Sujet Précédent Sujet Suivant

Fenêtres de pub plus qu'intempestives !!

MiniPouce44 Messages postés 35 Statut Membre -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,

Je me permets de venir poster ici car j'ai un soucis de fenêtres de pub qui s'affichent à l'écran !!Elles sont toutes du type http://ww17.scache.eorezo.com/html/engine/first.htm ,avec après une suite aléatoire de chiffres et de lettres !!

Si quelqu'un avait l'amabilité de m'aider ce serait génial !! ;)

Merci par avance
MiniPouce
A voir également:

32 réponses

  • 1
  • 2
Réponse 1 / 32
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Salut,

--> Désinstalle EoEngine.

--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

--> Clique sur Continue à l'écran Disclaimer.

--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.
0
Réponse 2 / 32
ludsfa Messages postés 1287 Statut Membre 15
 
salut,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
http://www.infos-du-net.com/forum/271838-11-tuto-utiliser-hijackthis

2)Désactiver partiellement l'UAC

3) télécharge Navilog sur ton bureau.

* Enregistre-le sur ton Bureau.
* Installe-le en double cliquant sur navilog.exe.
* Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.

(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

* Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.

! N'utilise pas l'option 2, 3 et 4 sans notre accord !

* Patiente jusqu'à l'apparition de ce message :

*** Analyse Termine le ..... ***

* Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.
* Poste le rapport généré.

Le rapport se trouve ici : C:\fixnavi.txt
0
Réponse 3 / 32
ludsfa Messages postés 1287 Statut Membre 15
 
re

l'étape 2 est désactiver l'uac et pas partiellement désolé.
https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html
0
Réponse 4 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
Logfile of random's system information tool 1.05 (written by random/random)
Run by utilisateur at 2009-03-16 18:45:52
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 14 GB (26%) free of 52 GB
Total RAM: 2045 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:46:09, on 16/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Users\utilisateur\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer Arcade Deluxe\SportsCap\Kernel\MagicSports\MSPMirage.exe
C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\atwtusb.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TransVente\TransVente.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\conime.exe
C:\Windows\notepad.exe
C:\Windows\explorer.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\utilisateur\Downloads\RSIT.exe
C:\Program Files\trend micro\utilisateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st#home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://lo.st#first
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [MSPService] C:\Program Files\Acer Arcade Deluxe\SportsCap\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [TVEService] "C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "c:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "c:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [AcerOrbicamRibbon] "c:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\utilisateur\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [TransVente] C:\PROGRA~1\TRANSV~1\TransVente.exe 1
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ping gram] "C:\ProgramData\INTERNET SAVE SAVE.aquarf"
O4 - HKCU\..\Run: [hold data mags move] "C:\ProgramData\Comp Bin Title.59zhot"
O4 - HKCU\..\Run: [EA Core] "D:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {63308B48-F435-42FD-AB0A-3564C7BEF9D7} (Toontown IE Helper French) - https://iplay.fr.toontown.com/download/sv1.5.26.7/ttinst-french.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL eNetHook.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 32
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
--> Désactive l'UAC le temps de la désinfection.

--> Télécharge Lop S&D (par Eric_71 & Angeldark) sur ton Bureau.

--> Double-clique dessus pour lancer l'installation.

--> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci de Lop S&D et choisir Exécuter en tant qu'administrateur)

--> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).

--> Patiente jusqu'à la fin du scan.

