Virus "pub"
Dernière réponse : dans Sécurité
Hello !
Depuis quelque semaines, j'ai un virus (?) qui m'ouvre régulièrement des pages de pub bien bruyantes, c'est très agaçant. J'ai essayé de faire une analyse avec avast, mais il ne trouve rien..
Quelqu'un aurait une solution ?
Merci d'avance![:)]( ":)")
Depuis quelque semaines, j'ai un virus (?) qui m'ouvre régulièrement des pages de pub bien bruyantes, c'est très agaçant. J'ai essayé de faire une analyse avec avast, mais il ne trouve rien..
Quelqu'un aurait une solution ?
Merci d'avance
Autres pages sur : virus pub
Lassé par la pub ? Créez un compte
Bonjour
Télécharge![]()
DDS et sauvegarde-le sur ton bureau.
Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
Double-clique sur dds.scr pour lancer l'outil.
Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
Clique Oui à la prochaine invite Optional Scan.
Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
Télécharge
DDS et sauvegarde-le sur ton bureau.<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
Tout d'abord merci pour l'aide ![:)]( ":)")
Voilà le premier rapport, par contre à aucun moment le logiciel ne me propose optional scan, il m'ouvre une fenetre à la fin du premier pour me dire que le fichier txt va apparaître quand je fermerais la fenêtre..
Voilà le premier rapport, par contre à aucun moment le logiciel ne me propose optional scan, il m'ouvre une fenetre à la fin du premier pour me dire que le fichier txt va apparaître quand je fermerais la fenêtre..
Spoiler
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Rafael Nothing at 17:07:57 on 2011-09-03
Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.4095.1951 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Sécurité\Avast!\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\EXPERTool\TBPANEL.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Utilitaires\DAEMON Tools Lite\DTLite.exe
C:\ManyCam\Bin\ManyCam.exe
C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Sécurité\Avast!\AvastUI.exe
C:\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files (x86)\Logitech\Video\LogiTray.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Logitech\Video\FxSvr2.exe
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PCTuto\pctuto.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Steam\Steam.exe
c:\steam\steamapps\common\deus ex - human revolution\dxhr.exe
C:\Steam\GameOverlayUI.exe
C:\Windows\system32\notepad.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = my.daemon-search.com
mStart Page = hxxp://mivolo.com
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = about:blank
uURLSearchHooks: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
mURLSearchHooks: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PCTBHO Class: {293a63f7-c3b6-423a-9845-901ac0a7ee6e} - C:\Program Files (x86)\PCTuto\pctutoBHO.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Sécurité\Avast!\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Sécurité\Avast!\aswWebRepIE.dll
TB: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe /A
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [LogitechSoftwareUpdate] "C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe" boot
uRun: [DAEMON Tools Lite] "C:\Utilitaires\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [ManyCam] "C:\ManyCam\Bin\ManyCam.exe" /silent
uRun: [WeatherBugAlert] "C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st
mRun: [avast] "C:\Sécurité\Avast!\avastUI.exe" /nogui
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Gmail Notifier\gnotify.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Utilitaires\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe
mRun: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
mRun: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
mRun: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PCTuto] "C:\Program Files (x86)\PCTuto\pctuto.exe"
StartupFolder: C:\Users\RAFAEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{F49CCD0C-328E-416D-8126-DB16210FC7B4} : DhcpNameServer = 192.168.1.254
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
{30F9B915-B755-4826-820B-08FBA6BD249D}
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{ef79f67a-6ad7-4715-a0f8-932fca442023}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{ef79f67a-6ad7-4715-a0f8-932fca442023}
{30F9B915-B755-4826-820B-08FBA6BD249D}
{32099AAC-C132-4136-9E9A-4E364A424E17}
mRun-x64: [avast] "C:\S‚curit‚\Avast!\avastUI.exe" /nogui
mRun-x64: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Gmail Notifier\gnotify.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Utilitaires\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe
mRun-x64: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe
mRun-x64: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun-x64: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
mRun-x64: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
mRun-x64: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [PCTuto] "C:\Program Files (x86)\PCTuto\pctuto.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rafael Nothing\AppData\Roaming\Mozilla\Firefox\Profiles\qgk3c0ew.default\
FF - plugin: C:\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Utilitaires\Adobe\Reader 10.0\Reader\browser\nppdf32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Sécurité\Avast!\AvastSvc.exe [2011-7-17 42184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-9-27 240232]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 SaiK0CCC;SaiK0CCC;C:\Windows\system32\DRIVERS\SaiK0CCC.sys --> C:\Windows\system32\DRIVERS\SaiK0CCC.sys [?]
R3 SaiU0CCC;SaiU0CCC;C:\Windows\system32\DRIVERS\SaiU0CCC.sys --> C:\Windows\system32\DRIVERS\SaiU0CCC.sys [?]
S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-27 136176]
S3 driverhardwarev2x64;driverhardwarev2x64;C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-8-30 15872]
S3 gupdatem;Service Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-27 136176]
S3 maconfservice;Ma-Config Service;C:\Program Files (x86)\ma-config.com\maconfservice.exe [2011-5-1 311744]
S3 StorSvc;Service de stockage;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-09-02 09:43:25 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29C0F659-3000-48C0-A0DF-F516EF04B06D}\mpengine.dll
2011-08-30 22:56:12 -------- d-----w- C:\Program Files (x86)\AWS
2011-08-30 22:55:35 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\ManyCam
2011-08-30 22:55:34 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\ManyCam
2011-08-30 22:55:23 -------- d-----w- C:\ManyCam
2011-08-30 02:39:41 -------- d-----w- C:\Windows\SysWow64\spool
2011-08-30 02:36:00 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-08-29 23:46:23 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\dxhr
2011-08-29 23:45:10 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\28050
2011-08-28 19:00:55 -------- d-----w- C:\VirtualDJ
2011-08-24 22:58:37 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-08-24 22:58:37 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-08-22 15:44:20 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-08-22 15:44:19 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-08-22 15:44:19 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-08-22 15:44:19 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-08-22 15:44:19 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-08-22 15:44:19 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-08-22 15:44:18 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-08-22 15:44:17 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-08-22 13:52:21 -------- d-----w- C:\uTorrent
2011-08-22 13:51:51 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\uTorrent
2011-08-22 13:51:51 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\uTorrent
2011-08-11 03:12:13 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2011-08-11 03:12:13 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-08-11 03:12:13 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-08-11 03:12:13 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-08-11 03:12:13 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-08-11 03:12:13 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-08-11 03:12:13 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-08-11 03:12:13 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
2011-08-11 03:12:13 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-08-11 03:12:13 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-08-11 03:12:13 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-08-11 03:12:07 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-08-10 14:01:57 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-08-09 22:14:42 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\PhotoFiltre
2011-08-09 22:14:40 -------- d-----w- C:\PhotoFiltre
2011-08-09 20:09:20 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\PCtuto
2011-08-09 20:09:18 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\PCTuto
2011-08-09 20:09:18 -------- d-----w- C:\Program Files (x86)\PCTuto
2011-08-09 20:09:17 -------- d-----w- C:\ProgramData\Tarma Installer
2011-08-09 20:09:17 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
2011-08-09 20:07:10 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\Mozilla
2011-08-09 20:07:05 -------- d-----w- C:\Mozilla Firefox
.
==================== Find3M ====================
.
2011-07-22 05:35:08 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 04:56:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-16 05:26:54 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:26:53 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:26:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:26:18 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-07-16 05:24:09 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:21:32 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 05:17:46 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-07-16 04:36:09 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:32:14 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:31:50 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:30:29 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:30:27 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:26:12 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:26:11 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:21:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-16 00:54:14 310728 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2011-07-15 22:47:54 42696 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2011-07-04 11:43:53 40112 ----a-w- C:\Windows\avastSS.scr
2011-07-04 11:36:56 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-07-04 11:32:24 64856 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-06-23 05:29:39 5507968 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-06-23 04:38:05 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-06-23 04:38:04 3902336 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-06-21 06:27:14 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-21 06:20:48 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-06-21 06:20:06 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-06-21 05:36:36 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-06-21 05:35:05 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-06-21 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
2011-06-21 04:26:02 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 17:08:24,72 ===============
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Rafael Nothing at 17:07:57 on 2011-09-03
Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.4095.1951 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Sécurité\Avast!\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\EXPERTool\TBPANEL.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Utilitaires\DAEMON Tools Lite\DTLite.exe
C:\ManyCam\Bin\ManyCam.exe
C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Sécurité\Avast!\AvastUI.exe
C:\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files (x86)\Logitech\Video\LogiTray.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Logitech\Video\FxSvr2.exe
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PCTuto\pctuto.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Steam\Steam.exe
c:\steam\steamapps\common\deus ex - human revolution\dxhr.exe
C:\Steam\GameOverlayUI.exe
C:\Windows\system32\notepad.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = my.daemon-search.com
mStart Page = hxxp://mivolo.com
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = about:blank
uURLSearchHooks: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
mURLSearchHooks: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PCTBHO Class: {293a63f7-c3b6-423a-9845-901ac0a7ee6e} - C:\Program Files (x86)\PCTuto\pctutoBHO.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Sécurité\Avast!\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Sécurité\Avast!\aswWebRepIE.dll
TB: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe /A
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [LogitechSoftwareUpdate] "C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe" boot
uRun: [DAEMON Tools Lite] "C:\Utilitaires\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [ManyCam] "C:\ManyCam\Bin\ManyCam.exe" /silent
uRun: [WeatherBugAlert] "C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st
mRun: [avast] "C:\Sécurité\Avast!\avastUI.exe" /nogui
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Gmail Notifier\gnotify.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Utilitaires\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe
mRun: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
mRun: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
mRun: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PCTuto] "C:\Program Files (x86)\PCTuto\pctuto.exe"
StartupFolder: C:\Users\RAFAEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{F49CCD0C-328E-416D-8126-DB16210FC7B4} : DhcpNameServer = 192.168.1.254
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
{30F9B915-B755-4826-820B-08FBA6BD249D}
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{ef79f67a-6ad7-4715-a0f8-932fca442023}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{ef79f67a-6ad7-4715-a0f8-932fca442023}
{30F9B915-B755-4826-820B-08FBA6BD249D}
{32099AAC-C132-4136-9E9A-4E364A424E17}
mRun-x64: [avast] "C:\S‚curit‚\Avast!\avastUI.exe" /nogui
mRun-x64: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Gmail Notifier\gnotify.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Utilitaires\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe
mRun-x64: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe
mRun-x64: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun-x64: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
mRun-x64: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
mRun-x64: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [PCTuto] "C:\Program Files (x86)\PCTuto\pctuto.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rafael Nothing\AppData\Roaming\Mozilla\Firefox\Profiles\qgk3c0ew.default\
FF - plugin: C:\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Utilitaires\Adobe\Reader 10.0\Reader\browser\nppdf32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Sécurité\Avast!\AvastSvc.exe [2011-7-17 42184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-9-27 240232]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 SaiK0CCC;SaiK0CCC;C:\Windows\system32\DRIVERS\SaiK0CCC.sys --> C:\Windows\system32\DRIVERS\SaiK0CCC.sys [?]
R3 SaiU0CCC;SaiU0CCC;C:\Windows\system32\DRIVERS\SaiU0CCC.sys --> C:\Windows\system32\DRIVERS\SaiU0CCC.sys [?]
S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-27 136176]
S3 driverhardwarev2x64;driverhardwarev2x64;C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-8-30 15872]
S3 gupdatem;Service Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-27 136176]
S3 maconfservice;Ma-Config Service;C:\Program Files (x86)\ma-config.com\maconfservice.exe [2011-5-1 311744]
S3 StorSvc;Service de stockage;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-09-02 09:43:25 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29C0F659-3000-48C0-A0DF-F516EF04B06D}\mpengine.dll
2011-08-30 22:56:12 -------- d-----w- C:\Program Files (x86)\AWS
2011-08-30 22:55:35 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\ManyCam
2011-08-30 22:55:34 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\ManyCam
2011-08-30 22:55:23 -------- d-----w- C:\ManyCam
2011-08-30 02:39:41 -------- d-----w- C:\Windows\SysWow64\spool
2011-08-30 02:36:00 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-08-29 23:46:23 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\dxhr
2011-08-29 23:45:10 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\28050
2011-08-28 19:00:55 -------- d-----w- C:\VirtualDJ
2011-08-24 22:58:37 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-08-24 22:58:37 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-08-22 15:44:20 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-08-22 15:44:19 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-08-22 15:44:19 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-08-22 15:44:19 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-08-22 15:44:19 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-08-22 15:44:19 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-08-22 15:44:18 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-08-22 15:44:17 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-08-22 13:52:21 -------- d-----w- C:\uTorrent
2011-08-22 13:51:51 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\uTorrent
2011-08-22 13:51:51 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\uTorrent
2011-08-11 03:12:13 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2011-08-11 03:12:13 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-08-11 03:12:13 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-08-11 03:12:13 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-08-11 03:12:13 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-08-11 03:12:13 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-08-11 03:12:13 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-08-11 03:12:13 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
2011-08-11 03:12:13 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-08-11 03:12:13 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-08-11 03:12:13 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-08-11 03:12:07 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-08-10 14:01:57 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-08-09 22:14:42 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\PhotoFiltre
2011-08-09 22:14:40 -------- d-----w- C:\PhotoFiltre
2011-08-09 20:09:20 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\PCtuto
2011-08-09 20:09:18 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\PCTuto
2011-08-09 20:09:18 -------- d-----w- C:\Program Files (x86)\PCTuto
2011-08-09 20:09:17 -------- d-----w- C:\ProgramData\Tarma Installer
2011-08-09 20:09:17 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
2011-08-09 20:07:10 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\Mozilla
2011-08-09 20:07:05 -------- d-----w- C:\Mozilla Firefox
.
==================== Find3M ====================
.
2011-07-22 05:35:08 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 04:56:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-16 05:26:54 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:26:53 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:26:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:26:18 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-07-16 05:24:09 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:21:32 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 05:17:46 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-07-16 04:36:09 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:32:14 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:31:50 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:30:29 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:30:27 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:26:12 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:26:11 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:21:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-16 00:54:14 310728 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2011-07-15 22:47:54 42696 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2011-07-04 11:43:53 40112 ----a-w- C:\Windows\avastSS.scr
2011-07-04 11:36:56 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-07-04 11:32:24 64856 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-06-23 05:29:39 5507968 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-06-23 04:38:05 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-06-23 04:38:04 3902336 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-06-21 06:27:14 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-21 06:20:48 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-06-21 06:20:06 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-06-21 05:36:36 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-06-21 05:35:05 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-06-21 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
2011-06-21 04:26:02 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 17:08:24,72 ===============
Bonjour
je suis désolé, je sais pas ce que j'ai fichu, en plus j'avais lu ton topic et je pensais y avoir répondu![:/]( ":/")
Désinstalle PCtuto (à l'origine de tes publicités)
lire:
https://forum.malekal.com/pctuto-tuto4pc-eorezo-t33439....
puis:
Télécharge ![]()
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Scanner.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
je suis désolé, je sais pas ce que j'ai fichu, en plus j'avais lu ton topic et je pensais y avoir répondu
Désinstalle PCtuto (à l'origine de tes publicités)
lire:
https://forum.malekal.com/pctuto-tuto4pc-eorezo-t33439....
puis:
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau./!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
Encore merci ![:)]( ":)")
Mission accomplie !
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:46:35 le 06/09/2011, Mode normal
Microsoft Windows 7 Professionnel (X64)
Rafael Nothing@RAFAELSPC (To Be Filled By O.E.M. To Be Filled By O.E.M.)
============== RECHERCHE ==============
Dossier trouvé: C:\Users\Rafael Nothing\AppData\Roaming\PCtuto
Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files (x86)\Conduit
Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\ConduitEngine
Dossier trouvé: C:\Program Files (x86)\ConduitEngine
Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\PriceGong
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto
Dossier trouvé: C:\Program Files (x86)\PCTuto
Fichier trouvé: C:\Users\Public\Desktop\Everest Poker.fr.lnk
Clé trouvée: HKLM\Software\Classes\CLSID\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2849852
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{535E1FA0-AC0A-4748-9C89-53BC3E5E319F}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
-- C:\Users\Rafael Nothing\AppData\Roaming\Mozilla\FireFox\Profiles\qgk3c0ew.default --
Extensions\plugin@yontoo.com (Yontoo Layers)
Prefs.js - browser.startup.homepage_override.buildID, 20110707182747
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://mivolo.com
AboutUrls|Tabs - hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=e008e22a00000000000000252233a9f3&tlver=1.4.19.19&affID=17159
HKCU_URLSearchHooks|{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
HKLM_URLSearchHooks|{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=e008e22a000000000...)
HKCU_Toolbar\WebBrowser|{EF79F67A-6AD7-4715-A0F8-932FCA442023} (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Sécurité\Avast!\aswWebRepIE.dll)
HKLM_Toolbar|{ef79f67a-6ad7-4715-a0f8-932fca442023} (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{496B38A7-7357-4E52-84A5-3D40F51CC158} - C:\Program Files (x86)\BittorrentBar_FR\BittorrentBar_FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\{535E1FA0-AC0A-4748-9C89-53BC3E5E319F} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Sécurité\Avast!\aswWebRepIE.dll)
BHO\{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
BHO\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - "Yontoo Layers" (C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 06/09/2011 22:46:39 (6178 Octet(s))
Fin à: 22:47:12, 06/09/2011
============== E.O.F ==============
Mission accomplie !
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:46:35 le 06/09/2011, Mode normal
Microsoft Windows 7 Professionnel (X64)
Rafael Nothing@RAFAELSPC (To Be Filled By O.E.M. To Be Filled By O.E.M.)
============== RECHERCHE ==============
Dossier trouvé: C:\Users\Rafael Nothing\AppData\Roaming\PCtuto
Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files (x86)\Conduit
Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\ConduitEngine
Dossier trouvé: C:\Program Files (x86)\ConduitEngine
Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\PriceGong
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto
Dossier trouvé: C:\Program Files (x86)\PCTuto
Fichier trouvé: C:\Users\Public\Desktop\Everest Poker.fr.lnk
Clé trouvée: HKLM\Software\Classes\CLSID\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2849852
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{535E1FA0-AC0A-4748-9C89-53BC3E5E319F}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
-- C:\Users\Rafael Nothing\AppData\Roaming\Mozilla\FireFox\Profiles\qgk3c0ew.default --
Extensions\plugin@yontoo.com (Yontoo Layers)
Prefs.js - browser.startup.homepage_override.buildID, 20110707182747
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://mivolo.com
AboutUrls|Tabs - hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=e008e22a00000000000000252233a9f3&tlver=1.4.19.19&affID=17159
HKCU_URLSearchHooks|{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
HKLM_URLSearchHooks|{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=e008e22a000000000...)
HKCU_Toolbar\WebBrowser|{EF79F67A-6AD7-4715-A0F8-932FCA442023} (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Sécurité\Avast!\aswWebRepIE.dll)
HKLM_Toolbar|{ef79f67a-6ad7-4715-a0f8-932fca442023} (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{496B38A7-7357-4E52-84A5-3D40F51CC158} - C:\Program Files (x86)\BittorrentBar_FR\BittorrentBar_FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\{535E1FA0-AC0A-4748-9C89-53BC3E5E319F} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Sécurité\Avast!\aswWebRepIE.dll)
BHO\{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
BHO\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - "Yontoo Layers" (C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 06/09/2011 22:46:39 (6178 Octet(s))
Fin à: 22:47:12, 06/09/2011
============== E.O.F ==============
re
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Nettoyer.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
+++++++++++++++++++++++++
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
+++++++++++++++++++++++++
Lassé par la pub ? Créez un compte
