15] C:\Program Files\Skype

[29/03/2008|19:28] C:\Program Files\THQ

[18/01/2009|19:51] C:\Program Files\TrackMania Nations ESWC

[18/07/2007|16:09] C:\Program Files\Ubi Soft

[18/01/2009|16:44] C:\Program Files\ubi.com

[08/01/2009|15:38] C:\Program Files\Ubisoft

[27/06/2007|16:29] C:\Program Files\Uninstall Information

[01/05/2009|19:09] C:\Program Files\Valve

[27/06/2007|18:36] C:\Program Files\VideoLAN

[16/12/2008|19:24] C:\Program Files\Windows Live

[12/10/2008|10:27] C:\Program Files\Windows Live Safety Center

[16/12/2008|18:48] C:\Program Files\Windows Live SkyDrive

[15/03/2008|13:55] C:\Program Files\Windows Media Components

[10/01/2008|18:49] C:\Program Files\Windows Media Connect 2

[08/05/2009|08:56] C:\Program Files\Windows Media Player

[18/10/2008|22:56] C:\Program Files\Windows NT

[27/06/2007|16:19] C:\Program Files\WindowsUpdate

[28/06/2007|21:06] C:\Program Files\WinRAR

[27/06/2007|18:33] C:\Program Files\WinZip

[27/06/2007|16:20] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[17/02/2008|14:08] C:\Program Files\Fichiers communs\Adobe

[27/06/2007|18:45] C:\Program Files\Fichiers communs\Ahead

[01/08/2007|18:10] C:\Program Files\Fichiers communs\Apple

[20/09/2008|08:20] C:\Program Files\Fichiers communs\ArcSoft

[19/07/2007|12:54] C:\Program Files\Fichiers communs\DESIGNER

[15/03/2008|19:36] C:\Program Files\Fichiers communs\DirectX

[08/05/2009|21:20] C:\Program Files\Fichiers communs\DivX Shared

[06/10/2007|23:13] C:\Program Files\Fichiers communs\DVDVIDEOSOFT

[20/07/2007|23:21] C:\Program Files\Fichiers communs\InstallShield

[20/07/2007|23:27] C:\Program Files\Fichiers communs\Logitech

[08/03/2009|12:01] C:\Program Files\Fichiers communs\Microsoft Shared

[18/10/2008|22:42] C:\Program Files\Fichiers communs\Motorola Shared

[27/06/2007|16:18] C:\Program Files\Fichiers communs\MSSoap

[27/06/2007|18:10] C:\Program Files\Fichiers communs\ODBC

[18/01/2009|16:42] C:\Program Files\Fichiers communs\PocketSoft

[27/06/2007|16:18] C:\Program Files\Fichiers communs\Services

[16/11/2008|13:15] C:\Program Files\Fichiers communs\Skype

[27/06/2007|18:10] C:\Program Files\Fichiers communs\SpeechEngines

[18/10/2008|22:56] C:\Program Files\Fichiers communs\System

[16/12/2008|18:40] C:\Program Files\Fichiers communs\Windows Live

[10/01/2008|19:00] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 52 Processes )

iexplore.exe ~ [PID:1496]

iexplore.exe ~ [PID:724]

iexplore.exe ~ [PID:2816]

iexplore.exe ~ [PID:2912]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\user\LOCALS~1\Temp\msgpl_42d2.tmp

C:\DOCUME~1\user\LOCALS~1\Temp\msgpl_6565.tmp

C:\DOCUME~1\user\LOCALS~1\Temp\msgpl_72e6.tmp

C:\DOCUME~1\user\LOCALS~1\Temp\msgpl_916c.tmp

C:\DOCUME~1\user\LOCALS~1\Temp\msgpl_a4ab.tmp

C:\DOCUME~1\user\LOCALS~1\Temp\msgpl_dff3.tmp

C:\DOCUME~1\user\LOCALS~1\Temp\msgpl_f552.tmp

C:\DOCUME~1\user\LOCALS~1\Temp\Start.exe

C:\DOCUME~1\user\Cookies\user@advertstream[1].txt

C:\DOCUME~1\user\Cookies\user@d2.advertserve[1].txt

C:\DOCUME~1\user\Cookies\user@advertising[1].txt

C:\DOCUME~1\user\Cookies\user@bigpoint[1].txt

C:\DOCUME~1\user\Cookies\user@fr.deepolis.bigpoint[1].txt

C:\DOCUME~1\user\Cookies\user@2xmoinscher[1].txt

C:\DOCUME~1\user\Cookies\user@cc.2xmoinscher[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-30 15:35:52