--> Poste le rapport généré (C:\lopR.txt).
0
Réponse 6 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
J'ai lancé LOP S&D, pas de soucis,et pour info j'avais lancé une recherche sous Navilog,si ça t'intèresse !!
0
Réponse 7 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz )
BIOS : fJh-gBIOS Version V2.04
USER : utilisateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081113-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:51 Go (Free:12 Go)
D:\ (Local Disk) - NTFS - Total:50 Go (Free:34 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT32 - Total:980 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 16/03/2009|19:59 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[28/05/2007|17:03] C:\Users\UTILIS~1\AppData\Local\acer eNM
[28/05/2008|18:59] C:\Users\UTILIS~1\AppData\Local\Adobe
[28/05/2007|17:00] C:\Users\UTILIS~1\AppData\Local\Application Data
[16/03/2009|17:41] C:\Users\UTILIS~1\AppData\Local\ApplicationHistory
[22/10/2007|19:02] C:\Users\UTILIS~1\AppData\Local\CyberLink
[05/08/2008|20:13] C:\Users\UTILIS~1\AppData\Local\d3d9caps.dat
[11/03/2009|21:32] C:\Users\UTILIS~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19/02/2009|18:21] C:\Users\UTILIS~1\AppData\Local\Downloaded Installations
[08/09/2007|10:58] C:\Users\UTILIS~1\AppData\Local\eMule
[10/04/2008|09:45] C:\Users\UTILIS~1\AppData\Local\fusioncache.dat
[16/05/2008|13:52] C:\Users\UTILIS~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19/02/2009|08:12] C:\Users\UTILIS~1\AppData\Local\Google
[28/05/2007|17:00] C:\Users\UTILIS~1\AppData\Local\Historique
[16/03/2009|17:34] C:\Users\UTILIS~1\AppData\Local\IconCache.db
[22/10/2007|19:02] C:\Users\UTILIS~1\AppData\Local\MagicSports
[28/05/2007|21:43] C:\Users\UTILIS~1\AppData\Local\MCE Deluxe Suite
[29/12/2007|23:42] C:\Users\UTILIS~1\AppData\Local\Micro Application
[16/03/2009|18:03] C:\Users\UTILIS~1\AppData\Local\Microsoft
[29/04/2008|14:26] C:\Users\UTILIS~1\AppData\Local\Microsoft Games
[01/02/2009|19:39] C:\Users\UTILIS~1\AppData\Local\Microsoft Help
[04/09/2007|18:58] C:\Users\UTILIS~1\AppData\Local\MigWiz
[26/08/2007|13:13] C:\Users\UTILIS~1\AppData\Local\Mozilla
[28/05/2007|21:43] C:\Users\UTILIS~1\AppData\Local\PowerCinema
[03/01/2008|22:27] C:\Users\UTILIS~1\AppData\Local\Scansoft
[16/03/2009|19:58] C:\Users\UTILIS~1\AppData\Local\Temp
[28/05/2007|17:00] C:\Users\UTILIS~1\AppData\Local\Temporary Internet Files
[22/02/2008|17:37] C:\Users\UTILIS~1\AppData\Local\TV Joy
[06/11/2008|16:19] C:\Users\UTILIS~1\AppData\Local\TVEnhance
[02/09/2007|20:35] C:\Users\UTILIS~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[16/03/2009 19:43][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[16/03/2009 17:39][--ah-----] C:\Windows\tasks\SA.DAT
[16/03/2009 17:38][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[25/09/2008|18:10] C:\ProgramData\.zreglib
[14/09/2007|11:18] C:\ProgramData\{3E318E90-4BE6-4440-A0EE-2EAF8419199C}
[12/11/2008|15:28] C:\ProgramData\Adobe
[25/12/2007|13:33] C:\ProgramData\AppData
[02/11/2006|14:02] C:\ProgramData\Application Data
[17/07/2008|13:02] C:\ProgramData\AVS4YOU
[20/07/2008|20:19] C:\ProgramData\Bash Dvd Hold Data
[04/05/2008|17:02] C:\ProgramData\bib keep soft.zf3iggx
[09/01/2008|18:45] C:\ProgramData\Brother
[28/05/2007|16:52] C:\ProgramData\Bureau
[29/06/2008|02:41] C:\ProgramData\Comp Bin Title.59zhot
[06/08/2008|23:07] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[19/02/2009|18:45] C:\ProgramData\Electronic Arts
[08/09/2007|10:59] C:\ProgramData\eMule
[28/05/2007|16:52] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[18/02/2009|22:52] C:\ProgramData\Google
[16/03/2009|14:19] C:\ProgramData\Google Updater
[28/05/2007|17:00] C:\ProgramData\InstallShield
[17/06/2008|07:20] C:\ProgramData\INTERNET SAVE SAVE.0magaa0
[29/06/2008|02:40] C:\ProgramData\INTERNET SAVE SAVE.aquarf
[29/06/2008|02:40] C:\ProgramData\INTERNET SAVE SAVE.lwze0r
[18/01/2008|19:30] C:\ProgramData\INTERNET SAVE SAVE.n5k3ka
[09/01/2008|21:13] C:\ProgramData\INTERNET SAVE SAVE.nywpk
[04/05/2008|17:01] C:\ProgramData\INTERNET SAVE SAVE.vui95sv
[03/01/2008|18:56] C:\ProgramData\INTERNET SAVE SAVE.vvtgtwr
[27/02/2008|19:06] C:\ProgramData\INTERNET SAVE SAVE.wtamn
[15/10/2008|20:31] C:\ProgramData\LightScribe
[24/05/2008|11:22] C:\ProgramData\ma-config.com
[28/05/2007|16:52] C:\ProgramData\Menu D‚marrer
[12/09/2007|22:19] C:\ProgramData\Messenger Plus!
[19/03/2008|22:53] C:\ProgramData\Microsoft
[12/03/2009|01:20] C:\ProgramData\Microsoft Help
[28/05/2007|16:52] C:\ProgramData\ModŠles
[05/06/2008|17:22] C:\ProgramData\NVIDIA
[29/12/2007|23:01] C:\ProgramData\ScanSoft
[02/11/2006|14:02] C:\ProgramData\Start Menu
[25/07/2008|06:49] C:\ProgramData\stop kind funk
[26/08/2007|12:55] C:\ProgramData\Symantec
[25/12/2007|12:53] C:\ProgramData\Tablet
[02/11/2006|14:02] C:\ProgramData\Templates
[24/07/2008|07:30] C:\ProgramData\WindowsSearch
[23/05/2008|20:17] C:\ProgramData\WLInstaller
[17/02/2009|21:02] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[14/04/2008|16:48] C:\Program Files\7-Zip
[28/05/2007|17:07] C:\Program Files\Acer
