Ecran Blanc après démarrage [resolu]

[dark-guts]

Bonjour,

Voila lorsque je démarre ma machine, tout ce passe bien mais arriver au bureau j'ai un écran blanc avec juste une fenêtre mes documents je suis obligé de faire ctrl-alt-del pour lancer le gestionnaire de tache et lancer explorer.exe pour avoir mon bureau une idée ?

[bernard53]

Bonjour

fait ceci pour voir ce qui se lance au démarrage de ton pc.

Télécharge hijackthis <<ICI>>

Laisse faire l’installation par défaut.

Lance Hijackthis puis

**Un rapport va s’afficher et tu le poste ici **

CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse
Tu le refermes pour le moment.

<< Tuto>> au besoin.

[dark-guts]

voila le raport:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:51, on 22.04.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\AASP\1.00.78\aaCenter.exe
C:\Program Files\ASUS\AI Direct Link\AsCmd.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\ASUS\AI Direct Link\AsShare.exe
C:\Windows\explorer.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ASUS\TweakIt\TWeakIt.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\CPU Level UpEx\CpuLevelUp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Corel\Corel MediaOne\Corel Photo Downloader.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Cursors\lsass.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [TweakIt Help] "C:\Program Files\ASUS\TweakIt\TweakIt.exe" -r
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up] "C:\Program Files\ASUS\Ai Suite\CPU Level UPEx\CpuLevelUp.exe" -r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Corel\Corel MediaOne\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

[bernard53]

OK fait ceci.

Relance HijackThis >puis : Do a system scan only > coche ces lignes: ensuite valides sur Fix checked

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Cursors\lsass.exe
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

Ensuite ceci.

Télécharge >>OTMoveIt3<< (de Old_Timer) sur ton Bureau.

Pour VISTA : Clic-droit et choisis "Exécuter en tant qu'administrateur".

AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.

Double-clique sur OTMoveIt3.exe pour le lancer.

Copie la liste qui se trouve en citation ci-dessous:

:Processes
AskService.exe
ASKUpgrade.exe
:Services
ASKService
ASKUpgrade
:Reg

:Files
C:\WINDOWS\Cursors\lsass.exe
:Commands
[purity]
[emptytemp]

[Reboot]

et colle-la dans le cadre de gauche de OTMoveIt3



Clique sur pour lancer la suppression.
attendre la fin du travail de l'outil puis fermer OTMoveIt3.

Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles\*******_******.log


NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Oui/Yes.


Ensuite ceci::
bTélécharge ToolBar-S&D (D'Angeldark, Sham_Rock & XmichouX) sur ton bureau.

Double-clique sur l'icône afin de lancer l’installation.

Une fois installé, un raccourci sera ajouté sur le Bureau. Double-clique dessus pour démarrer l’outil.

dans la fenêtre qui s'ouvre, pour le langue tape "F" appuis un fois sur la touche "entrer"
dans la fenêtre qui s'ouvre fais la choix N°1 (recherche) appuis un fois sur la touche "entrer"

Patiente jusqu'à la fin de la recherche sauvegarde le rapport qui s'ouvre à la fin du scan sur ton bureau et poste le dans ta prochaine réponse stp...
Poste le rapport généré : (C:\TB.txt)

[dark-guts]

