Probléme de démarage (Windows XP) • page 3

[Skynet]

Ok, on continue en mode sans échec.

Tu télécharges et installes Toolbar S&D ici :

http://www.trokus.fr/files/get/NP4SEX6Wfh/toolbarsd.exe

Tu lances une recherche (option n°1) et copie ici le rapport.

Ensuite tu télécharges et installe Malwarebyte's Anti-Malware ici :
http://www.pc-infopratique.com/telechar ... lware.html

Tu lances un scan complet et si il trouve une ou des traces d'infection, tu supprimes.

A l'identique, à la fin, tu auras un rapport que tu colles ici .

[Eicca]

1er rapport :



-----------\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Edition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Administrateur ( Administrator )
BOOT : Fail-safe with network boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C: (Local Disk) - NTFS - Total:143 Go (Free:1 Go)
D: (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E: (CD or DVD)
F: (USB)
G: (USB)
H: (USB)
I: (USB)
J: (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
L: (Local Disk) - NTFS - Total:232 Go (Free:4 Go)

"C:ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 19/08/2009| 0:09 )

-----------\ Recherche de Fichiers / Dossiers ...

C:DOCUME~1HP_PRO~1APPLIC~1Dealio
C:DOCUME~1HP_PRO~1APPLIC~1Dealio es
C:DOCUME~1HP_PRO~1APPLIC~1Dealio emp
C:DOCUME~1HP_PRO~1APPLIC~1Dealio eswidgets.xml
C:DOCUME~1HP_PRO~1APPLIC~1Dealio emphttp___www_dealio_com_rss_coupons-deals_dotd_.xml
C:Program FilesMozilla Firefoxextensionssearch@searchsettings.com
C:Program FilesMozilla Firefoxextensionssearch@searchsettings. ... splugin.js
C:Program FilesMozilla Firefoxextensionssearch@searchsettings. ... plugin.xul
C:Program FilesMozilla Firefoxextensionssearch@searchsettings. ... plugin.dtd
C:Program FilesMozilla Firefoxextensionssearch@searchsettings. ... properties
C:Program FilesMozilla Firefoxextensionssearch@searchsettings. ... ingsFF.dll
C:DOCUME~1HP_PRO~1APPLIC~1Search Settings
C:DOCUME~1HP_PRO~1APPLIC~1Search Settingskb128
C:DOCUME~1HP_PRO~1APPLIC~1Search Settingskb128 emp
C:DOCUME~1HP_PRO~1APPLIC~1Search Settingskb128 empws-14471.log
C:DOCUME~1HP_PRO~1APPLIC~1Search Settingskb128 empws-14472.log
C:Program FilesSearch Settings
C:Program FilesSearch Settingskb128
C:Program FilesSearch SettingsSearchSettings.exe
C:Program FilesSearch Settingskb128 es
C:Program FilesSearch Settingskb128SearchSettingsRes409.dll
C:Program FilesSearch Settingskb128 emp
C:WINDOWSiun6002.exe

-----------\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(HP_Propri,taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Propri,taire) - {b66bc4c3-6d25-4a10-8c59-01daa9063051} => foxgame
(HP_Propri,taire) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper


-----------\ [..Internet ExplorerMain]

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain]
"Local Page"="C:\WINDOWS\system32\blank.htm"
"Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"
"Search Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"
"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"
"Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"

[HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerMain]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"


--------------------\ Recherche d'autres infections

C:Program FilesInstant Access
C:Program FilesInstant AccessCenter
C:Program FilesInstant AccessDialer
C:Program FilesWebMediaPlayer
C:Program FilesWebMediaPlayer esources
C:Program FilesWebMediaPlayerskins
C:Program FilesWebMediaPlayeruninst.exe
C:Program FilesWebMediaPlayerupdates
C:Program FilesWebMediaPlayerWebMediaPlayer.url
C:WINDOWSPack.epk
C:WINDOWSSystem32
vs2.inf

C:WINDOWSSystem32koxjya.dat
C:WINDOWSSystem32koxjya_nav.dat
C:WINDOWSSystem32koxjya_navps.dat
C:WINDOWSSystem32oukgcag.dat
C:WINDOWSSystem32oukgcag.exe
C:WINDOWSSystem32oukgcag_nav.dat
C:WINDOWSSystem32oukgcag_navps.dat
C:WINDOWSSystem32vtgyvv_navfx.dat
C:WINDOWSSystem32yjlhehw_navfx.dat
==> EGDACCESS <==

--------------------\ ROGUES ..