[21/04/2008|18:49] C:\Program Files\Acer Arcade Deluxe
[21/04/2008|18:49] C:\Program Files\Acer Inc
[12/11/2008|15:28] C:\Program Files\Adobe
[22/08/2007|15:05] C:\Program Files\Alwil Software
[29/12/2007|22:53] C:\Program Files\ArcSoft
[21/05/2008|13:05] C:\Program Files\Audacity
[25/12/2007|17:40] C:\Program Files\Audible
[17/04/2008|23:05] C:\Program Files\AviSynth 2.5
[17/07/2008|13:01] C:\Program Files\AVS4YOU
[19/06/2008|22:02] C:\Program Files\Brother
[02/12/2007|20:00] C:\Program Files\CASIO
[13/03/2009|12:15] C:\Program Files\CCleaner
[31/03/2008|18:44] C:\Program Files\CD to MP3 Ripper
[03/01/2008|18:55] C:\Program Files\Circle Developement
[17/07/2008|13:00] C:\Program Files\Common Files
[23/01/2007|23:38] C:\Program Files\CONEXANT
[08/10/2008|21:54] C:\Program Files\Cool MP3 Converter
[22/05/2008|20:52] C:\Program Files\Creative
[09/02/2008|18:48] C:\Program Files\Creative Installation Information
[23/01/2007|23:40] C:\Program Files\CyberLink
[15/04/2008|17:22] C:\Program Files\DAEMON Tools Lite
[28/12/2007|19:11] C:\Program Files\Dreamcatcher
[22/05/2008|20:52] C:\Program Files\Driver Sweeper
[19/02/2009|22:39] C:\Program Files\Electronic Arts
[14/07/2008|18:58] C:\Program Files\eMule
[16/01/2008|23:03] C:\Program Files\Free Audio Pack
[15/10/2008|15:10] C:\Program Files\Free Video Converter
[18/11/2007|12:14] C:\Program Files\GameSpy Arcade
[18/02/2009|23:03] C:\Program Files\Google
[21/04/2008|18:49] C:\Program Files\HOTALBUMMyBOX
[17/02/2009|19:03] C:\Program Files\inKline Global
[19/02/2009|18:43] C:\Program Files\InstallShield Installation Information
[23/01/2007|23:39] C:\Program Files\Intel
[07/07/2008|19:14] C:\Program Files\Internet Explorer
[05/12/2008|22:26] C:\Program Files\Java
[24/11/2008|12:02] C:\Program Files\KC Softwares
[19/10/2007|12:43] C:\Program Files\K-Lite Codec Pack
[28/05/2007|17:06] C:\Program Files\Launch Manager
[24/05/2008|16:26] C:\Program Files\Lavalys
[24/05/2008|11:19] C:\Program Files\ma-config.com
[11/02/2009|11:36] C:\Program Files\Messenger Plus! Live
[02/10/2007|21:04] C:\Program Files\Micro Application
[30/08/2007|12:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[13/09/2007|23:50] C:\Program Files\Microsoft Office
[13/09/2007|23:49] C:\Program Files\Microsoft Visual Studio
[23/05/2008|18:22] C:\Program Files\Microsoft Visual Studio 8
[13/09/2007|23:50] C:\Program Files\Microsoft Works
[13/09/2007|23:48] C:\Program Files\Microsoft.NET
[28/09/2007|13:32] C:\Program Files\Mouse Driver
[07/07/2008|19:14] C:\Program Files\Movie Maker
[16/03/2009|17:41] C:\Program Files\Mozilla Firefox
[13/09/2007|23:50] C:\Program Files\MSBuild
[12/11/2008|10:30] C:\Program Files\MSXML 4.0
[16/03/2009|18:06] C:\Program Files\Navilog1
[23/01/2007|23:40] C:\Program Files\NewTech Infosystems
[21/04/2008|18:49] C:\Program Files\Personal Media Manager
[17/02/2009|18:42] C:\Program Files\QUAD Utilities
[22/05/2008|20:53] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[24/11/2008|12:03] C:\Program Files\RelevantKnowledge
[29/12/2007|22:58] C:\Program Files\ScanSoft
[15/10/2008|15:11] C:\Program Files\Search Settings
[23/10/2008|21:40] C:\Program Files\SlySoft
[11/10/2008|15:53] C:\Program Files\Sun
[23/01/2007|23:17] C:\Program Files\Synaptics
[09/01/2008|21:12] C:\Program Files\SYSTRAN
[16/03/2009|17:41] C:\Program Files\TransVente
[16/03/2009|18:46] C:\Program Files\trend micro
[14/09/2007|11:18] C:\Program Files\Trust
[19/10/2007|12:25] C:\Program Files\VSO
[07/07/2008|19:14] C:\Program Files\Windows Calendar
[07/07/2008|19:14] C:\Program Files\Windows Collaboration
[07/07/2008|19:13] C:\Program Files\Windows Defender
[07/07/2008|19:13] C:\Program Files\Windows Journal
[23/05/2008|20:19] C:\Program Files\Windows Live
[16/03/2009|19:06] C:\Program Files\Windows Live Safety Center
[30/11/2007|18:49] C:\Program Files\Windows Live Toolbar
[12/03/2009|11:11] C:\Program Files\Windows Mail
[12/03/2009|11:11] C:\Program Files\Windows Media Player
[21/04/2008|18:49] C:\Program Files\Windows NT
[07/07/2008|19:13] C:\Program Files\Windows Photo Gallery
[07/07/2008|19:14] C:\Program Files\Windows Sidebar
[22/05/2008|11:11] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[12/11/2008|15:28] C:\Program Files\Common Files\Adobe
[17/07/2008|13:01] C:\Program Files\Common Files\AVSMedia
[13/09/2007|23:49] C:\Program Files\Common Files\DESIGNER
[28/05/2007|17:00] C:\Program Files\Common Files\InstallShield
[19/12/2007|00:10] C:\Program Files\Common Files\Java
[23/01/2007|23:39] C:\Program Files\Common Files\LightScribe
[28/05/2007|17:07] C:\Program Files\Common Files\Logitech
[17/07/2008|13:00] C:\Program Files\Common Files\microsoft shared
[23/01/2007|23:39] C:\Program Files\Common Files\muvee Technologies
[23/01/2007|23:40] C:\Program Files\Common Files\NewTech Infosystems
[29/12/2007|23:01] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[21/04/2008|18:49] C:\Program Files\Common Files\Symantec Shared
[07/07/2008|19:13] C:\Program Files\Common Files\System
[23/05/2008|20:20] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 110 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

