203 fichiers infectés : ça fait beaucoup !

[eden5770]

bonsoir à tous

 

Sur les conseils d'un ami, je me permets de vous livrer le rapport du logiciel HIJACKTHIS et aussi celui de MALWAREBYTES ANTIMALWARE qui a trouvé pleins d'infections

 

est-ce grave docteur ?

 

MERCI D'AVANCE POUR VOTRE AIDE !!!!!!

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:06:46, on 09/07/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\LimeWire\LimeWire.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\CSHelper.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: interdescargas-FR Toolbar - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbint0.dll

R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: interdescargas-FR Toolbar - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbint0.dll

O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: interdescargas-FR Toolbar - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbint0.dll

O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: WinLDP.lnk = C:\Pharmagest\WinLDP.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: WinLDP.lnk = C:\Pharmagest\WinLDP.exe (User 'Default user')

O4 - .DEFAULT User Startup: WinLDP.lnk = C:\Pharmagest\WinLDP.exe (User 'Default user')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231418776187

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231418767187

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe

O23 - Service: OracleOraHome81ClientCache - Unknown owner - C:\oracle\ora81\BIN\ONRSD.EXE

 

--

End of file - 7260 bytes

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4293

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

09/07/2010 13:49:26

mbam-log-2010-07-09 (13-49-26).txt

 

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 190051

Temps écoulé: 56 minute(s), 4 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 178

Valeur(s) du Registre infectée(s): 4

Elément(s) de données du Registre infecté(s): 3

Dossier(s) infecté(s): 72

Fichier(s) infecté(s): 203

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{0729f461-8054-47dc-8d39-a31b61cc0119} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{40ca90f3-4098-4877-ae87-23eb612b18c7} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{4c3b62af-ca25-4fba-8405-32e44f83bb6f} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{5a635a91-c303-45c9-8db9-f759d98a3b9d} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{7e335d04-2e6e-4d0e-a921-c3d9192e7121} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{b20d7add-989c-4bc0-a797-f6fe7998efd7} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{bfc20a15-b0ac-44cc-a25a-a7039014ba9f} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{f019aec4-4c95-46de-a107-e302473e3b9a} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{a57470de-14c7-4fcd-9d4c-e5711f24f0ed} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{2557dd3f-23a0-477c-bcd8-90fd0aecc4b8} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{2893116c-a176-42b1-8794-da8c9fc45564} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{99fdca0c-7380-4e9c-8d99-5dc4750334ef} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{b1d9f4b1-b9ff-463f-bf15-ab9cb26160f7} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Zango) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Zango) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Zango) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Zango) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{71f731b3-008b-4052-9ea4-4145acce40c3} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hotbarweather.weathercontroller (Adware.Softomate) -> No action taken.

HKEY_CLASSES_ROOT\hotbarweather.weathercontroller.1 (Adware.Softomate) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\srv.coreservices (Adware.Softomate) -> No action taken.

HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Softomate) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{2f9ad413-2e0b-4a85-bb2a-cf961238262a} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{148e1447-c728-48fd-beec-a7d06c5fff58} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{8ee46f55-1ce1-4db9-811a-68938ec7f3dd} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{a87dfd99-cf81-4241-85ce-881e0026b686} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{c96b9fae-a032-4100-bb47-32ef05e28be4} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{14113b47-d59c-4f0f-9d10-ff1730265584} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a9c42a57-421c-4572-8b12-249c59183d1c} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{8292078f-f6e9-412b-8eb1-360c05c5ece5} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{2447e305-5e90-42a8-bd1e-0bc333b807e1} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{50d2fdcc-2707-49cb-8223-7fe0424909aa} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{878ce013-7ba9-4650-a78c-b2234c0c1648} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{76d54105-99eb-4ecb-95b2-a944f50cc566} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{30b15818-e110-4527-9c05-46ace5a3460d} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{03d7ff6e-9781-40b5-bb7f-94291a361604} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{3ceb04ab-08af-45f4-81b4-70d13c1f7b85} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{a7213d71-47e1-4832-92d7-d61dfe9f231f} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{cf82f350-e1c4-4916-ac12-ba73db60afb7} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{c62a9e79-2b52-439b-af57-2e60bb06e86c} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{15fd8424-d12a-4c51-8c6c-d5d57b80f781} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{67b3becf-7b6f-42b2-99f0-f7656f89cffa} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{715ffd42-4e05-4eab-9513-c8daa5395ae2} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{759d6f7c-8d30-45b6-abea-fa51c190eed5} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{9a4a64a4-a2fb-48fa-9bba-1ac50267695d} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{62906e60-bce2-4e1b-9ed0-8b9042ee15e4} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{f9bfa98d-9935-4ea4-a05a-72c7f0778f02} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{cdc73256-a88d-4642-844e-a8f20b76789c} (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{d1063603-f045-475f-afbc-8cba7d5797fb} (Adware.Hotbar) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.ShopperReports) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bardiscover (Adware.BarDiscover) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BarDiscover Service (Adware.BarDiscover) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BARDISCOVER_SERVICE (Adware.BarDiscover) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\BarDiscover (Adware.BarDiscover) -> No action taken.

HKEY_CURRENT_USER\Software\Winsudate (Adware.édité) -> No action taken.

HKEY_CLASSES_ROOT\cntntcntr.cntntdic (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\cntntcntr.cntntdic.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\cntntcntr.cntntdisp (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\cntntcntr.cntntdisp.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\hotbarax.info (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\hotbarax.info.1 (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> No action taken.

HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> No action taken.

HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\Software\Hotbar (Adware.Hotbar) -> No action taken.

HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Hotbar (Adware.Hotbar) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> No action taken.

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.

 

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

 

Dossier(s) infecté(s):

C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> No action taken.

C:\Documents and Settings\p4\Application Data\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\p4\Application Data\FunWebProducts\Data (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\p4\Application Data\FunWebProducts\Data\p4 (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Hotbar (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Hotbar\Hotbar (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Hotbar\Hotbar\v3.5 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Hotbar\Hotbar\v3.5\HostOL (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Hotbar\Hotbar\v3.5\HostOL\dynamic (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Hotbar\v3.5 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Hotbar\v3.5\HostOI (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Hotbar\v3.5\HostOI\dynamic (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\IESkins (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\HostOI (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\HostOI\dynamic (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\HostOL (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\HostOL\dynamic (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\HostOL\static (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\HostOL\static\1 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\HostOL\static\2 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\HostOL\static\DownLoad (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\ustat (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\1 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\WeatherDPA (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\Weather_XML (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Application Data\HotbarSA (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\Application Data (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\Application Data (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\cs (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\Documents and Settings (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\p4 (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\res1 (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\ShoppingReport (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\Documents and Settings (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\p4 (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\report (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\WeatherDPA (Adware.Hotbar) -> No action taken.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.

C:\Program Files\Hotbar (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0 (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\firefox (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\firefox\extensions (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\firefox\extensions\plugins (Adware.Hotbar) -> No action taken.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

C:\Program Files\ShoppingReport (Adware.ShopperReports) -> No action taken.

C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> No action taken.

C:\Program Files\ShoppingReport\Bin\2.6.79 (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar (Adware.Hotbar) -> No action taken.

C:\Program Files\BarDiscover (Adware.BarDiscover) -> No action taken.

C:\Documents and Settings\All Users\Application Data\BarDiscover (Adware.BarDiscover) -> No action taken.

 

Fichier(s) infecté(s):

C:\Program Files\Hotbar\bin\11.0.175.0\CoreSrv.dll (Adware.Zango) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\HostIE.dll (Adware.Zango) -> No action taken.

C:\Program Files\ShoppingReport\Bin\2.6.79\ShoppingReport.dll (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Local Settings\Temp\msgpl_1315.exe (Adware.Agent) -> No action taken.

C:\Documents and Settings\p4\Local Settings\Temp\msgpl_e133.exe (Adware.Agent) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\CntntCntr.dll (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\HostOL.dll (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSA.exe (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSAAX.dll (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSADF.exe (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\Srv.exe (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\Toolbar.dll (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\Weather.exe (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\firefox\extensions\plugins\npclntax_HotbarSA.dll (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\FunWebProducts\Data\p4\avatar.dat (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\1383356.sdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\3404705.sdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\domains.txt (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\1000023894 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\1000026952 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\243256 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\449624 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\753590 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\753592 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\90358 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\dynamic\ustat\397a.dat (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\ads.cdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\btntrans.idx (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\btntrans1.dat (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\business_promo.htm (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\buttondir.txt (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\components.cdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\cursors.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\default.cdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_511745-514279.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz1.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz10.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz11.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz12.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz13.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz14.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz15.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz16.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz17.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz18.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz19.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz2.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz20.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz3.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz4.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz5.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz6.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz7.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz8.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_bidz9.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_categorize.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_comparison.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_em_PROFL_CA_flow_b_IEB.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_explorer-Mails.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_explorer-people.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_favorites.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_Games.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_Hide.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_hotbarcom.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_Hotmail.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_hsskin.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_jemster.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_jemsterie.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_jemsteruk.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_jobsearch.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_Mails.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_new.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_premium.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_reun.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_ringtones.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_SearchBoxTrapper.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_searchfor.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_searchgo.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_weather.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Default_yellowpages.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_1000.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_2000.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_3000.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_bar.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_bbar1.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_logos.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_other.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\d_icons_weather.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\editblbuttons.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\email-def-511724-548964.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\email-def-511724-9595.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\email-t1-bg.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\gamesmenu.cdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\gamesMenu.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\hb_ie_menu.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\hotbar-premium-hotbar-premium.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\hotbar-premium.cdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\hotbar_promo.htm (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\icons2.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\ie_games_icon.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\ie_video.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\keywords.idx (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\keywords1.dat (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\layout.cdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\linkpathlegal.txt (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\more.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\new_games.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\progress.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\sales_buttons.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\sdfmodifier.xml (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\s_icons_buttons.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\t2_bg.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\theweb.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\top7.cdf (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\Top7_theweb.mnu (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\tsd_bg.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\2\weathericon.res (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ads.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\BtnTrans.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\BtnTrans1.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\business_promo.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\buttondir.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\cursors.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\default.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_1000.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_2000.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_3000.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_bar.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_logos.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_other.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_weather.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\editblbuttons.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\email-t1-bg.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\gamesmenu.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hb_ie_menu.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hotbar-premium.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hotbar_promo.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\icons2.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ie_games_icon.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ie_video.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\keywords.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\keywords1.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\layout.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\linkpathlegal.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\more.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\progress.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\sales_buttons.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\samplegroups2.txt (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\samplegroups2.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\sdfmodifier.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\s_icons_buttons.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\t2_bg.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\top7.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\tsd_bg.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\weathericon.xip (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\history (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\WeatherStartup.xml (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\WeatherDPA\Links (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\WeatherDPA\WeatherPreferences (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML\Display (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML\Loading (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML\screen2 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\Weather_XML\Default (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\Weather_XML\Genera1 (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\Hotbar\Weather\Weather_XML\General (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA_hpk.dat (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\p4\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images\01AB7F35.urr (Adware.MyWebSearch) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\arrow.ico (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\copyright.txt (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSAHook.dll (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\WeSkin.dll (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\firefox\extensions\chrome.manifest (Adware.Hotbar) -> No action taken.

C:\Program Files\Hotbar\bin\11.0.175.0\firefox\extensions\install.rdf (Adware.Hotbar) -> No action taken.

C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

C:\Program Files\ShoppingReport\Uninst.exe (Adware.ShopperReports) -> No action taken.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Hotbar Games!.lnk (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Hotbar Uninstall Instructions.lnk (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Hotbar Videos!.lnk (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> No action taken.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Weather.lnk (Adware.Hotbar) -> No action taken.

C:\Program Files\BarDiscover\bardiscover.exe (Adware.BarDiscover) -> No action taken.

C:\Program Files\BarDiscover\uninstall.exe (Adware.BarDiscover) -> No action taken.

C:\Documents and Settings\All Users\Application Data\BarDiscover\bardiscover137.exe (Adware.BarDiscover) -> No action taken.

C:\Documents and Settings\p4\Local Settings\Temp\utt18.tmp.exe (Trojan.Pakes) -> No action taken.

[pear]

Bonsoir,

 

Relancez Mbam et supprimez tout ce qu'il trouve.

 

ensuite

 

Téléchargez cet outil de diagnostic.

 

Téléchargez Random's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

 

Sous Xp

Double-cliquez sur RSIT.exe pour le lancer.

Sous Vista

Clic droit sur l'icône et "Exécuter en tant qu'administrateur"

Sous Sept

Sur le bureau, faire un clic droit sur le fichier RSIT.exe

Dans Propriétés->onglet Compatibilité-> cocher Exécuter ce programme en mode compatibilité pour

et dans le menu choisir Vista SP2 et la case dans Niveau de privilège.

Valider par Appliquer.

 

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

Si les rapports sont trop lourds, postez les en plusieurs fois

Pour cela , vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

[eden5770]

info.txt logfile of random's system information tool 1.08 2010-07-11

 

20:58:28

 

======Uninstall list======

 

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132

 

C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player 10

 

ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe

 

-maintain activex

Adobe Reader 7.0 - Français-->MsiExec.exe

 

/I{AC76BA86-7AD7-1036-7B44-A70000000000}

Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE

 

C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log

ArtistScope Plugin IE-->"C:\Program Files\Internet

 

Explorer\plugins\uninstall.exe" "/U:C:\Program Files\Internet

 

Explorer\plugins\Uninstall\uninstall.xml"

Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Assistant de connexion Windows Live-->MsiExec.exe

 

/I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

Avira AntiVir Personal - Free Antivirus-->C:\Program

 

Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Bbox - Bouygues Telecom - Utilitaire de mise à jour-->C:\Program

 

Files\BboxUpdate\uninstall.exe

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

Cloneur Expert-->C:\Program Files\Micro Application\Cloneur

 

Expert\uninstall.exe

Désinstaller Bouygues Telecom - CD d'installation Bbox-->C:\Program

 

Files\Bbox\eSKernel.exe /Uninstall.xml

FUJIFILM FinePixViewer S Ver.2.1-->C:\Program Files\InstallShield

 

Installation

 

Information\{88B32652-CAE0-4909-A463-5840D2689D93}\SETUP.EXE

 

-runfromtemp -l0x040c -removeonly

HijackThis 2.0.2-->"C:\Program Files\Trend

 

Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1

 

(KB953595)-->C:\WINDOWS\system32\msiexec.exe /package

 

{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+

 

REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1

 

(KB958484)-->C:\WINDOWS\system32\msiexec.exe /package

 

{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall

 

{A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

HP Share-to-Web-->RunDll32

 

C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup

 

"C:\Program Files\InstallShield Installation

 

Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\setup.exe" --MAIN

 

-l1036

Installation Windows Live-->C:\Program Files\Windows

 

Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe

 

/I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}

Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE

 

C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572

Intel® PRO Network Adapters and Drivers-->Prounstl.exe

interdescargas-FR Toolbar-->C:\PROGRA~1\INTERD~1\UNWISE.EXE /U

 

C:\PROGRA~1\INTERD~1\INSTALL.LOG

IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe

Java 2 Runtime Environment Standard Edition

 

v1.3.1_03-->C:\WINDOWS\IsUninst.exe -f"C:\Program

 

Files\JavaSoft\JRE\1.3.1_03\Uninst.isu"

Java SE Runtime Environment 6 Update 1-->MsiExec.exe

 

/I{3248F0A8-6813-11D6-A77B-00B0D0160010}

Lecteur Windows Media 11-->"C:\Program Files\Windows Media

 

Player\Setup_wm.exe" /Uninstall

LGPI-->C:\WINDOWS\system32\javaws.exe -uninstall

 

"http://poste0/erp/executable/soft/lgpi.jnlp"

LimeWire 5.5.10-->"C:\Program Files\LimeWire\uninstall.exe"

Logiciel d'impression photo HP-->C:\WINDOWS\IsUn040c.exe -f"C:\Program

 

Files\Hewlett-Packard\Photo Printing\Uninstall.isu" -c"C:\Program

 

Files\Hewlett-Packard\Photo Printing\hpiunPC.dll

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes'

 

Anti-Malware\unins000.exe"

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe

 

/X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1 Security Update

 

(KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hot

 

fix.exe"

 

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906U

 

ninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X

 

{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe

 

/X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe

 

/I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe

 

/I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5

 

SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework

 

3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe

 

/I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Choice Guard-->MsiExec.exe

 

/X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Compression Client Pack 1.0 for Windows

 

XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Office XP Professional-->MsiExec.exe

 

/I{9011040C-6000-11D3-8CFE-0050048383C9}

Microsoft User-Mode Driver Framework Feature Pack

 

1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows XP

 

(KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe

 

C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Mise à jour pour Windows Internet Explorer 8

 

(KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe

 

"

Mise à jour pour Windows Internet Explorer 8

 

(KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe

 

"

Mise à jour pour Windows Internet Explorer 8

 

(KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe

 

"

Mise à jour pour Windows Internet Explorer 8

 

(KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe

 

"

MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

Nettoyeur de disque-->C:\Program Files\Micro Application\Nettoyeur de

 

disque\MediaBuilder.exe -uninstall

Outil de téléchargement Windows Live-->MsiExec.exe

 

/I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Partition Suite-->C:\Program Files\Micro

 

Application\PartitionSuite\MediaBuilder.exe -uninstall

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

Softonic_France Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U

 

C:\PROGRA~1\SOFTON~1\INSTALL.LOG

TeamViewer 5-->C:\Program Files\TeamViewer\Version5\uninstall.exe

Update for Microsoft .NET Framework 3.5 SP1

 

(KB963707)-->C:\WINDOWS\system32\msiexec.exe /package

 

{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall

 

{B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

VLC media player 1.1.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"

Windows Live Call-->MsiExec.exe

 

/I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe

 

/I{ED00D08A-3C5F-488D-93A0-A04F21F23956}

Windows Live Messenger-->MsiExec.exe

 

/X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media

 

Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11

 

runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player

 

11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Service

 

Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

 

======Hosts File======

 

192.168.0.100 poste0

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition (outdated)

 

======System event log======

 

Computer Name: POSTE4

Event Code: 6006

Message: Le service d'Enregistrement d'événement a été arrêté.

 

Record Number: 14174

Source Name: EventLog

Time Written: 20100531222824.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 36

Message: Le service de temps n'a pas pu synchroniser l'heure système

 

de 49152

secondes car aucun fournisseur de temps n'a pu fournir de datage

utilisable. L'horloge système n'est pas synchronisée.

 

Record Number: 14173

Source Name: W32Time

Time Written: 20100531220027.000000+120

Event Type: Avertissement

User:

 

Computer Name: POSTE4

Event Code: 7036

Message: Le service HTTP SSL est entré dans l'état : en cours

 

d'exécution.

 

Record Number: 14172

Source Name: Service Control Manager

Time Written: 20100531082308.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service

 

HTTP SSL.

 

Record Number: 14171

Source Name: Service Control Manager

Time Written: 20100531082308.000000+120

Event Type: Informations

User: AUTORITE NT\SERVICE LOCAL

 

Computer Name: POSTE4

Event Code: 7036

Message: Le service Service de la passerelle de la couche Application

 

est entré dans l'état : en cours d'exécution.

 

Record Number: 14170

Source Name: Service Control Manager

Time Written: 20100531082254.000000+120

Event Type: Informations

User:

 

=====Application event log=====

 

Computer Name: POSTE4

Event Code: 0

Message:

Record Number: 3251

Source Name: gusvc

Time Written: 20090629120623.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 0

Message:

Record Number: 3250

Source Name: gusvc

Time Written: 20090629120523.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 1800

Message: Le service Centre de sécurité Windows a démarré.

 

Record Number: 3249

Source Name: SecurityCenter

Time Written: 20090629120354.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 4096

Message:

Record Number: 3248

Source Name: Avira AntiVir

Time Written: 20090629120352.000000+120

Event Type: Informations

User: AUTORITE NT\SYSTEM

 

Computer Name: POSTE4

Event Code: 1800

Message: Le service Centre de sécurité Windows a démarré.

 

Record Number: 3247

Source Name: SecurityCenter

Time Written: 20090629002138.000000+120

Event Type: Informations

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\orac

 

le\ora81\bin;C:\Program

 

Files\Oracle\jre\1.1.7\bin;c:\progra~1\cognos\cer2\bin;

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel

"PROCESSOR_REVISION"=0209

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

 

-----------------EOF-----------------

[eden5770]

info.txt logfile of random's system information tool 1.08 2010-07-11

 

20:58:28

 

======Uninstall list======

 

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132

 

C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player 10

 

ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe

 

-maintain activex

Adobe Reader 7.0 - Français-->MsiExec.exe

 

/I{AC76BA86-7AD7-1036-7B44-A70000000000}

Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE

 

C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log

ArtistScope Plugin IE-->"C:\Program Files\Internet

 

Explorer\plugins\uninstall.exe" "/U:C:\Program Files\Internet

 

Explorer\plugins\Uninstall\uninstall.xml"

Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Assistant de connexion Windows Live-->MsiExec.exe