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 40

--------------------\\ Recherche d'autres infections

C:\Program Files\InternetGameBox

C:\Program Files\InternetGameBox\language

C:\Program Files\InternetGameBox\ressources

C:\Program Files\InternetGameBox\skins

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\Conditions g‚n‚rales.url

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\Confidentialit‚.url

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\D‚sinstaller.lnk

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\InternetGameBox.lnk

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\Website.url

C:\DOCUME~1\user\LOCALS~1\APPLIC~1\qmaii.dat

C:\DOCUME~1\user\LOCALS~1\APPLIC~1\qmaii.exe

C:\DOCUME~1\user\LOCALS~1\APPLIC~1\qmaii_nav.dat

C:\DOCUME~1\user\LOCALS~1\APPLIC~1\qmaii_navps.dat

==> EGDACCESS <==

[F:3865][D:206]-> C:\DOCUME~1\user\LOCALS~1\Temp

[F:215][D:0]-> C:\DOCUME~1\user\Cookies

[F:2127][D:8]-> C:\DOCUME~1\user\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 30/07/2009|15:37 - Option : [1]

--------------------\\ Fin du rapport a 15:37:19

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4600+ )

BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12

USER : user ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:74 Go (Free:6 Go)

D:\ (CD or DVD)

E:\ (Local Disk) - NTFS - Total:232 Go (Free:181 Go)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )

Option : [1] ( 30/07/2009|15:40 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\Dealio

C:\Program Files\Dealio\kb127

C:\DOCUME~1\user\APPLIC~1\Search Settings

C:\DOCUME~1\user\APPLIC~1\Search Settings\kb127

C:\DOCUME~1\user\APPLIC~1\Search Settings\kb127\res

C:\DOCUME~1\user\APPLIC~1\Search Settings\kb127\temp

C:\DOCUME~1\user\APPLIC~1\Search Settings\kb127\temp\ws-14455.log

C:\Program Files\Search Settings

C:\Program Files\Search Settings\kb127

C:\Program Files\Search Settings\SearchSettings.exe

C:\Program Files\Search Settings\kb127\res

C:\Program Files\Search Settings\kb127\SearchSettings.dll

C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll

C:\Program Files\Search Settings\kb127\temp

-----------\\ Extensions

(user) - {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} => forecastfox

(user) - {22119944-ED35-4ab1-910B-E619EA06A115} => roboform

(user) - {3502a070-ea2f-11dd-ba2f-0800200c9a66} => minimizetotray

(user) - {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d} => ipv6ident

(user) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe

(user) - {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} => walnut

(user) - {77e8295d-7048-8367-1c67-378537c06d74} => phplangeditor

(user) - {89506680-e3f4-484c-a2c0-ed711d481eda} => showcase

(user) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper

(user) - {DA3A89AB-2DCA-4a29-8FEA-3C9E79BBF113} => pagerankstatus

(user) - {dc572301-7619-498c-a57d-39143191b318} => tabmixplus

(user) - {dd30bf68-268a-4815-ad48-8740b774c764} => redcats_green

(user) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview

(user) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle

(user) - {0b62b504-857c-4f62-a336-2e8425bd5738} => quotecollapse

(user) - {28BA62BF-022B-44a3-88BC-D2112DDB7D58} => atbcc_button

(user) - {31513E58-F253-47ad-86DB-D5F21E905429} => minimizetotray

(user) - {554c2c30-935c-11d9-9669-0800200c9a66} => mailtagger

(user) - {78136133-1994-415a-8d30-69d505d924fc} => deletejunk

(user) - {83d1f945-8280-11db-96a7-00e08161165f} => thunderbayes

(user) - {90bcd2b0-08f1-4db8-a136-8263c3f89cc8} => worldweatherplus

(user) - {90ceaf60-169c-40fb-b224-7204488f061d} => attbytes

(user) - {9A537591-D2A6-4e53-8FE1-F76AB00D5597} => quickreply

(user) - {aaf23341-212c-43c4-8824-e51cfe051345} => templateloader

(user) - {b243fe83-b8a7-47de-855d-21d865243d5d} => folderpane

(user) - {de1b245c-de57-11da-ba2d-0050c2490048} => minimize

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ca

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-cs

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-da

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-de

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-en-US

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-AR

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-ES

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-eu

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-fr

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ga-IE

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-hu

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-it

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ka

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-lt

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-mk

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nb-NO

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nl

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pa-IN

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pl

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-BR

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-PT

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ru

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sk

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sl

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sv-SE

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-tr

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-CN

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ca

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-cs

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-da

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-de

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-en-US

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-AR

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-ES

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-eu

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-fr

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ga-IE

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-hu

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-it

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ka

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-lt

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-mk

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nb-NO

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nl

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pa-IN

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pl

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-BR

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-PT

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ru

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sk

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sl

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sv-SE

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-tr

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-CN

(user) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning

(user) - {F3A60010-0E28-4503-B4AA-0E5F90275F77} => walnut_for_thunderbird_1.5_and_2.0-1.7.18-tb

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\WINDOWS\\system32\\blank.htm"

"Start Page"="http://meteo-pont-saint-mard.com/"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Local Page"="C:\\WINDOWS\\system32\\blank.htm"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

--------------------\\ Recherche d'autres infections

C:\Program Files\InternetGameBox

C:\Program Files\InternetGameBox\language

C:\Program Files\InternetGameBox\ressources

C:\Program Files\InternetGameBox\skins

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\Conditions g‚n‚rales.url

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\Confidentialit‚.url

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\D‚sinstaller.lnk

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\InternetGameBox.lnk

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\InternetGameBox\Website.url

C:\DOCUME~1\user\LOCALS~1\APPLIC~1\qmaii.dat

C:\DOCUME~1\user\LOCALS~1\APPLIC~1\qmaii.exe

C:\DOCUME~1\user\LOCALS~1\APPLIC~1\qmaii_nav.dat

C:\DOCUME~1\user\LOCALS~1\APPLIC~1\qmaii_navps.dat

==> EGDACCESS <==

1 - "C:\ToolBar SD\TB_1.txt" - 30/07/2009|15:40 - Option : [1]

-----------\\ Fin du rapport a 15:40:38,09

Voila les 2 rapports

Merci de cette rapidité

Licke

Falkra · le 30 juillet 2009

Ok, on continue, en 3 étapes.

** 1 **

Relance Toolbar-S&D par clic droit, exécuter en tant qu'administrateur. Choisis cette fois l'option "suppression" puis valide en appuyant sur "Entrée".

! Ne ferme pas la fenêtre lors de la suppression !

Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.

Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."

Tape explorer puis valide.

** 2 **

Télécharge Navilog1 (par IL-MAFIOSO) sur ton bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Double clique sur Navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, double-clique sur le raccourci Navilog1 présent sur le bureau.
Laisse-toi guider. Appuie sur une touche quand on te le demande.
Au menu principal, choisis l'option 1 et valide.
< Ne fais pas le choix 2 >
Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC : laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.
Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta prochaine réponse. Referme le bloc-notes.

PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt

** 3 **

Relance Lop S&D

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

licke · le 30 juillet 2009

Re

Voici les differents rapports

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4600+ )

BIOS : BIOS Date: 04/30/07 10:48:15 Ver: 08.00.12

USER : user ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:74 Go (Free:6 Go)

D:\ (CD or DVD)

E:\ (Local Disk) - NTFS - Total:232 Go (Free:181 Go)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )

Option : [2] ( 30/07/2009|16:11 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\Dealio\kb127

Supprime! - C:\DOCUME~1\user\APPLIC~1\Search Settings\kb127

Supprime! - C:\Program Files\Search Settings\kb127

Supprime! - C:\Program Files\Search Settings\SearchSettings.exe

Supprime! - C:\Program Files\Dealio

Supprime! - C:\DOCUME~1\user\APPLIC~1\Search Settings

Supprime! - C:\Program Files\Search Settings