C:\ProgramData\INTERNET SAVE SAVE.nywpk
C:\ProgramData\INTERNET SAVE SAVE.wtamn
C:\ProgramData\Comp Bin Title.59zhot
C:\ProgramData\INTERNET SAVE SAVE.aquarf
C:\ProgramData\INTERNET SAVE SAVE.lwze0r
C:\ProgramData\INTERNET SAVE SAVE.n5k3ka
C:\ProgramData\bib keep soft.zf3iggx
C:\ProgramData\INTERNET SAVE SAVE.0magaa0
C:\ProgramData\INTERNET SAVE SAVE.vui95sv
C:\ProgramData\INTERNET SAVE SAVE.vvtgtwr

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Bash Dvd Hold Data
C:\Users\UTILIS~1\AppData\Local\Temp\sta2E61.exe
C:\Users\UTILIS~1\AppData\Local\Temp\sta4B50.exe
C:\Users\UTILIS~1\AppData\Local\Temp\sta6F4C.exe
C:\Users\UTILIS~1\AppData\Local\Temp\sta9D4E.exe
C:\Users\UTILIS~1\AppData\Local\Temp\staAFBC.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ping gram"="\"C:\\ProgramData\\INTERNET SAVE SAVE.aquarf\""
"hold data mags move"="\"C:\\ProgramData\\Comp Bin Title.59zhot\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-16 19:59:21
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 658

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:2561][D:80]-> C:\Users\UTILIS~1\AppData\Local\Temp
[F:29][D:1]-> C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:113][D:5]-> C:\Users\UTILIS~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:4]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 16/03/2009|20:01 - Option : [1]

--------------------\\ Fin du rapport a 20:01:46
[ UAC => 1 ]
0
Réponse 8 / 32
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Navilog1 te servira à rien pour ton infection ;)
0
Réponse 9 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
C'est ce qu'il me semblait mais bon ça me coutait rien !! ;) Bon alors docteur qu'est ce que j'a comme maladie ? ;)
0
Réponse 10 / 32
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
--> Double-clique sur le raccourci de Lop S&D pour le lancer.
(Sous Vista, il faut cliquer droit sur le raccourci de Lop S&D et choisir Exécuter en tant qu'administrateur)

--> Choisis cette fois-ci l'option 2 (Suppression).

--> Ne ferme pas la fenêtre lors de la suppression !

--> Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
0
Réponse 11 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
J'ai Avast(que j'avais pourtant désactivé il me semble !!) qui me sort un cheval de troie a cet endroit en me demandant que faire !! Je fais quoi ?==> C:\Lop SD\Backup-Lop\Users\UTILIS~1\AppData\Local\Temp\sta2E61.exe
0
Réponse 12 / 32
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
N'importe, le fichier est dans la quarantaine de Lop S&D.
0
Réponse 13 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
Ok merci,ça me l'a fait 5-6 fois et la ça nettoie tranquillement !!
0
Réponse 14 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz )
BIOS : fJh-gBIOS Version V2.04
USER : utilisateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081113-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:51 Go (Free:12 Go)
D:\ (Local Disk) - NTFS - Total:50 Go (Free:34 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT32 - Total:980 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 16/03/2009|20:07 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\Users\UTILIS~1\AppData\Local\Temp\sta2E61.exe
Supprime! - C:\Users\UTILIS~1\AppData\Local\Temp\sta4B50.exe
Supprime! - C:\Users\UTILIS~1\AppData\Local\Temp\sta6F4C.exe
Supprime! - C:\Users\UTILIS~1\AppData\Local\Temp\sta9D4E.exe
Supprime! - C:\Users\UTILIS~1\AppData\Local\Temp\staAFBC.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\ProgramData\INTERNET SAVE SAVE.nywpk
Supprime! - C:\ProgramData\INTERNET SAVE SAVE.wtamn
Supprime! - C:\ProgramData\Comp Bin Title.59zhot
Supprime! - C:\ProgramData\INTERNET SAVE SAVE.aquarf
Supprime! - C:\ProgramData\INTERNET SAVE SAVE.lwze0r
Supprime! - C:\ProgramData\INTERNET SAVE SAVE.n5k3ka
Supprime! - C:\ProgramData\bib keep soft.zf3iggx
Supprime! - C:\ProgramData\INTERNET SAVE SAVE.0magaa0
Supprime! - C:\ProgramData\INTERNET SAVE SAVE.vui95sv
Supprime! - C:\ProgramData\INTERNET SAVE SAVE.vvtgtwr
Supprime! - C:\ProgramData\Bash Dvd Hold Data
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[28/05/2007|17:03] C:\Users\UTILIS~1\AppData\Local\acer eNM
[28/05/2008|18:59] C:\Users\UTILIS~1\AppData\Local\Adobe
[28/05/2007|17:00] C:\Users\UTILIS~1\AppData\Local\Application Data
[16/03/2009|17:41] C:\Users\UTILIS~1\AppData\Local\ApplicationHistory
[22/10/2007|19:02] C:\Users\UTILIS~1\AppData\Local\CyberLink
[05/08/2008|20:13] C:\Users\UTILIS~1\AppData\Local\d3d9caps.dat
[11/03/2009|21:32] C:\Users\UTILIS~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19/02/2009|18:21] C:\Users\UTILIS~1\AppData\Local\Downloaded Installations
[08/09/2007|10:58] C:\Users\UTILIS~1\AppData\Local\eMule
[10/04/2008|09:45] C:\Users\UTILIS~1\AppData\Local\fusioncache.dat
[16/05/2008|13:52] C:\Users\UTILIS~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19/02/2009|08:12] C:\Users\UTILIS~1\AppData\Local\Google
[28/05/2007|17:00] C:\Users\UTILIS~1\AppData\Local\Historique
[16/03/2009|17:34] C:\Users\UTILIS~1\AppData\Local\IconCache.db
[22/10/2007|19:02] C:\Users\UTILIS~1\AppData\Local\MagicSports
[28/05/2007|21:43] C:\Users\UTILIS~1\AppData\Local\MCE Deluxe Suite
[29/12/2007|23:42] C:\Users\UTILIS~1\AppData\Local\Micro Application
[16/03/2009|18:03] C:\Users\UTILIS~1\AppData\Local\Microsoft
[29/04/2008|14:26] C:\Users\UTILIS~1\AppData\Local\Microsoft Games
[01/02/2009|19:39] C:\Users\UTILIS~1\AppData\Local\Microsoft Help
[04/09/2007|18:58] C:\Users\UTILIS~1\AppData\Local\MigWiz
[26/08/2007|13:13] C:\Users\UTILIS~1\AppData\Local\Mozilla
[28/05/2007|21:43] C:\Users\UTILIS~1\AppData\Local\PowerCinema
[03/01/2008|22:27] C:\Users\UTILIS~1\AppData\Local\Scansoft
[16/03/2009|20:15] C:\Users\UTILIS~1\AppData\Local\Temp
[28/05/2007|17:00] C:\Users\UTILIS~1\AppData\Local\Temporary Internet Files
[22/02/2008|17:37] C:\Users\UTILIS~1\AppData\Local\TV Joy
[06/11/2008|16:19] C:\Users\UTILIS~1\AppData\Local\TVEnhance
[02/09/2007|20:35] C:\Users\UTILIS~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[16/03/2009 19:43][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[16/03/2009 17:39][--ah-----] C:\Windows\tasks\SA.DAT
[16/03/2009 17:38][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[25/09/2008|18:10] C:\ProgramData\.zreglib
[14/09/2007|11:18] C:\ProgramData\{3E318E90-4BE6-4440-A0EE-2EAF8419199C}
[12/11/2008|15:28] C:\ProgramData\Adobe
[25/12/2007|13:33] C:\ProgramData\AppData
[02/11/2006|14:02] C:\ProgramData\Application Data
[17/07/2008|13:02] C:\ProgramData\AVS4YOU
[09/01/2008|18:45] C:\ProgramData\Brother
[28/05/2007|16:52] C:\ProgramData\Bureau
[06/08/2008|23:07] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[19/02/2009|18:45] C:\ProgramData\Electronic Arts
[08/09/2007|10:59] C:\ProgramData\eMule
[28/05/2007|16:52] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[18/02/2009|22:52] C:\ProgramData\Google
[16/03/2009|14:19] C:\ProgramData\Google Updater
[28/05/2007|17:00] C:\ProgramData\InstallShield
[15/10/2008|20:31] C:\ProgramData\LightScribe
[24/05/2008|11:22] C:\ProgramData\ma-config.com
[28/05/2007|16:52] C:\ProgramData\Menu D‚marrer
[12/09/2007|22:19] C:\ProgramData\Messenger Plus!
[19/03/2008|22:53] C:\ProgramData\Microsoft
[12/03/2009|01:20] C:\ProgramData\Microsoft Help
[28/05/2007|16:52] C:\ProgramData\ModŠles
[05/06/2008|17:22] C:\ProgramData\NVIDIA
[29/12/2007|23:01] C:\ProgramData\ScanSoft
[02/11/2006|14:02] C:\ProgramData\Start Menu
[25/07/2008|06:49] C:\ProgramData\stop kind funk
[26/08/2007|12:55] C:\ProgramData\Symantec
[25/12/2007|12:53] C:\ProgramData\Tablet
[02/11/2006|14:02] C:\ProgramData\Templates
[24/07/2008|07:30] C:\ProgramData\WindowsSearch
[23/05/2008|20:17] C:\ProgramData\WLInstaller
[17/02/2009|21:02] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[14/04/2008|16:48] C:\Program Files\7-Zip
[28/05/2007|17:07] C:\Program Files\Acer
[21/04/2008|18:49] C:\Program Files\Acer Arcade Deluxe
[21/04/2008|18:49] C:\Program Files\Acer Inc
[12/11/2008|15:28] C:\Program Files\Adobe
[22/08/2007|15:05] C:\Program Files\Alwil Software
[29/12/2007|22:53] C:\Program Files\ArcSoft
[21/05/2008|13:05] C:\Program Files\Audacity
[25/12/2007|17:40] C:\Program Files\Audible
[17/04/2008|23:05] C:\Program Files\AviSynth 2.5
[17/07/2008|13:01] C:\Program Files\AVS4YOU
[19/06/2008|22:02] C:\Program Files\Brother
[02/12/2007|20:00] C:\Program Files\CASIO
[13/03/2009|12:15] C:\Program Files\CCleaner
[31/03/2008|18:44] C:\Program Files\CD to MP3 Ripper
[17/07/2008|13:00] C:\Program Files\Common Files
[23/01/2007|23:38] C:\Program Files\CONEXANT
[08/10/2008|21:54] C:\Program Files\Cool MP3 Converter
[22/05/2008|20:52] C:\Program Files\Creative
[09/02/2008|18:48] C:\Program Files\Creative Installation Information
[23/01/2007|23:40] C:\Program Files\CyberLink
[15/04/2008|17:22] C:\Program Files\DAEMON Tools Lite
[28/12/2007|19:11] C:\Program Files\Dreamcatcher
[22/05/2008|20:52] C:\Program Files\Driver Sweeper
[19/02/2009|22:39] C:\Program Files\Electronic Arts
[14/07/2008|18:58] C:\Program Files\eMule
[16/01/2008|23:03] C:\Program Files\Free Audio Pack
[15/10/2008|15:10] C:\Program Files\Free Video Converter
[18/11/2007|12:14] C:\Program Files\GameSpy Arcade
[18/02/2009|23:03] C:\Program Files\Google
[21/04/2008|18:49] C:\Program Files\HOTALBUMMyBOX
[17/02/2009|19:03] C:\Program Files\inKline Global
[19/02/2009|18:43] C:\Program Files\InstallShield Installation Information
[23/01/2007|23:39] C:\Program Files\Intel
[07/07/2008|19:14] C:\Program Files\Internet Explorer
[05/12/2008|22:26] C:\Program Files\Java
[24/11/2008|12:02] C:\Program Files\KC Softwares
[19/10/2007|12:43] C:\Program Files\K-Lite Codec Pack
[28/05/2007|17:06] C:\Program Files\Launch Manager
[24/05/2008|16:26] C:\Program Files\Lavalys
[24/05/2008|11:19] C:\Program Files\ma-config.com
[11/02/2009|11:36] C:\Program Files\Messenger Plus! Live
[02/10/2007|21:04] C:\Program Files\Micro Application
[30/08/2007|12:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[13/09/2007|23:50] C:\Program Files\Microsoft Office
[13/09/2007|23:49] C:\Program Files\Microsoft Visual Studio
[23/05/2008|18:22] C:\Program Files\Microsoft Visual Studio 8
[13/09/2007|23:50] C:\Program Files\Microsoft Works
[13/09/2007|23:48] C:\Program Files\Microsoft.NET
[28/09/2007|13:32] C:\Program Files\Mouse Driver
[07/07/2008|19:14] C:\Program Files\Movie Maker
[16/03/2009|17:41] C:\Program Files\Mozilla Firefox
[13/09/2007|23:50] C:\Program Files\MSBuild
[12/11/2008|10:30] C:\Program Files\MSXML 4.0
[16/03/2009|18:06] C:\Program Files\Navilog1
[23/01/2007|23:40] C:\Program Files\NewTech Infosystems
[21/04/2008|18:49] C:\Program Files\Personal Media Manager
[17/02/2009|18:42] C:\Program Files\QUAD Utilities
[22/05/2008|20:53] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[24/11/2008|12:03] C:\Program Files\RelevantKnowledge
[29/12/2007|22:58] C:\Program Files\ScanSoft
[15/10/2008|15:11] C:\Program Files\Search Settings
[23/10/2008|21:40] C:\Program Files\SlySoft
[11/10/2008|15:53] C:\Program Files\Sun
[23/01/2007|23:17] C:\Program Files\Synaptics
[09/01/2008|21:12] C:\Program Files\SYSTRAN
[16/03/2009|17:41] C:\Program Files\TransVente
[16/03/2009|18:46] C:\Program Files\trend micro
[14/09/2007|11:18] C:\Program Files\Trust
[19/10/2007|12:25] C:\Program Files\VSO
[07/07/2008|19:14] C:\Program Files\Windows Calendar
[07/07/2008|19:14] C:\Program Files\Windows Collaboration
[07/07/2008|19:13] C:\Program Files\Windows Defender
[07/07/2008|19:13] C:\Program Files\Windows Journal
[23/05/2008|20:19] C:\Program Files\Windows Live
[16/03/2009|19:06] C:\Program Files\Windows Live Safety Center
[30/11/2007|18:49] C:\Program Files\Windows Live Toolbar
[12/03/2009|11:11] C:\Program Files\Windows Mail
[12/03/2009|11:11] C:\Program Files\Windows Media Player
[21/04/2008|18:49] C:\Program Files\Windows NT
[07/07/2008|19:13] C:\Program Files\Windows Photo Gallery
[07/07/2008|19:14] C:\Program Files\Windows Sidebar
[22/05/2008|11:11] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[12/11/2008|15:28] C:\Program Files\Common Files\Adobe
[17/07/2008|13:01] C:\Program Files\Common Files\AVSMedia
[13/09/2007|23:49] C:\Program Files\Common Files\DESIGNER
[28/05/2007|17:00] C:\Program Files\Common Files\InstallShield
[19/12/2007|00:10] C:\Program Files\Common Files\Java
[23/01/2007|23:39] C:\Program Files\Common Files\LightScribe
[28/05/2007|17:07] C:\Program Files\Common Files\Logitech
[17/07/2008|13:00] C:\Program Files\Common Files\microsoft shared
[23/01/2007|23:39] C:\Program Files\Common Files\muvee Technologies
[23/01/2007|23:40] C:\Program Files\Common Files\NewTech Infosystems
[29/12/2007|23:01] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[21/04/2008|18:49] C:\Program Files\Common Files\Symantec Shared
[07/07/2008|19:13] C:\Program Files\Common Files\System
[23/05/2008|20:20] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 106 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-16 20:15:37
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 658

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:2560][D:80]-> C:\Users\UTILIS~1\AppData\Local\Temp
[F:31][D:1]-> C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:127][D:5]-> C:\Users\UTILIS~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:4]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 16/03/2009|20:01 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 16/03/2009|20:17 - Option : [2]

--------------------\\ Fin du rapport a 20:17:53
[ UAC => 1 ]
0
Réponse 15 / 32
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Il y a des dossiers que je ne connais pas.

--> Télécharge DirLook sur ton Bureau.

--> Clique droit sur DirLook.exe et choisir Exécuter en tant qu'administrateur.

--> Copie le texte ci-dessous :

C:\ProgramData\.zreglib
C:\ProgramData\stop kind funk

--> Dans la petite fenêtre de DirLook, faire un clic droit dans la zone blanche et choisir Coller.
Note : les lignes sélectionnées précédemment doivent avoir été recopiées dans la zone blanche de DirLook.

--> Clique sur le bouton DirLook pour lancer la recherche.

Lorsque l'outil a terminé cette recherche, le Bloc-notes s'ouvre.
Note : Dans le Bloc-notes, vérifie dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.

--> Enregistre le rapport sous le nom DirLook1.txt et ferme le Bloc-notes.

--> Ferme DirLook en cliquant sur le bouton Exit puis poste le rapport.
0
Réponse 16 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
DirLook.exe v2.0 by jpshortstuff
Log created at 20:25 on 16/03/2009
==================================[b]
Contents of "C:\ProgramData\.zreglib"
[/b]
Unable to find directory.