 

/I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

Avira AntiVir Personal - Free Antivirus-->C:\Program

 

Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Bbox - Bouygues Telecom - Utilitaire de mise à jour-->C:\Program

 

Files\BboxUpdate\uninstall.exe

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

Cloneur Expert-->C:\Program Files\Micro Application\Cloneur

 

Expert\uninstall.exe

Désinstaller Bouygues Telecom - CD d'installation Bbox-->C:\Program

 

Files\Bbox\eSKernel.exe /Uninstall.xml

FUJIFILM FinePixViewer S Ver.2.1-->C:\Program Files\InstallShield

 

Installation

 

Information\{88B32652-CAE0-4909-A463-5840D2689D93}\SETUP.EXE

 

-runfromtemp -l0x040c -removeonly

HijackThis 2.0.2-->"C:\Program Files\Trend

 

Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1

 

(KB953595)-->C:\WINDOWS\system32\msiexec.exe /package

 

{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+

 

REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1

 

(KB958484)-->C:\WINDOWS\system32\msiexec.exe /package

 

{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall

 

{A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

HP Share-to-Web-->RunDll32

 

C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup

 

"C:\Program Files\InstallShield Installation

 

Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\setup.exe" --MAIN

 

-l1036

Installation Windows Live-->C:\Program Files\Windows

 

Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe

 

/I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}

Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE

 

C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572

Intel® PRO Network Adapters and Drivers-->Prounstl.exe

interdescargas-FR Toolbar-->C:\PROGRA~1\INTERD~1\UNWISE.EXE /U

 

C:\PROGRA~1\INTERD~1\INSTALL.LOG

IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe

Java 2 Runtime Environment Standard Edition

 

v1.3.1_03-->C:\WINDOWS\IsUninst.exe -f"C:\Program

 

Files\JavaSoft\JRE\1.3.1_03\Uninst.isu"

Java SE Runtime Environment 6 Update 1-->MsiExec.exe

 

/I{3248F0A8-6813-11D6-A77B-00B0D0160010}

Lecteur Windows Media 11-->"C:\Program Files\Windows Media

 

Player\Setup_wm.exe" /Uninstall

LGPI-->C:\WINDOWS\system32\javaws.exe -uninstall

 

"http://poste0/erp/executable/soft/lgpi.jnlp"

LimeWire 5.5.10-->"C:\Program Files\LimeWire\uninstall.exe"

Logiciel d'impression photo HP-->C:\WINDOWS\IsUn040c.exe -f"C:\Program

 

Files\Hewlett-Packard\Photo Printing\Uninstall.isu" -c"C:\Program

 

Files\Hewlett-Packard\Photo Printing\hpiunPC.dll

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes'

 

Anti-Malware\unins000.exe"

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe

 

/X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1 Security Update

 

(KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hot

 

fix.exe"

 

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906U

 

ninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X

 

{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe

 

/X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe

 

/I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe

 

/I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5

 

SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework

 

3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe

 

/I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Choice Guard-->MsiExec.exe

 

/X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Compression Client Pack 1.0 for Windows

 

XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Office XP Professional-->MsiExec.exe

 

/I{9011040C-6000-11D3-8CFE-0050048383C9}

Microsoft User-Mode Driver Framework Feature Pack

 

1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows Internet Explorer 8

 

(KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe

 

"

Mise à jour de sécurité pour Windows XP

 

(KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe

 

C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Mise à jour pour Windows Internet Explorer 8

 

(KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe

 

"

Mise à jour pour Windows Internet Explorer 8

 

(KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe

 

"

Mise à jour pour Windows Internet Explorer 8

 

(KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe

 

"

Mise à jour pour Windows Internet Explorer 8

 

(KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe

 

"

MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

Nettoyeur de disque-->C:\Program Files\Micro Application\Nettoyeur de

 

disque\MediaBuilder.exe -uninstall

Outil de téléchargement Windows Live-->MsiExec.exe

 

/I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Partition Suite-->C:\Program Files\Micro

 

Application\PartitionSuite\MediaBuilder.exe -uninstall

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

Softonic_France Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U

 

C:\PROGRA~1\SOFTON~1\INSTALL.LOG

TeamViewer 5-->C:\Program Files\TeamViewer\Version5\uninstall.exe

Update for Microsoft .NET Framework 3.5 SP1

 

(KB963707)-->C:\WINDOWS\system32\msiexec.exe /package

 

{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall

 

{B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

VLC media player 1.1.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"

Windows Live Call-->MsiExec.exe

 

/I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe

 

/I{ED00D08A-3C5F-488D-93A0-A04F21F23956}

Windows Live Messenger-->MsiExec.exe

 

/X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media

 

Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11

 

runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player

 

11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Service

 

Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

 

======Hosts File======

 

192.168.0.100 poste0

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition (outdated)

 

======System event log======

 

Computer Name: POSTE4

Event Code: 6006

Message: Le service d'Enregistrement d'événement a été arrêté.

 

Record Number: 14174

Source Name: EventLog

Time Written: 20100531222824.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 36

Message: Le service de temps n'a pas pu synchroniser l'heure système

 

de 49152

secondes car aucun fournisseur de temps n'a pu fournir de datage

utilisable. L'horloge système n'est pas synchronisée.

 

Record Number: 14173

Source Name: W32Time

Time Written: 20100531220027.000000+120

Event Type: Avertissement

User:

 

Computer Name: POSTE4

Event Code: 7036

Message: Le service HTTP SSL est entré dans l'état : en cours

 

d'exécution.

 

Record Number: 14172

Source Name: Service Control Manager

Time Written: 20100531082308.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service

 

HTTP SSL.

 

Record Number: 14171

Source Name: Service Control Manager

Time Written: 20100531082308.000000+120

Event Type: Informations

User: AUTORITE NT\SERVICE LOCAL

 

Computer Name: POSTE4

Event Code: 7036

Message: Le service Service de la passerelle de la couche Application

 

est entré dans l'état : en cours d'exécution.

 

Record Number: 14170

Source Name: Service Control Manager

Time Written: 20100531082254.000000+120

Event Type: Informations

User:

 

=====Application event log=====

 

Computer Name: POSTE4

Event Code: 0

Message:

Record Number: 3251

Source Name: gusvc

Time Written: 20090629120623.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 0

Message:

Record Number: 3250

Source Name: gusvc

Time Written: 20090629120523.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 1800

Message: Le service Centre de sécurité Windows a démarré.

 

Record Number: 3249

Source Name: SecurityCenter

Time Written: 20090629120354.000000+120

Event Type: Informations

User:

 

Computer Name: POSTE4

Event Code: 4096

Message:

Record Number: 3248

Source Name: Avira AntiVir

Time Written: 20090629120352.000000+120

Event Type: Informations

User: AUTORITE NT\SYSTEM

 

Computer Name: POSTE4

Event Code: 1800

Message: Le service Centre de sécurité Windows a démarré.

 

Record Number: 3247

Source Name: SecurityCenter

Time Written: 20090629002138.000000+120

Event Type: Informations

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\orac

 

le\ora81\bin;C:\Program

 

Files\Oracle\jre\1.1.7\bin;c:\progra~1\cognos\cer2\bin;

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel

"PROCESSOR_REVISION"=0209

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

 

-----------------EOF-----------------

[eden5770]

Bonjour je vous ai envoyé comme vous me l'avez demandé les deux rapports.

Merci de ce que vous pourrez faire pour mon pc en souffrance ...

Sinon je voulais vous parler d'autre chose le compte fb de ma fille pour la deuxième fois fait apparaitre ce message :

 

Veuillez vérifier l’activité récente de votre compte Facebook

 

Votre compte récemment été accédé à partir d’un lieu que nous ne connaissons pas. Par mesure de précaution, veuillez vérifier votre activité récente afin de s’assurer qu’aucune personne n’utilise votre compte Facebook à votre insu.

Vérifier votre activité ne prend que quelques instants. Nous commencerons par vous poser quelques questions afin de vérifier qu’il s’agit bien de votre compte (si nous reconnaissons votre ordinateur, vous pourrez ignorer cette étape).

 

Lorsque ça s'est passé la première fois on a fait exactement ce qui était demandé et l'ordinateur a été bloqué après c'était très difficle d'ouvrir des pages et de s'en servir j'ai lancé antivir et puis ça a été un peu mieux ... et la aujourd'hui de nouveau ça a recommencé mais je n'ai pas fait la procédure donc on ne peut pas ouvir le compte fb, en parallèle, ce matin, ma fille a reçu un e-mail de la part de quelqu'un qui a pris le nom d'un de ses contact mais avec une faute d'orthographe, elle ne s'est pas méfiée elle a ouvert, et après elle s'est rendue compte que c'était pas son contact, ceci était aussi arrivé une fois auparavant auriez-vous une idée de ce que cela peut-être?

Merci de votre coup de pouce, j'attends vos instructions pour la suite des deux rapports.

[pear]

Bonjour;

 

Vous avez envoyé 2 fois info.txt mais pas le logfile.(le plus important).

Postez aussi le rapport de suppression de Mbam.

 

Le message de Facebook est dû à vos infections.

Modifié le 12 juillet 2010 par pear

[eden5770]

Bonjour,

 

Désolée voici le log :

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by p4 at 2010-07-11 20:57:11

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 975 MB (10%) free of 10 GB

Total RAM: 247 MB (6% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:58:19, on 11/07/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\LimeWire\LimeWire.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\CSHelper.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Documents and Settings\p4\Local Settings\Temporary Internet Files\Content.IE5\SEI23RYH\RSIT[2].exe

C:\Program Files\trend micro\p4.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: interdescargas-FR Toolbar - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbint0.dll

R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: interdescargas-FR Toolbar - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbint0.dll

O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: interdescargas-FR Toolbar - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbint0.dll

O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: WinLDP.lnk = C:\Pharmagest\WinLDP.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: WinLDP.lnk = C:\Pharmagest\WinLDP.exe (User 'Default user')

O4 - .DEFAULT User Startup: WinLDP.lnk = C:\Pharmagest\WinLDP.exe (User 'Default user')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231418776187

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231418767187

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe

O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe

O23 - Service: OracleOraHome81ClientCache - Unknown owner - C:\oracle\ora81\BIN\ONRSD.EXE

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

 

--

End of file - 8946 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{8C98A2EF-5710-4B6E-83B4-632EA62B76DD}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c322dc-5878-452e-a2d8-c4aab9973c9a}]

interdescargas-FR Toolbar - C:\Program Files\interdescargas-FR\tbint0.dll [2010-05-28 2515552]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]

Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSof1.dll [2010-07-08 2515552]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - c:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{31c322dc-5878-452e-a2d8-c4aab9973c9a} - interdescargas-FR Toolbar - C:\Program Files\interdescargas-FR\tbint0.dll [2010-05-28 2515552]

{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSof1.dll [2010-07-08 2515552]

{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-10-02 155648]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2003-10-02 118784]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2009-01-08 266497]

"Cloneur Expert Monitor"=C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe [2009-01-08 443116]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2007-08-30 205480]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2009-01-08 90112]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BboxUpdate]

C:\Program Files\BboxUpdate\BTLiveUpdate.exe [2008-08-06 103936]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CANON DR2080C SVC]

DR2KSVC.dll,EntryPointUserMessage []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotbarSA]

C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSA.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JobReaderForCrust]

C:\Program Files\Canon Electronics\DR2050C\JobReaderForCrust.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]

C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2001-07-03 57344]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

c:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherDPA]

C:\Program Files\Hotbar\bin\11.0.175.0\Weather.exe -auto []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinUsr]

C:\Program Files\Winsudate\gibusr.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^aclean.bat.lnk]

C:\PHARMA~1\Cleanmgr\clean.bat [2005-06-01 36]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Exif Launcher S.lnk]

C:\PROGRA~1\FINEPI~1\QUICKD~1.EXE [2007-01-30 303104]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HPAiODevice(hp psc 700 series) - 1.lnk]

C:\PROGRA~1\HEWLET~1\AiO\HPPSC7~1\Bin\hpobrt07.exe -DeviceID 1278588533 []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]

C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [2004-12-14 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^p4^Menu Démarrer^Programmes^Démarrage^LimeWire On Startup.lnk]

C:\PROGRA~1\LimeWire\LimeWire.exe [2010-06-22 503808]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^p4^Menu Démarrer^Programmes^Démarrage^WinLDP.lnk]

C:\PHARMA~1\WinLDP.exe [2000-12-20 451072]

 

C:\Documents and Settings\p4\Menu Démarrer\Programmes\Démarrage

LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=157

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"E:\eSKernel.exe"="E:\eSKernel.exe:*:Enabled:Bbox assistant d'installation"

"C:\Program Files\Bbox\eSKernel.exe"="C:\Program Files\Bbox\eSKernel.exe:*:Enabled:Bbox assistant d'installation"

"C:\Program Files\BboxUpdate\BTLiveUpdate.exe"="C:\Program Files\BboxUpdate\BTLiveUpdate.exe:*:Enabled:Bbox - Bouygues Telecom - Utilitaire de mise à jour"

"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"

"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

 

======List of files/folders created in the last 1 months======

 

2010-07-11 20:57:11 ----D---- C:\rsit

2010-07-08 21:43:23 ----D---- C:\Program Files\Trend Micro

2010-07-08 21:36:34 ----D---- C:\Documents and Settings\p4\Application Data\Malwarebytes

2010-07-08 21:36:07 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2010-07-08 21:36:00 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2010-07-08 21:35:59 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2010-07-08 21:35:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-07-08 21:07:37 ----D---- C:\Program Files\CCleaner

2010-07-08 21:03:18 ----D---- C:\WINDOWS\system32\NtmsData

2010-07-08 20:28:53 ----D---- C:\Documents and Settings\p4\Application Data\LimeWire

2010-07-08 20:26:39 ----D---- C:\Program Files\LimeWire

2010-07-08 19:33:55 ----D---- C:\Documents and Settings\p4\Application Data\Mozilla

2010-07-08 19:06:53 ----D---- C:\Documents and Settings\p4\Application Data\TeamViewer

2010-07-08 19:06:34 ----D---- C:\Program Files\TeamViewer

2010-07-08 18:54:31 ----D---- C:\WINDOWS\Minidump

2010-07-08 13:26:19 ----RA---- C:\WINDOWS\system32\hpocoi08.dll

2010-07-08 13:16:13 ----RA---- C:\WINDOWS\system32\hh.exe

2010-07-08 13:16:02 ----D---- C:\Documents and Settings\p4\Application Data\Dossier de téléchargement Share-to-Web

2010-07-08 13:16:02 ----D---- C:\Documents and Settings\p4\Application Data\Dossier de téléchargement Share-to-Web

2010-07-08 13:15:37 ----A---- C:\WINDOWS\Hposcv07.INI

2010-07-08 13:13:11 ----D---- C:\Program Files\Hewlett-Packard

2010-07-08 12:57:23 ----D---- C:\Documents and Settings\p4\Application Data\vlc

2010-07-08 12:10:25 ----D---- C:\Program Files\Ask.com

2010-07-08 12:04:09 ----D---- C:\Program Files\Softonic_France

2010-07-08 12:03:39 ----D---- C:\Documents and Settings\p4\Application Data\uTorrent

2010-07-07 21:38:42 ----D---- C:\Documents and Settings\p4\Application Data\report

2010-06-17 15:14:49 ----D---- C:\Program Files\BboxUpdate

2010-06-17 15:14:33 ----D---- C:\Program Files\Bbox

2010-06-17 14:51:43 ----D---- C:\Program Files\Techcity

 

======List of files/folders modified in the last 1 months======

 

2010-07-11 20:57:54 ----D---- C:\WINDOWS\Prefetch

2010-07-11 19:40:56 ----D---- C:\WINDOWS\Temp

2010-07-11 11:44:44 ----D---- C:\WINDOWS

2010-07-11 01:38:57 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-07-09 13:57:18 ----D---- C:\WINDOWS\system32\drivers