alors voila le raport de >>OTMoveIt3<<


========== PROCESSES ==========
Unable to kill process: AskService.exe
Unable to kill process: ASKUpgrade.exe
========== SERVICES/DRIVERS ==========
Service\Driver ASKService stopped successfully.
Service\Driver ASKService deleted successfully.
Service\Driver ASKUpgrade stopped successfully.
Service\Driver ASKUpgrade deleted successfully.
========== REGISTRY ==========
========== FILES ==========
File/Folder C:\WINDOWS\Cursors\lsass.exe not found.
========== COMMANDS ==========
File delete failed. C:\Users\DARK-G~1\AppData\Local\Temp\hsperfdata_Dark-Guts\3824 scheduled to be deleted on reboot.
File delete failed. C:\Users\DARK-G~1\AppData\Local\Temp\e4j72CE.tmp_dir17018\exe4jlib.jar scheduled to be deleted on reboot.
File delete failed. C:\Users\DARK-G~1\AppData\Local\Temp\etilqs_Va20QbJqfYYC5yXZyvkG scheduled to be deleted on reboot.
File delete failed. C:\Users\DARK-G~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be deleted on reboot.
File delete failed. C:\Users\DARK-G~1\AppData\Local\Temp\swt-gdip-win32-3448.dll scheduled to be deleted on reboot.
File delete failed. C:\Users\DARK-G~1\AppData\Local\Temp\swt-win32-3448.dll scheduled to be deleted on reboot.
File delete failed. C:\Users\DARK-G~1\AppData\Local\Temp\~DFB76D.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
File delete failed. C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04222009_195446

Files moved on Reboot...
File C:\Users\DARK-G~1\AppData\Local\Temp\hsperfdata_Dark-Guts\3824 not found!
C:\Users\DARK-G~1\AppData\Local\Temp\e4j72CE.tmp_dir17018\exe4jlib.jar moved successfully.
File C:\Users\DARK-G~1\AppData\Local\Temp\etilqs_Va20QbJqfYYC5yXZyvkG not found!
C:\Users\DARK-G~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
DllUnregisterServer procedure not found in C:\Users\DARK-G~1\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\DARK-G~1\AppData\Local\Temp\swt-gdip-win32-3448.dll NOT unregistered.
C:\Users\DARK-G~1\AppData\Local\Temp\swt-gdip-win32-3448.dll moved successfully.
DllUnregisterServer procedure not found in C:\Users\DARK-G~1\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\DARK-G~1\AppData\Local\Temp\swt-win32-3448.dll NOT unregistered.
C:\Users\DARK-G~1\AppData\Local\Temp\swt-win32-3448.dll moved successfully.
File C:\Users\DARK-G~1\AppData\Local\Temp\~DFB76D.tmp not found!
C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\urlclassifier3.sqlite moved successfully.
C:\Users\Dark-Guts\AppData\Local\Mozilla\Firefox\Profiles\ettctm85.default\XUL.mfl moved successfully.

[dark-guts]

et celui de ToolBar-S&D



-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Professionnel ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz )
BIOS : BIOS Date: 12/09/08 18:48:23 Ver: 08.00.15
USER : Dark-Guts ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:465 Go (Free:239 Go)
D:\ (CD or DVD)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 22.04.2009|20:00 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.daemon-search.com/startpage"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\DARK-G~1\AppData\Roaming\Azureus\torrents\CommView 6.0 + Crack (Full).torrent
C:\Users\DARK-G~1\AppData\Roaming\Azureus\torrents\N‚ro 9 + keygen [TRACKERSURFER.french].torrent
C:\Users\DARK-G~1\Desktop\CommView 6.0 + Crack (Full).rar
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\file_id.diz
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\install.txt
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\x-force.nfo
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\xf-vmta4.exe
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\file_id.diz
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\install.txt
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\x-force.nfo
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\xf-vmta4.exe
C:\Users\DARK-G~1\Documents\Azureus Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED\rld-burp\Crack
C:\Users\DARK-G~1\Documents\Azureus Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED\rld-burp\Crack\burnoutparadise1001.exe
C:\Users\DARK-G~1\Documents\Azureus Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED\rld-burp\Crack\rld-bupk.exe
C:\Users\DARK-G~1\Documents\Azureus Downloads\Crysis Special Edition\EXTRAS\Crack 1.1.7z
C:\Users\DARK-G~1\Music\Ma Musique\NON TRIER\Nouveau dossier\WWE - WWE - WWE - WWE - WWE WrestleMania XIX Theme (Crack Addict).mp3


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 22.04.2009|20:01 - Option : [1]

-----------\\ Fin du rapport a 20:01:08.10

[bernard53]

OK ceci a suivre.

Double clique sur le raccourci pour démarrer l'outil.

dans la fenêtre qui s'ouvre, pour la langue tape "F" -->> appuis une fois sur la touche "entrer"
dans la fenêtre qui s'ouvre fais le choix N°2 (Suppression) appuis une fois sur la touche "entrer"

Patiente jusqu'à la fin de la recherche -->> Sauvegarde le rapport qui s'ouvre à la fin du scan sur ton bureau et poste le dans ta prochaine réponse stp...

Poste le rapport généré : (C:\TB.txt)

Bien sur ceci est en cause.

--------------------\\ Cracks & Keygens ..

C:\Users\DARK-G~1\AppData\Roaming\Azureus\torrents\CommView 6.0 + Crack (Full).torrent
C:\Users\DARK-G~1\AppData\Roaming\Azureus\torrents\N‚ro 9 + keygen [TRACKERSURFER.french].torrent
C:\Users\DARK-G~1\Desktop\CommView 6.0 + Crack (Full).rar
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\file_id.diz
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\install.txt
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\x-force.nfo
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\xf-vmta4.exe
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\file_id.diz
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\install.txt
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\x-force.nfo
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\xf-vmta4.exe
C:\Users\DARK-G~1\Documents\Azureus Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED\rld-burp\Crack
C:\Users\DARK-G~1\Documents\Azureus Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED\rld-burp\Crack\burnoutparadise1001.exe
C:\Users\DARK-G~1\Documents\Azureus Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED\rld-burp\Crack\rld-bupk.exe
C:\Users\DARK-G~1\Documents\Azureus Downloads\Crysis Special Edition\EXTRAS\Crack 1.1.7z
C:\Users\DARK-G~1\Music\Ma Musique\NON TRIER\Nouveau dossier\WWE - WWE - WWE - WWE - WWE WrestleMania XIX Theme (Crack Addict).mp3

[dark-guts]

voila :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Professionnel ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz )
BIOS : BIOS Date: 12/09/08 18:48:23 Ver: 08.00.15
USER : Dark-Guts ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:465 Go (Free:253 Go)
D:\ (CD or DVD)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 22.04.2009|20:16 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.daemon-search.com/startpage"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\DARK-G~1\AppData\Roaming\Azureus\torrents\CommView 6.0 + Crack (Full).torrent
C:\Users\DARK-G~1\AppData\Roaming\Azureus\torrents\N‚ro 9 + keygen [TRACKERSURFER.french].torrent
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\file_id.diz
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\install.txt
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\x-force.nfo
C:\Users\DARK-G~1\Desktop\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\xf-vmta4.exe
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\file_id.diz
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\install.txt
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\x-force.nfo
C:\Users\DARK-G~1\Desktop\Nouveau dossier\david\Convertion_logiciel_en_portable\VMWare ThinApp v4.0.0.2200\Crack-TA\xf-vmta4.exe


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 22.04.2009|20:01 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 22.04.2009|20:17 - Option : [2]

-----------\\ Fin du rapport a 20:17:20.18

[bernard53]

juste trois choses pour terminer.

1-Installe Malewarebytes' Antimalware,
Téléchargement et tuto

Met-le à jour puis passe en mode sans échec :
http://www.pcloisirs.eu/mode_sans_echec.htm

Choisi, Exécuter un examen complet (environ 1 à 2 heures)

Poste le rapport final.
il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) ? cliquez sur Oui ? choisissez Outils dans la barre de navigation sur la gauche ? Résident et là vous pouvez décocher les cases situées devant les deux outils.

2- un nouveau rapport HijackThis après cela pour controle.

3-dis moi de ton coté comment vas ton pc.

[dark-guts]

voila le rapport de Malwarebytes' Anti-Malware entre autre le problème est résolu et je t'en remercie infiniment je poste les rapport :

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2026
Windows 6.0.6001 Service Pack 1

22.04.2009 20:56:58
mbam-log-2009-04-22 (20-56-58).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 219062
Temps écoulé: 26 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe C:\WINDOWS\Cursors\lsass.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Windows\System32\videocore.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

[dark-guts]

et voila le rapport de Hijackthis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:51, on 22.04.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\AASP\1.00.78\aaCenter.exe
C:\Program Files\ASUS\AI Direct Link\AsCmd.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\ASUS\AI Direct Link\AsShare.exe
C:\Windows\explorer.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ASUS\TweakIt\TWeakIt.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\CPU Level UpEx\CpuLevelUp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Corel\Corel MediaOne\Corel Photo Downloader.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Cursors\lsass.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [TweakIt Help] "C:\Program Files\ASUS\TweakIt\TweakIt.exe" -r
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up] "C:\Program Files\ASUS\Ai Suite\CPU Level UPEx\CpuLevelUp.exe" -r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Corel\Corel MediaOne\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 9257 bytes



Merci encore de m'avoir aider

[bernard53]

tu peux faire ceci pour controle.

un nouveau rapport HijackThis


PS: nous nous sommes croisé

Ton rapport n'est pas le bon. il faut que tu relance HijackThis

[dark-guts]

voila : comment ca nous nous sommes croisé ?


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:14:13, on 22.04.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\AASP\1.00.78\aaCenter.exe
C:\Program Files\ASUS\AI Direct Link\AsCmd.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\ASUS\AI Direct Link\AsShare.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ASUS\TweakIt\TWeakIt.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\CPU Level UpEx\CpuLevelUp.exe
C:\Program Files\Corel\Corel MediaOne\Corel Photo Downloader.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [TweakIt Help] "C:\Program Files\ASUS\TweakIt\TweakIt.exe" -r
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up] "C:\Program Files\ASUS\Ai Suite\CPU Level UPEx\CpuLevelUp.exe" -r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Corel\Corel MediaOne\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 8794 bytes

[bernard53]

OK très bien

Relance HijackThis >puis : Do a system scan only > coche ces lignes: ensuite valides sur Fix checked

R3 - Default URLSearchHook is missing
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)


Ensuite puisque tout vas bien.

Fait ceci pour supprimer les logiciels qui ont servis à cette désinfection.

>> Télécharge ToolsCleaner (de A.Rothstein & dj QUIOU) http://pc-system.fr/TC/ToolsCleaner2.exe

>> Double-clique dessus pour lancer le programme

>> Clique sur Recherche et laisse le scan se terminer (il peut durer une dizaine de minutes au maximum).

>> Une fois la recherche lancée, ne clique pas dans la fenêtre, cela provoquerait un léger bug du programme.

>> Si toutes fois la mention (ne réponds pas) apparaissait dans le titre de la fenêtre ToolsCleaner, ne t'en occupes pas et laisse quand même le programme terminer son travail

** Clique sur Suppression pour finaliser.

• Tu peux, si tu le souhaites, te servir des Options facultatives.

**Poste-moi le rapport qui apparait

Puis ceci::

Bon maintenant on va mettre la restauration du système propre.
Pour cela:
1- Valides les touches Windows et Pause en même temps.

Puis cela:

Sur cette fenêtre décoche cette case et Valides :


Toujours sur cette même fenêtre :
Il te faut donc maintenant recrée un nouveau point de restauration.
Coche cette même case et valides cela par l’onglet APPLIQUER puis onglet « CREER »


Puis ceci :


Ensuite création de ce point de restauration.

Et Confirmation.


Vous pouvez maintenant fermer toutes les fenêtres.


Ceci aussi si tu veux.

Voici un lien très intéressant sur des Logiciels nuisibles.
<<n'installez plus ces programmes >>

Ce << LIEN>> aussi à lire.


N'oublies de supprimer les Cracks en causent.



Ps :: Regarde CECI pour marquer <<RESOLU>>