==================================[b]
Contents of "C:\ProgramData\stop kind funk"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]

(none found)

[b][color=blue]---FILES---[/b][/color]

[b]Bits1Type16.exe[/b] (325632 bytes - created on 03/01/2008 at 17:58, modified on 29/06/2008 at 01:41) --a---
[b]cypmsifq.exe[/b] (475136 bytes - created on 04/05/2008 at 16:02, modified on 04/05/2008 at 16:02) --a---
[b]fjahkgnh.exe[/b] (591360 bytes - created on 29/06/2008 at 01:41, modified on 29/06/2008 at 01:41) --a---
[b]knplfesp.exe[/b] (505856 bytes - created on 17/06/2008 at 06:20, modified on 17/06/2008 at 06:20) --a---
[b]knxxklrb.exe[/b] (424448 bytes - created on 03/01/2008 at 17:57, modified on 03/01/2008 at 17:57) --a---
[b]ywaefwbf.exe[/b] (494592 bytes - created on 09/01/2008 at 20:16, modified on 09/01/2008 at 20:16) --a---
[b]zcanwebw.exe[/b] (446976 bytes - created on 18/01/2008 at 18:31, modified on 18/01/2008 at 18:31) --a---
[b]zoxltaww.exe[/b] (454656 bytes - created on 27/02/2008 at 18:07, modified on 27/02/2008 at 18:07) --a---

==================================
[b][color=blue]=EOF=[/b][/color]
0
Réponse 17 / 32
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\ProgramData\stop kind funk

:commands
[purity]
[emptytemp]
[reboot]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 18 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
Désolée pour le temps de réponse,mais le ventre commençait à avoir faim !! ;)

Voilà le rapport OTMoveIt3

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\ProgramData\stop kind funk not found.
========== COMMANDS ==========
File delete failed. C:\Users\UTILIS~1\AppData\Local\Temp\etilqs_JlW1txxjOhtQZewMy1Jg scheduled to be deleted on reboot.
File delete failed. C:\Users\UTILIS~1\AppData\Local\Temp\~DF6D9.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\UTILIS~1\AppData\Local\Temp\~DFFFA.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03162009_213201

Files moved on Reboot...
File C:\Users\UTILIS~1\AppData\Local\Temp\etilqs_JlW1txxjOhtQZewMy1Jg not found!
C:\Users\UTILIS~1\AppData\Local\Temp\~DF6D9.tmp moved successfully.
C:\Users\UTILIS~1\AppData\Local\Temp\~DFFFA.tmp moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\Cache\_CACHE_001_ moved successfully.
C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\Cache\_CACHE_002_ moved successfully.
C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\Cache\_CACHE_003_ moved successfully.
C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\urlclassifier3.sqlite moved successfully.
C:\Users\utilisateur\AppData\Local\Mozilla\Firefox\Profiles\n9vnh0n4.default\XUL.mfl moved successfully.
0
Réponse 19 / 32
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
● Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\

● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
● Au menu principal, choisis l'option A.
● Poste le rapport généré (C:\Ad-report(date).log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
0
Réponse 20 / 32
MiniPouce44 Messages postés 35 Statut Membre
 
------- LOGFILE OF AD-REMOVER 1.1.1.8 | ONLY XP/VISTA -------

Updated by C_XX on 15/03/2009 at 12:00

Start at: 22:01:24, Mon 16/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows Vista™ Home Premium Service Pack 1 (version 6.0.6001)
Computer Name: PC-TYTY
Current User: utilisateur - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- G:\ (File System: FAT32)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\

--- Running Processes: 105
--- User Account Control is DISABLE

+-----------------| Boonty/Boonty Games Elements Found:

.
.

+-----------------| Eorezo Elements Found:

HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Softwarehelper
.
C:\Users\utilisateur\AppData\Roaming\EoRezo
C:\Windows\Prefetch\SOFTWAREUPDATEHP.EXE-8A01DF20.pf
C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Cookies\utilisateur@eorezo[1].txt
C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Cookies\utilisateur@eorezo[2].txt

+-----------------| Infected Poker Softwares Elements Found:

.

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

.

============ Other Adwares Found ============

.
.
C:\Program Files\RelevantKnowledge

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: n9vnh0n4.default (utilisateur)
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Live Search"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
.
Invalidprefs.js: Browser.Search.DefaultEngineName: "Google"
Invalidprefs.js: Browser.Search.SelectedEngine: "Live Search"
Invalidprefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Invalidprefs.js) FOUND: user_pref("browser.startup.homepage", "http://y.lo.st");
.
.

---- Internet Explorer Version 7.0.6001.18000 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.transvente.com/google.htm

+-[HKEY_USERS\S-1-5-21-1137918661-3580268849-1372979558-1000\..\Internet Explorer\Main]

Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.transvente.com/google.htm

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://fr.fr.acer.yahoo.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://fr.fr.acer.yahoo.com

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://y.lo.st

+---------------------------------------------------------------------------+

3199 Byte(s) - C:\Ad-Report-Scan-16.03.2009.log

0 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
0 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 22:07:19 | 16/03/2009
.
+-----------------| E.O.F - 76 Lines
.
0

Discussions similaires

Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Ouvrir document Publisher sans Publisher
Curtis Hayes -
Curtis Hayes -

7 réponses
lire un fichier .pub
xycoco -
Valou -

38 réponses
Lire, afficher, exécuter un fichier *.pub sans Publisher
jeannoellaurenti -
informatique_fujitsu -

1 réponse
Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses