Cheval de Troie ( Résolu )

Personne pour m'aider?!

 Merci

Salut!

 Quel est le nom de ce trojan ?

 Faire un scan Malwarebytes' ensuite un log Hijackthis:


 Télécharger le logiciel suivant: Malwarebytes' Anti-Malware (Gratuit) (Windows 2K et + 32/64 bits)

 http://www.malwarebytes.org/mbam.php

 Une fois installé lorsques que vous allez démarrer le logiciel il va demander de ce mettre à jour et cliquer "ok".

 Sinon cliquer sur l'onglet "mise à jour" et sur "Recherche de mise à jour" pour la version gratuite avant chaque scan.

 Dans l'onglet "Recherche" ,Vérifier que c'est bien "Exécuter un examen complet" qui est coché et appuyer le bouton "Rechercher".

 Quand il aura fini cliquer sur "ok".

 Vous allez maintenant être de retour à l'écran principal de la recherche. Cliquer sur "Afficher les résultats".
 Maintenant vous allez voir le résultat avec les fichiers infectés.

 Cliquer ensuite "Supprimer la Selection" et une fois terminée, il va ouvrir le "Bloc note" avec le résultat du travail.

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".


 Ensuite:


 Téléchargement de Trend Micro Hijack This Bêta 2.0.3 (Windows 9x/2k/XP/Vista/7 32/64 bits)

 http://go.trendmicro.com/free- [...] ckThis.msi

 Cliquez pour le télécharger et dans enregistrer sous le mettre sur le bureau. Cliquer sur le fichier pour l'installer.

 Ensuite vous cliquez sur HijackThis.exe. Prendre l'option sur "Do a System scan and save a log file".

 Le scan terminée, une fenêtre va s'ouvrir dans le "bloc note".
 Dans le "Bloc note" allé dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans"Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

Malwarebytes' Anti-Malware 1.44
 Version de la base de données: 3609
 Windows 6.0.6002 Service Pack 2
 Internet Explorer 7.0.6002.18005

 21/01/2010 20:01:49
 mbam-log-2010-01-21 (20-01-49).txt

 Type de recherche: Examen complet (C:\|D:\|E:\|)
 Eléments examinés: 255306
 Temps écoulé: 1 hour(s), 42 minute(s), 1 second(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 4
 Valeur(s) du Registre infectée(s): 2
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 1

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_CURRENT_USER\SOFTWARE\BMI​MZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\WS9​E3IQBKY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\SharedDLLs\C:\Program Files\VistaCodecPack\Tools\Vis​taUser.exe (BackDoor.Bifrost) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run\losalamos (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 C:\Program Files\VistaCodecPack\Tools\Vis​taUser.exe (BackDoor.Bifrost) -> Quarantined and deleted successfully.

Tout d'abord merci de m'aider.


 Pour HiJack This il n'y a rien d'indiqué dans le bloc note :/  

 Bonne soirée

Il n' y a rien d'indiqué?
 C'est bizarre ca...

---------------
ψ Je tank  Donc  Je

Oui,il dit qu'il ne trouve pas de fichier dans programs files :/  

Créer un dossier dans c:\Program Files au nom de Hijack

 Ensuite télécharger le ici sans installation et le renommer avec votre nick dans votre dossier nouvellement créer.

 http://www.trendsecure.com/por [...] ckThis.exe

Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 16:43:15, on 22/01/2010
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v7.00 (7.00.6002.18005)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\Explorer.EXE
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Windows\RtHDVCpl.exe
 C:\ACER\Preload\Autorun\DRV\FU​JI Keyboard\ABoard.exe
 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
 C:\Program Files\Search Settings\SearchSettings.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Winamp\winampa.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\DAEMON Tools Lite\daemon.exe
 C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
 C:\ACER\Preload\Autorun\DRV\FU​JI Keyboard\AOSD.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\​Framework.NotificationCenter.e​xe
 C:\Users\Régis\Downloads\HiJac​kThis.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://homepage.packardbell.co [...] a_d3720_fr
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://search.conduit.com?Sear [...] =CT2095689
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://homepage.packardbell.co [...] a_d3720_fr
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://french.icrfast.com/fr/index.php?rvs=hompag
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2​B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.​dll
 R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O1 - Hosts: ::1 localhost
 O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e​39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.4.4525.1752\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2​B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.​dll
 O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
 O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b8​8305f98} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [FujiKeyboard] c:\Acer\Preload\Autorun\DRV\FU​JI Keyboard\ABoard.exe
 O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [Skytel] Skytel.exe
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
 O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Off​ice12\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_60D6097707281E​79.dll/cmsidewiki.html
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\Office12\​REFIEBAR.DLL
 O13 - Gopher Prefix:
 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO​EC62~1.DLL
 O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent​.exe
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskSer​vice.exe
 O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpg​rade.exe
 O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.e​xe
 O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe
 O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExSer​vice.Exe
 O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell Services - c:\windows\system32\HidService​.exe
 O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-1​93829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
 O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingServi​ce.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.e​xe
 O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
 O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISv​r.exe

 --
 End of file - 9306 bytes

Faire en ordre et surtout laisser Internet Explorer fermé:

 Désinstaller la toolbar ASK, SearchSetting et Dealio Toolbar via Programmes et Fonctionnalitées.

 Dealio je n'ai pas assez de détail mais prenont pas de chance.

 Si un nommées n'est pas présent, le supprimer dans Hijackthis. Selon ce que allez supprimer, il se peut qu'il est des disparition dans les lignes suivantes à cocher et supprimer.

 Ensuite dans Hijackthis cocher les lignes suivante et faire "Fix checked":

 R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2​B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.​dll
 O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e​39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2​B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.​dll
 O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5​FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
 O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b8​8305f98} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe

 Redémarrer

 Refaire un nouveau Hijackthis.

à tous

 Pour info ...

 Concernant les toolbars indésirables (Ask, Dealio, Search Settings en font partie), utiliser en priorité Toolbar S&D :

 http://www.malekal.com/tutorial_ToolBar_SD.php

 ---
 helpers de tous les pays unissez-vous  

Bonne idée...

 Instruction supplémentaire pour ToolBar S&D.

 Ignorer la fausse alerte de l'antivirus.

 Le télécharger et accepter le contrat de license et oui pour créer un répertoire. Cliquer sur le raccourci du bureau pour le lancer et appuyer sur "F" pour français et [entrée] et "1" et [entrée]
 L'ordi va redémarrer - Attendre le rapport.

 Relancer "ToolBar S&D" l'option "2" et [entrée]

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier" Sur le forum, faire un click droit et cliquer sur "coller".


 *Si le Bureau ne réapparait pas: Ctrl Alt Suppr et allez dans Fichier - Nouvelle tâche mettre: Explorer

Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 12:09:31, on 23/01/2010
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v7.00 (7.00.6002.18005)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
 C:\ACER\Preload\Autorun\DRV\FU​JI Keyboard\ABoard.exe
 C:\ACER\Preload\Autorun\DRV\FU​JI Keyboard\AOSD.exe
 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Winamp\winampa.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\DAEMON Tools Lite\daemon.exe
 C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
 C:\Program Files\Internet Explorer\ieuser.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Users\Régis\Downloads\HiJac​kThis(2).exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://homepage.packardbell.co [...] a_d3720_fr
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://search.conduit.com?Sear [...] =CT2095689
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://homepage.packardbell.co [...] a_d3720_fr
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://french.icrfast.com/fr/index.php?rvs=hompag
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e​39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.4.4525.1752\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b8​8305f98} - C:\Program Files\AskBarDis\bar\bin\askBar​.dll
 O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [FujiKeyboard] c:\Acer\Preload\Autorun\DRV\FU​JI Keyboard\ABoard.exe
 O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [Skytel] Skytel.exe
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
 O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Off​ice12\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_60D6097707281E​79.dll/cmsidewiki.html
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\Office12\​REFIEBAR.DLL
 O13 - Gopher Prefix:
 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO​EC62~1.DLL
 O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent​.exe
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskSer​vice.exe
 O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpg​rade.exe
 O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.e​xe
 O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe
 O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExSer​vice.Exe
 O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell Services - c:\windows\system32\HidService​.exe
 O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-1​93829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
 O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingServi​ce.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.e​xe
 O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
 O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISv​r.exe

 --
 End of file - 8493 bytes

-----------\\  ToolBar S&D 1.2.9   XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6002 ) Service Pack 2

X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual  CPU  E2220  @ 2.40GHz )

BIOS : Default System BIOS

USER : Régis ( Administrator )

BOOT : Normal boot

C:\ (Local Disk) - NTFS - Total:285 Go (Free:141 Go)

D:\ (CD or DVD)

E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [2] ( 23/01/2010|12:28 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - [Service] ASKService

Supprime! - [Service] ASKUpgrade

Supprime! - C:\Program Files\AskBarDis\bar

Supprime! - C:\Program Files\AskBarDis\unins000.dat

Supprime! - C:\Program Files\AskBarDis\unins000.exe

Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml

Supprime! - C:\Program Files\AskBarDis

Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\  Recherche de Fichiers / Dossiers ...

-----------\\  [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Mic​rosoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.c​om?SearchSource=10&ctid=CT2095​689"

"Default_Page_URL"="http://hom​epage.packardbell.com/rdr.aspx​?b=ACPW&l=040c&s=1&o=vp32&d=03​09&m=imedia_d3720_fr"

"Local Page"="C:\\Windows\\system32\\​blank.htm"

"Url"="http://go.microsoft.com​/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Default_Page_URL"="http://hom​epage.packardbell.com/rdr.aspx​?b=ACPW&l=040c&s=1&o=vp32&d=03​09&m=imedia_d3720_fr"

"Default_Search_URL"="http://g​o.microsoft.com/fwlink/?LinkId​=54896"

--------------------\\  Recherche d'autres infections

--------------------\\  Cracks & Keygens ..

C:\Users\RGIS~1\AppData\Roamin​g\Azureus\torrents\Call of Duty_ Modern Warfare 2 Multiplayer Crack (WwW Quebec-Team Net)-TORRENTZAP.torrent

C:\Users\RGIS~1\AppData\Roamin​g\Azureus\torrents\call_of_dut​y_2__FR__le_JEU_cracks_keygen_​patch_1_3_logiciel_pour_jouer_​sur_le_net.torrent

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\binkw32.dll

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\iw4mp.exe

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\iw4sp.exe

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\mss32.dll

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\SteamAPIUpdater.dll

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\steam_api.dll

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\UpdateDLLWrapper.dll

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\zone

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles\mssdolby.flt

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles\mssds3d.flt

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles\mssdsp.flt

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles\msseax.flt

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles\mssmp3.asi

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles\mssogg.asi

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles\msssrs.flt

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\miles\mssvoice.asi

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\zone\french

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\zone\french\patch.ff

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\zone\french\patch_code​_pre_gfx.ff

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\zone\french\patch_code​_pre_gfx_mp.ff

C:\Users\RGIS~1\Jeux\Call Of Duty 2\Crack\zone\french\patch_mp.f​f

C:\Users\RGIS~1\Music\Kanye West - Late Registration\08 - Crack Music (featuring Game).mp3

C:\Users\RGIS~1\Torrent\Batman​.Arkham.Asylum-RELOADED\Nouvea​u dossier\Crack

C:\Users\RGIS~1\Torrent\Batman​.Arkham.Asylum-RELOADED\Nouvea​u dossier\Crack\BmStartApp.exe

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 23/01/2010|12:27 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - 23/01/2010|12:28 - Option : [2]

-----------\\  Fin du rapport a 12:28:48,87

Merci de l'aide et des explications très détaillées  

à vous deux

 Regis,

 J' attire ton attention sur ...
 

 http://forum.malekal.com/dange [...] -t893.html

Avez-vous fait le Hijackthis avant l'utilitaire Toolbar S&D ?

Bonjour,

 Oui j'ai bien fait Hijackthis avant.

En refaire un maintenant pour confirmer.

Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 18:21:11, on 24/01/2010
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v7.00 (7.00.6002.18005)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\Explorer.EXE
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
 C:\ACER\Preload\Autorun\DRV\FU​JI Keyboard\ABoard.exe
 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
 C:\ACER\Preload\Autorun\DRV\FU​JI Keyboard\AOSD.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Winamp\winampa.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\DAEMON Tools Lite\daemon.exe
 C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\​Framework.NotificationCenter.e​xe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Users\Régis\Downloads\HiJac​kThis(3).exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://homepage.packardbell.co [...] a_d3720_fr
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://search.conduit.com?Sear [...] =CT2095689
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://homepage.packardbell.co [...] a_d3720_fr
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.4.4525.1752\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4​330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [FujiKeyboard] c:\Acer\Preload\Autorun\DRV\FU​JI Keyboard\ABoard.exe
 O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [Skytel] Skytel.exe
 O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
 O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Off​ice12\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_60D6097707281E​79.dll/cmsidewiki.html
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\Office12\​REFIEBAR.DLL
 O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
 O13 - Gopher Prefix:
 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO​EC62~1.DLL
 O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent​.exe
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.e​xe
 O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe
 O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExSer​vice.Exe
 O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell Services - c:\windows\system32\HidService​.exe
 O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-1​93829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
 O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingServi​ce.exe
 O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.e​xe
 O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
 O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISv​r.exe

 --
 End of file - 7880 bytes

Cocher les lignes suivantes et faire "Fix checked":

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://search.conduit.com?Sear [...] =CT2095689
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
 O13 - Gopher Prefix:

 Mainteant désactiver la restauration système et appliquer attendre 2 minutes et la remettre pour la nettoyer.

 Si tout va bien mettre Résolu dans le titre.

Tous fonctionne normalement.Merci de votre aide.