Votre question

Virus "pub"

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
3 Septembre 2011 16:48:03

Hello !
Depuis quelque semaines, j'ai un virus (?) qui m'ouvre régulièrement des pages de pub bien bruyantes, c'est très agaçant. J'ai essayé de faire une analyse avec avast, mais il ne trouve rien..
Quelqu'un aurait une solution ?
Merci d'avance :) 

Autres pages sur : virus pub

3 Septembre 2011 16:58:37

Bonjour
Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**

    3 Septembre 2011 17:16:28

    Tout d'abord merci pour l'aide :) 
    Voilà le premier rapport, par contre à aucun moment le logiciel ne me propose optional scan, il m'ouvre une fenetre à la fin du premier pour me dire que le fichier txt va apparaître quand je fermerais la fenêtre..

    Spoiler
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7600.16385
    Run by Rafael Nothing at 17:07:57 on 2011-09-03
    Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.4095.1951 [GMT 2:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Sécurité\Avast!\AvastSvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\EXPERTool\TBPANEL.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Utilitaires\DAEMON Tools Lite\DTLite.exe
    C:\ManyCam\Bin\ManyCam.exe
    C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Sécurité\Avast!\AvastUI.exe
    C:\Gmail Notifier\gnotify.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    C:\Program Files (x86)\Logitech\Video\LogiTray.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    C:\Program Files (x86)\Logitech\Video\FxSvr2.exe
    C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\PCTuto\pctuto.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\wuauclt.exe
    C:\Steam\Steam.exe
    c:\steam\steamapps\common\deus ex - human revolution\dxhr.exe
    C:\Steam\GameOverlayUI.exe
    C:\Windows\system32\notepad.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = my.daemon-search.com
    mStart Page = hxxp://mivolo.com
    uInternet Settings,ProxyOverride = *.local
    mSearchAssistant = about:blank
    uURLSearchHooks: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
    mURLSearchHooks: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: PCTBHO Class: {293a63f7-c3b6-423a-9845-901ac0a7ee6e} - C:\Program Files (x86)\PCTuto\pctutoBHO.dll
    BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Sécurité\Avast!\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
    BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Sécurité\Avast!\aswWebRepIE.dll
    TB: BittorrentBar_FR Toolbar: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
    TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe /A
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [LogitechSoftwareUpdate] "C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe" boot
    uRun: [DAEMON Tools Lite] "C:\Utilitaires\DAEMON Tools Lite\DTLite.exe" -autorun
    uRun: [ManyCam] "C:\ManyCam\Bin\ManyCam.exe" /silent
    uRun: [WeatherBugAlert] "C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st
    mRun: [avast] "C:\Sécurité\Avast!\avastUI.exe" /nogui
    mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Gmail Notifier\gnotify.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\iTunes\iTunesHelper.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Utilitaires\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe
    mRun: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe
    mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    mRun: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
    mRun: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
    mRun: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
    mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [PCTuto] "C:\Program Files (x86)\PCTuto\pctuto.exe"
    StartupFolder: C:\Users\RAFAEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{F49CCD0C-328E-416D-8126-DB16210FC7B4} : DhcpNameServer = 192.168.1.254
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
    {293A63F7-C3B6-423a-9845-901AC0A7EE6E}
    {30F9B915-B755-4826-820B-08FBA6BD249D}
    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    {9030D464-4C02-4ABF-8ECC-5164760863C6}
    {DBC80044-A445-435b-BC74-9C25C1C588A9}
    {ef79f67a-6ad7-4715-a0f8-932fca442023}
    {FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    {ef79f67a-6ad7-4715-a0f8-932fca442023}
    {30F9B915-B755-4826-820B-08FBA6BD249D}
    {32099AAC-C132-4136-9E9A-4E364A424E17}
    mRun-x64: [avast] "C:\S‚curit‚\Avast!\avastUI.exe" /nogui
    mRun-x64: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Gmail Notifier\gnotify.exe
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\iTunes\iTunesHelper.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Utilitaires\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe
    mRun-x64: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe
    mRun-x64: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    mRun-x64: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
    mRun-x64: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
    mRun-x64: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
    mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [PCTuto] "C:\Program Files (x86)\PCTuto\pctuto.exe"
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Rafael Nothing\AppData\Roaming\Mozilla\Firefox\Profiles\qgk3c0ew.default\
    FF - plugin: C:\iTunes\Mozilla Plugins\npitunes.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: C:\Utilitaires\Adobe\Reader 10.0\Reader\browser\nppdf32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 avast! Antivirus;avast! Antivirus;C:\Sécurité\Avast!\AvastSvc.exe [2011-7-17 42184]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-9-27 240232]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
    R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    R3 SaiK0CCC;SaiK0CCC;C:\Windows\system32\DRIVERS\SaiK0CCC.sys --> C:\Windows\system32\DRIVERS\SaiK0CCC.sys [?]
    R3 SaiU0CCC;SaiU0CCC;C:\Windows\system32\DRIVERS\SaiU0CCC.sys --> C:\Windows\system32\DRIVERS\SaiU0CCC.sys [?]
    S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-27 136176]
    S3 driverhardwarev2x64;driverhardwarev2x64;C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-8-30 15872]
    S3 gupdatem;Service Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-27 136176]