C:DOCUME~1HP_PRO~1APPLIC~1DriveCleaner Free
C:PROGRA~1FICHIE~1DriveCleaner Free




1 - "C:ToolBar SDTB_1.txt" - 19/08/2009| 0:07 - Option : [1]
2 - "C:ToolBar SDTB_2.txt" - 19/08/2009| 0:10 - Option : [1]

-----------\ Fin du rapport a 0:10:18,09

[Skynet]

Ok merci.

Donc tu peux relancer ToolBar S&D et choisir cette fois l'option n°2,
tu attends le rapport et de nouveau copier/coller ici .

Par contre tu regarderas dans Ajout & suppression de programmes si tu
vois AVG Anti-virus Free 8.0, parce qu'il est toujours là et il faudrait le supprimer.

[Eicca]

Tool bar n'est plus hebergé ?
C'est bizard AVG n'est pourtant plus présent dans supression du matériel !

[Skynet]

Si si retente pour Toolbar.

On verras après alors pour AVG.

[Eicca]

Ok,j'ai lancé toolBar et Malwarebytes j'ai l'impression que ca va prendre un peut de temp

[Eicca]

Voiçi le 2 éme rapport toolbar,je suis toujour en attente de Malwar...



-----------\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Edition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Administrateur ( Administrator )
BOOT : Fail-safe with network boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C: (Local Disk) - NTFS - Total:143 Go (Free:1 Go)
D: (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E: (CD or DVD)
F: (USB)
G: (USB)
H: (USB)
I: (USB)
J: (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
L: (Local Disk) - NTFS - Total:232 Go (Free:4 Go)

"C:ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 19/08/2009| 1:11 )

-----------\ Recherche de Fichiers / Dossiers ...


-----------\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(HP_Propri,taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Propri,taire) - {b66bc4c3-6d25-4a10-8c59-01daa9063051} => foxgame
(HP_Propri,taire) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper


-----------\ [..Internet ExplorerMain]

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain]
"Local Page"="C:\WINDOWS\system32\blank.htm"
"Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"
"Search Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"
"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"
"Default_Search_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"

[HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerMain]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop"


--------------------\ Recherche d'autres infections

C:Program FilesInstant Access
C:Program FilesInstant AccessCenter
C:Program FilesInstant AccessDialer
C:Program FilesWebMediaPlayer
C:Program FilesWebMediaPlayer esources
C:Program FilesWebMediaPlayerskins
C:Program FilesWebMediaPlayeruninst.exe
C:Program FilesWebMediaPlayerupdates
C:Program FilesWebMediaPlayerWebMediaPlayer.url
C:WINDOWSPack.epk
C:WINDOWSSystem32
vs2.inf

C:WINDOWSSystem32koxjya.dat
C:WINDOWSSystem32koxjya_nav.dat
C:WINDOWSSystem32koxjya_navps.dat
C:WINDOWSSystem32oukgcag.dat
C:WINDOWSSystem32oukgcag.exe
C:WINDOWSSystem32oukgcag_nav.dat
C:WINDOWSSystem32oukgcag_navps.dat
C:WINDOWSSystem32vtgyvv_navfx.dat
C:WINDOWSSystem32yjlhehw_navfx.dat
==> EGDACCESS <==

--------------------\ ROGUES ..

C:DOCUME~1HP_PRO~1APPLIC~1DriveCleaner Free
C:PROGRA~1FICHIE~1DriveCleaner Free




1 - "C:ToolBar SDTB_1.txt" - 19/08/2009| 0:07 - Option : [1]
2 - "C:ToolBar SDTB_2.txt" - 19/08/2009| 0:10 - Option : [1]
3 - "C:ToolBar SDTB_3.txt" - 19/08/2009| 1:12 - Option : [2]

-----------\ Fin du rapport a 1:12:57,09

[Eicca]

Rapport malwar...:


Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2651
Windows 5.1.2600 Service Pack 3 (Safe Mode)

19/08/2009 01:27:41
mbam-log-2009-08-19 (01-27-41).txt

Type de recherche: Examen rapide
Eléments examinés: 203049
Temps écoulé: 1 hour(s), 14 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 94
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 40
Fichier(s) infecté(s): 64

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOTfunwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTfunwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTmywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTscreensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTscreensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTInterface{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTTypelib{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallwebmediaplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREEoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallInstant Access (Adware.InstantAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREWebMediaPlayer (Rogue.Webmediaplayer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterAntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterFirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterUpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:Documents and SettingsHP_PropriétaireApplication DataDriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:Documents and SettingsHP_PropriétaireApplication DataDriveCleaner FreeLogs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:Program FilesFichiers communsDriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:Program FilesInstant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessCenter (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616external-api.dlv4.comjs (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003images (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesFR (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comCommon (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comcustom (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comcustom4290 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comcustom4290FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616www.0texkax7c6hzuidk.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616www.0texkax7c6hzuidk.comCommon (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616www.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075external-api.dlv4.comjs (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861images (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesFR (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comCommon (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comcustom (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comcustom4239 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comcustom4239FR (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075www.0texkax7c6hzuidk.com (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075www.0texkax7c6hzuidk.comCommon (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075www.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayer esources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayerskins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayerupdates (Adware.EGDAccess) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:Documents and SettingsHP_PropriétaireApplication DataDriveCleaner FreeLogsupdate.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessCenterCrazy Girls.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessCenterDIALSEXY.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessCenterGAMES-DESKTOP.COM.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessCenterSUDOKUPLANET.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessCenter ray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616Crazy Girls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616external-api.dlv4.comjsd1d785641321f8a73dd051401a3f1849 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com79a9be8ac2cac413d876bb940cf896dc.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesespaceur.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesindex_03.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesindex_05.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesindex_06.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesindex_07.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesindex_09.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesindex_10.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesindex_11.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesFRindex_01.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616fp.gad-network.com50003imagesFRindex_02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comCommon431f2d06527dd27b4aa9a45ca7ab1e4f.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comcustom42904290_dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comcustom4290FRutton1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comcustom4290FRutton2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comcustom4290FRutton3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616scripts.dlv4.comcustom4290FRutton4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer1091304616www.rapid-pass.net344a007c400233ec30b114e01a9585f2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075Crazy Girls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075external-api.dlv4.comjs728082408e838b76eff616049c2d57fc (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com4a863277e6c96b81157cb0ec38715af6.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861images0.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagessg1.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagessg2.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagessg3.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861images _sb.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861images _sg.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesvid1.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesvid2.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesvid3.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesvign.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesFRfilles.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesFR h.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesFR xt1.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075fp.gad-network.com3861imagesFR xt2.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comCommond7d13b9ec65da6d850940db2ed95a3ac.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comcustom42394239_dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comcustom4239FRutton1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comcustom4239FRutton2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comcustom4239FRutton3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075scripts.dlv4.comcustom4239FRutton4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesInstant AccessDialer290663075www.rapid-pass.net58d1ea74c723b80a372a84420b8c1a08 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayeruninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayerWebMediaPlayer.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayer esourceslanguages.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayer esourceswebmedias.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:Program FilesWebMediaPlayerskinsclassic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:WINDOWSsystem32koxjya_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32oukgcag_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32koxjya_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32oukgcag_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem320c74D3w.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem325rMOUH08.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32RuGx6qMQ.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32
vs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:WINDOWS mlpcert2007 (Adware.EGDAccess) -> Quarantined and deleted successfully.

[Skynet]

Et bien... Multiples infections, mais c'est nettoyé !

On revérifiera plus tard, mais as-tu tenté de redémarrer normalement ?

[Eicca]

Oui et c'est toujour pas bon...

[Skynet]

Ok,

tu vas dans ton panneau de configuration puis outils d'administration et
enfin services

Essaie de trouver dans cette liste AVG Antivirus et désactive-le.

Tu avais fait quoi la veille de ce problème ? Installation de programmes ? Suppression ?

[Eicca]

)Enfaite j'ai lancé un téléchargement (oui je sais,c'est mal vers 00h00 et je n'ai rien fais d'autre.J'ai laissé tourné mon ordi toute la nuit,et quand je me suis reveillé mon écran étais en veille et pas moyen de l'enlevé donc j'ai du le redémarrer manuellement.

[Skynet]

oui je sais,c'est mal

Ca je m'en doute, les sites pornos aussi sûrement .

C'est aussi pour ça que d'habitude je ne m'occupe pas de la section "Forum
sécurité et virus " du forum (oui je sais, on y est pas là ).

Donc mes consignes pour la suite :

- Recherche AVG dans les services comme demandé précédemment.
- Recherche dans ton panneau de configuration puis Ajout & suppression
de programmes si tu vois AVG. Parce que dans ta réponse de toute à l'heure,
tu as parlé qu'il n'y était pas dans "suppression du matériel" et je pense pas
qu'on parle de la même chose.
- Relance malwarebyte's en examen complet et pas en rapide jusqu'à temps
qu'il ne te trouve plus rien.
- Reposte ensuite un rapport de Toolbar S&D avec l'option 1 - Recherche
- Reposte pour finir un rapport Hijackthis.

On pourra alors être pratiquement sûr que ta machine n'est plus infectée.

[Eicca]

AVG est introuvable dans service et ajout et suppression c'est trés bizard !

Edite:Est-ce que le fais que je me connecte en temp qu'administrateur peut pauser des problémes ?

[Eicca]

Bon je vais me couché car l'analyse va prendre beaucoup de temp,merçi de ton aides et je crois que si ca continue je vais étre obligé d'aller voir chuck au buy more