2010-07-09 13:57:18 ----D---- C:\WINDOWS\Media

2010-07-09 13:55:17 ----RD---- C:\Program Files

2010-07-08 21:10:12 ----D---- C:\WINDOWS\Debug

2010-07-08 21:04:15 ----HD---- C:\WINDOWS\inf

2010-07-08 21:04:14 ----D---- C:\WINDOWS\system32

2010-07-08 21:03:46 ----SHD---- C:\WINDOWS\Installer

2010-07-08 21:01:02 ----D---- C:\WINDOWS\system32\CatRoot2

2010-07-08 20:59:06 ----RASH---- C:\boot.ini

2010-07-08 20:59:06 ----A---- C:\WINDOWS\win.ini

2010-07-08 20:59:06 ----A---- C:\WINDOWS\system.ini

2010-07-08 20:59:04 ----D---- C:\WINDOWS\pss

2010-07-08 13:16:15 ----D---- C:\WINDOWS\system32\mui

2010-07-08 13:15:56 ----HD---- C:\Program Files\InstallShield Installation Information

2010-07-08 13:15:48 ----D---- C:\Program Files\Fichiers communs\InstallShield

2010-07-08 12:53:45 ----D---- C:\Program Files\VideoLAN

2010-07-08 12:10:52 ----SD---- C:\WINDOWS\Tasks

2010-06-25 12:24:18 ----D---- C:\WINDOWS\Microsoft.NET

2010-06-25 12:24:11 ----RSD---- C:\WINDOWS\assembly

2010-06-24 23:32:36 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-06-24 23:31:44 ----D---- C:\WINDOWS\WinSxS

2010-06-24 13:11:24 ----D---- C:\Documents and Settings

2010-06-16 17:41:01 ----D---- C:\WINDOWS\Help

2010-06-15 14:22:56 ----D---- C:\WINDOWS\network diagnostic

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]

R0 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]

R0 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]

R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2009-01-08 82464]

R0 timounter;Acronis TrueImage Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2009-01-08 212288]

R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-06-13 75096]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-01-08 28928]

R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel® Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]

R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel® Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]

R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

R3 E1000;Intel® PRO/1000 Adapter Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2003-08-14 125952]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-10-08 93979]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]

R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-13 578752]

R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S0 adpu320;adpu320; C:\WINDOWS\System32\DRIVERS\adpu320.sys [2004-02-17 132608]

S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-13 46848]

S3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-03-04 145408]

S3 RimUsb;Téléphone intelligent BlackBerry ; C:\WINDOWS\System32\Drivers\RimUsb.sys []

S3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]

S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]

S3 sk98wxp;NDIS5.1 Miniport Driver for SysKonnect SK-9Exx, SK-98xx and SK-95xx Adapter Families; C:\WINDOWS\system32\DRIVERS\sk51x86.sys [2004-06-25 180864]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]

S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]

S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2009-01-08 155648]

R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2009-01-08 68865]

R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2009-01-08 151297]

R2 CSHelper;CopySafe Helper Service; C:\WINDOWS\system32\CSHelper.exe [2009-03-02 266240]

R2 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]

R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 OracleOraHome81ClientCache;OracleOraHome81ClientCache; C:\oracle\ora81\BIN\ONRSD.EXE [2000-10-19 411244]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

 

 

Pour ce qui est de facebook est ce que je dois faire ce que l'on me demande ou est ce un virus ?

[pear]

Bonsoir,

 

Pour l'instant, ne faites rien d'autre que ce que je vous demande, svp.

 

Téléchargez AD-Remover( de Cyrildu17 / C_XX ) sur le bureau

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

 

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

 

Ensuite

 

Relancer Ad- remover , choisir l'option Nettoyer

 

Il y aura 2 rapports à poster après Scanner et Nettoyer

 

Pour désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

 

Téléchargez MBAM

 

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

 

* Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

* Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation à MBAM de se connecter, acceptez.

* Une fois la mise à jour terminée, allez dans l'onglet Recherche.

* Sélectionnez "Exécuter un examen complet"

* Cliquez sur "Rechercher"

* .L' analyse prendra un certain temps, soyez patient !

* A la fin , un message affichera :

L'examen s'est terminé normalement.

 

*Si MBAM n'a rien trouvé, il le dira aussi.

Cliquez sur "Ok" pour poursuivre.

*Fermez les navigateurs.

Cliquez sur Afficher les résultats .

 

*Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

* Copiez-collez ce rapport dans la prochaine réponse.

[eden5770]

je vous adresse le rapport de malwayrebyte d'hier que j'ai oublié de vous adressé, il y apparait qu'il n'y a rien de méchant pourtant quand j'ai lancé l'anti virus antivir après il a trouvé plien d'infections

 

Voici le rapport

 

alwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4293

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

11/07/2010 15:13:38

mbam-log-2010-07-11 (15-13-38).txt

 

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 186294

Temps écoulé: 3 heure(s), 21 minute(s), 7 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

 

Pour ce qui est de la procédure que vous venez de me donner a suivre je vais essayer de faire au mieux, mais je n'ai pas du tout l'habitude donc je vais y aller tout doucement.

Merci pour vos précieux conseils

[pear]

quand j'ai lancé l'anti virus antivir après il a trouvé plien d'infections

 

Postez le rapport Antivir, svp.