    S3 maconfservice;Ma-Config Service;C:\Program Files (x86)\ma-config.com\maconfservice.exe [2011-5-1 311744]
    S3 StorSvc;Service de stockage;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
    S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-09-02 09:43:25 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29C0F659-3000-48C0-A0DF-F516EF04B06D}\mpengine.dll
    2011-08-30 22:56:12 -------- d-----w- C:\Program Files (x86)\AWS
    2011-08-30 22:55:35 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\ManyCam
    2011-08-30 22:55:34 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\ManyCam
    2011-08-30 22:55:23 -------- d-----w- C:\ManyCam
    2011-08-30 02:39:41 -------- d-----w- C:\Windows\SysWow64\spool
    2011-08-30 02:36:00 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
    2011-08-29 23:46:23 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\dxhr
    2011-08-29 23:45:10 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\28050
    2011-08-28 19:00:55 -------- d-----w- C:\VirtualDJ
    2011-08-24 22:58:37 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-08-24 22:58:37 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-08-22 15:44:20 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
    2011-08-22 15:44:19 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
    2011-08-22 15:44:19 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
    2011-08-22 15:44:19 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
    2011-08-22 15:44:19 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
    2011-08-22 15:44:19 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
    2011-08-22 15:44:18 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
    2011-08-22 15:44:17 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
    2011-08-22 13:52:21 -------- d-----w- C:\uTorrent
    2011-08-22 13:51:51 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\uTorrent
    2011-08-22 13:51:51 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\uTorrent
    2011-08-11 03:12:13 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
    2011-08-11 03:12:13 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
    2011-08-11 03:12:13 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
    2011-08-11 03:12:13 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
    2011-08-11 03:12:13 212992 ----a-w- C:\Windows\System32\odbctrac.dll
    2011-08-11 03:12:13 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
    2011-08-11 03:12:13 163840 ----a-w- C:\Windows\System32\odbccp32.dll
    2011-08-11 03:12:13 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
    2011-08-11 03:12:13 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
    2011-08-11 03:12:13 106496 ----a-w- C:\Windows\System32\odbccu32.dll
    2011-08-11 03:12:13 106496 ----a-w- C:\Windows\System32\odbccr32.dll
    2011-08-11 03:12:07 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2011-08-10 14:01:57 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2011-08-09 22:14:42 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\PhotoFiltre
    2011-08-09 22:14:40 -------- d-----w- C:\PhotoFiltre
    2011-08-09 20:09:20 -------- d-----w- C:\Users\Rafael Nothing\AppData\Roaming\PCtuto
    2011-08-09 20:09:18 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\PCTuto
    2011-08-09 20:09:18 -------- d-----w- C:\Program Files (x86)\PCTuto
    2011-08-09 20:09:17 -------- d-----w- C:\ProgramData\Tarma Installer
    2011-08-09 20:09:17 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
    2011-08-09 20:07:10 -------- d-----w- C:\Users\Rafael Nothing\AppData\Local\Mozilla
    2011-08-09 20:07:05 -------- d-----w- C:\Mozilla Firefox
    .
    ==================== Find3M ====================
    .
    2011-07-22 05:35:08 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-07-22 04:56:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-07-16 05:26:54 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2011-07-16 05:26:53 243200 ----a-w- C:\Windows\System32\wow64.dll
    2011-07-16 05:26:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2011-07-16 05:26:18 214528 ----a-w- C:\Windows\System32\winsrv.dll
    2011-07-16 05:24:09 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2011-07-16 05:21:32 422400 ----a-w- C:\Windows\System32\KernelBase.dll
    2011-07-16 05:17:46 338432 ----a-w- C:\Windows\System32\conhost.exe
    2011-07-16 04:36:09 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2011-07-16 04:32:14 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2011-07-16 04:31:50 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2011-07-16 04:30:29 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2011-07-16 04:30:27 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-07-16 02:26:12 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2011-07-16 02:26:11 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2011-07-16 02:21:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:21:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:21:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:21:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-16 00:54:14 310728 ----a-w- C:\Windows\System32\drivers\atksgt.sys
    2011-07-15 22:47:54 42696 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
    2011-07-04 11:43:53 40112 ----a-w- C:\Windows\avastSS.scr
    2011-07-04 11:36:56 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2011-07-04 11:32:24 64856 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2011-06-23 05:29:39 5507968 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-06-23 04:38:05 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-06-23 04:38:04 3902336 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-06-21 06:27:14 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2011-06-21 06:20:48 1197056 ----a-w- C:\Windows\System32\wininet.dll
    2011-06-21 06:20:06 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2011-06-21 05:36:36 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-06-21 05:35:05 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2011-06-21 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
    2011-06-21 04:26:02 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys
    .
    ============= FINISH: 17:08:24,72 ===============
    Contenus similaires
    6 Septembre 2011 18:05:22

    Bonjour
    je suis désolé, je sais pas ce que j'ai fichu, en plus j'avais lu ton topic et je pensais y avoir répondu :/ 

    Désinstalle PCtuto (à l'origine de tes publicités)
    lire:
    https://forum.malekal.com/pctuto-tuto4pc-eorezo-t33439....


    puis:


  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\




    6 Septembre 2011 22:50:58

    Encore merci :) 
    Mission accomplie !


    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:46:35 le 06/09/2011, Mode normal

    Microsoft Windows 7 Professionnel (X64)
    Rafael Nothing@RAFAELSPC (To Be Filled By O.E.M. To Be Filled By O.E.M.)

    ============== RECHERCHE ==============


    Dossier trouvé: C:\Users\Rafael Nothing\AppData\Roaming\PCtuto
    Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\Conduit
    Dossier trouvé: C:\Program Files (x86)\Conduit
    Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\ConduitEngine
    Dossier trouvé: C:\Program Files (x86)\ConduitEngine
    Dossier trouvé: C:\Users\Rafael Nothing\AppData\LocalLow\PriceGong
    Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto
    Dossier trouvé: C:\Program Files (x86)\PCTuto
    Fichier trouvé: C:\Users\Public\Desktop\Everest Poker.fr.lnk

    Clé trouvée: HKLM\Software\Classes\CLSID\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29D4E8CC-F910-4190-BD88-CE1E6A4913F0}
    Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Classes\Conduit.Engine
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2849852
    Clé trouvée: HKLM\Software\Conduit
    Clé trouvée: HKLM\Software\conduitEngine
    Clé trouvée: HKCU\Software\AppDataLow\Toolbar
    Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
    Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
    Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{535E1FA0-AC0A-4748-9C89-53BC3E5E319F}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
    Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}


    ============== SCAN ADDITIONNEL ==============

    -- C:\Users\Rafael Nothing\AppData\Roaming\Mozilla\FireFox\Profiles\qgk3c0ew.default --
    Extensions\plugin@yontoo.com (Yontoo Layers)
    Prefs.js - browser.startup.homepage_override.buildID, 20110707182747
    Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Start Page - hxxp://mivolo.com
    AboutUrls|Tabs - hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=e008e22a00000000000000252233a9f3&tlver=1.4.19.19&affID=17159
    HKCU_URLSearchHooks|{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
    HKLM_URLSearchHooks|{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
    HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=e008e22a000000000...)
    HKCU_Toolbar\WebBrowser|{EF79F67A-6AD7-4715-A0F8-932FCA442023} (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
    HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
    HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Sécurité\Avast!\aswWebRepIE.dll)
    HKLM_Toolbar|{ef79f67a-6ad7-4715-a0f8-932fca442023} (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
    HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
    HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
    HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{496B38A7-7357-4E52-84A5-3D40F51CC158} - C:\Program Files (x86)\BittorrentBar_FR\BittorrentBar_FRToolbarHelper.exe (?)
    HKLM_ElevationPolicy\{535E1FA0-AC0A-4748-9C89-53BC3E5E319F} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
    BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
    BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
    BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Sécurité\Avast!\aswWebRepIE.dll)
    BHO\{ef79f67a-6ad7-4715-a0f8-932fca442023} - "BittorrentBar_FR Toolbar" (C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll)
    BHO\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - "Yontoo Layers" (C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 06/09/2011 22:46:39 (6178 Octet(s))

    Fin à: 22:47:12, 06/09/2011

    ============== E.O.F ==============
    6 Septembre 2011 23:01:48

    re


    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\

    +++++++++++++++++++++++++
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS