Sujet Précédent Sujet Suivant

Probl de pub

Fermé
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009 - 30 sept. 2009 à 13:12
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009 - 1 oct. 2009 à 12:07
Bonjour,

De puis quelque temps j'ai des pubs avec mozilla, j'ai fait un scan avec hijckthis et voilà le rapport
Aidez moi SVP

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:29, on 29/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http:­//fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http:­//fr.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http:­//fr.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http:­//fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {05595372-617F-47E4-B6B1-1B29DBC97767} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0941D65E-F46F-4A19-A488-9505DE25CEFA} - (no file)
O2 - BHO: (no name) - {0F8E6173-E305-44F9-9F74-5CB5D7198619} - (no file)
O2 - BHO: (no name) - {10D6AE97-8350-438A-81D8-AFBE9B28CA5C} - (no file)
O2 - BHO: (no name) - {173738EC-24D9-40AF-B34E-C79BC309B5C4} - (no file)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: (no name) - {1E6AA990-C800-445F-B784-05F9A86426FF} - (no file)
O2 - BHO: (no name) - {1ED80524-5130-42A0-A281-E6AC6C25674F} - (no file)
O2 - BHO: (no name) - {25CB9566-36B0-462E-9D44-78F46FC25E62} - (no file)
O2 - BHO: (no name) - {2A11CE52-4DDB-4818-AB6F-C9500D10AACF} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {30FA50D8-279E-4DFA-AC4E-09294C86B261} - (no file)
O2 - BHO: (no name) - {4360085B-8E5A-4108-B485-605CB263979A} - (no file)
O2 - BHO: (no name) - {4E702B02-983D-4300-8A67-6A4E2AE365E6} - (no file)
O2 - BHO: (no name) - {4FFEFF43-F4CA-482F-B999-920D3A8D0916} - (no file)
O2 - BHO: (no name) - {52C15611-9385-462F-9DCD-FE8C83226CA9} - (no file)
O2 - BHO: (no name) - {5EA3E111-B1E1-4AD7-BF3A-106636AAD237} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {736820AC-DB02-488E-9B5C-BACCEA6AF87A} - (no file)
O2 - BHO: (no name) - {7903044C-CE5D-4D9D-9CDA-9A13434BCB1F} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EFCFB5F-FED2-4CCE-BEC0-9ECF6A3E4387} - (no file)
O2 - BHO: (no name) - {7F9596B5-EB8F-4771-8C14-7B068F0B4C65} - (no file)
O2 - BHO: (no name) - {81FE108B-4397-49D8-97A7-3AC9EF608CEB} - (no file)
O2 - BHO: (no name) - {820B2D1C-0ACB-4C53-9CD7-FB97BFC619A1} - (no file)
O2 - BHO: (no name) - {86425A83-EAC7-438A-A8AB-0F125736145E} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95D749D4-39E2-419C-8FC7-F17F0EB7C0BE} - (no file)
O2 - BHO: (no name) - {964DD63B-AEAA-4FFD-ACF8-098DC30EE63F} - (no file)
O2 - BHO: (no name) - {9B3BFF14-3392-4363-9A08-DCF719A71DF2} - (no file)
O2 - BHO: (no name) - {A5C4AACF-A420-4D05-B1ED-A5701D5C0EB9} - (no file)
O2 - BHO: (no name) - {A83C9FC0-AF53-4D45-A71B-440757A191A6} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: (no name) - {B211E0BD-88B6-4ADE-AFFF-116C3945DF2D} - (no file)
O2 - BHO: (no name) - {B33AE7D1-9ABD-4991-B4C9-BBC83EAAD6AE} - (no file)
O2 - BHO: (no name) - {B7498E6F-CD84-45F5-AF18-019E0F79C5E9} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: (no name) - {C2763FC7-5D8A-44B7-8F3A-111A8BFA29D4} - (no file)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: (no name) - {D4788400-8C1F-40A5-98BA-FC596D0AC22F} - (no file)
O2 - BHO: (no name) - {D87FE150-7B40-41A7-901D-ECAA9F36EF30} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E5F243A7-2F89-4719-878E-5D90143FADD0} - (no file)
O2 - BHO: (no name) - {F8658715-3707-464C-81AF-C52F6C2549F3} - (no file)
O2 - BHO: (no name) - {F8A19826-CFFB-4D8F-A7E4-ADC1B3136FFD} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NFSUserSIDGSSLink] C:\Program Files\Hummingbird\Connectivity\11.00\NFS Maestro\HumGSS.exe REG
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Google Update (gupdate1ca27147294fabf) (gupdate1ca27147294fabf) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hummingbird Export (HCLExport) - Hummingbird Ltd. - C:\Windows\system32\Hummingbird\Connectivity\11.00\NFS Maestro\expserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
End of file - 13703 bytes
A voir également:

15 réponses

Réponse 1 / 15
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
30 sept. 2009 à 13:14
Salut, fais ceci :

Ad-Remover ---->

[x] Si tu es sous vista : Désactive l'UAC (Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le)

[x] Télécharge Ad-remover (de C_XX) sur ton bureau : http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

[x] Lance l'installation avec les paramètres par défaut..

! Déconnecte toi et ferme toutes applications en cours !

[x] Double-clique sur le raccourci Ad-Remover sur ton Bureau.(Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista)

[x] Séléctionne l'option F pour français

[x] A la fenêtre qui s'affiche clique sur " oui "

[x] Séléctionne l'option S

[x] Laisse l'outil travailler.

[x] Une fois le scan fini, appuie sur une touche, le rapport s'ouvre


-----------------------


Toolbar S&D ----->

Télécharge Toolbar S&D Ici : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

Suis le tutorial disponible à cette adresse : https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/

Lance l'option 1 ( Recherche )

Puis copie/colle le rapport dans ton prochain message ( Il se trouve sous C:\TB.txt )
0
Réponse 2 / 15
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 1 169
30 sept. 2009 à 13:17
Salut !

Edit

Je n'avais pas vu ton post

Je te laisse la main ;-)
0
Réponse 3 / 15
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009
30 sept. 2009 à 15:35
slt jorginh67
je suis dsl pour le retard , voila le rapport


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2080 @ 1.73GHz )
BIOS : Default System BIOS
USER : moi ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:141 Go (Free:63 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 30/09/2009|15:26 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Barre d'outils Crawler
C:\Program Files\Crawler
C:\Program Files\Crawler\adrkeys.dat
C:\Program Files\Crawler\Cache
C:\Program Files\Crawler\COMMON_FF.dat
C:\Program Files\Crawler\confirm.dat
C:\Program Files\Crawler\ctbcomm.dll
C:\Program Files\Crawler\ctbr.dll
C:\Program Files\Crawler\CTConf.dat
C:\Program Files\Crawler\CTipsDef.dll
C:\Program Files\Crawler\CToolbar.exe
C:\Program Files\Crawler\CUpdate.exe
C:\Program Files\Crawler\Download
C:\Program Files\Crawler\firefox
C:\Program Files\Crawler\Languages
C:\Program Files\Crawler\lookfor.dat
C:\Program Files\Crawler\majorse.dat
C:\Program Files\Crawler\rootmenu.dat
C:\Program Files\Crawler\services.dat
C:\Program Files\Crawler\STWSGLanguageAct
C:\Program Files\Crawler\STWSG_FF.dat
C:\Program Files\Crawler\TBR5LanguageAct
C:\Program Files\Crawler\Update
C:\Program Files\Crawler\WebSecurityGuard.dll
C:\Program Files\Crawler\WSGData
C:\Program Files\Crawler\Cache\COMMON
C:\Program Files\Crawler\Cache\COMMON\CLEANUP_BMP.dat
C:\Program Files\Crawler\Cache\COMMON\CLEANUP_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\CLEANUP_MENU.dat
C:\Program Files\Crawler\Cache\COMMON\DIRLIST_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\DIRLIST_MENU.dat
C:\Program Files\Crawler\Cache\COMMON\ECARDS_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\ECARDS_MENU.dat
C:\Program Files\Crawler\Cache\COMMON\EMAIL_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\GAMES_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\GAMES_MENU.dat
C:\Program Files\Crawler\Cache\COMMON\SHOP_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\SKINS_MENU.dat
C:\Program Files\Crawler\Cache\COMMON\SPELL_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\TRAVEL_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\WAYBACK_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\WP_CHBMP.dat
C:\Program Files\Crawler\Cache\COMMON\YP_CHBMP.dat
C:\Program Files\Crawler\firefox\chrome
C:\Program Files\Crawler\firefox\chrome.manifest
C:\Program Files\Crawler\firefox\components
C:\Program Files\Crawler\firefox\install.ini
C:\Program Files\Crawler\firefox\install.rdf
C:\Program Files\Crawler\firefox\stwsg_ff.ini
C:\Program Files\Crawler\firefox\chrome\common.jar
C:\Program Files\Crawler\firefox\chrome\stwsg.jar
C:\Program Files\Crawler\firefox\components\xcomm.dll
C:\Program Files\Crawler\firefox\components\xplugin.xpt
C:\Program Files\Crawler\firefox\components\xshared.dll
C:\Program Files\Crawler\firefox\components\xshared.xpt
C:\Program Files\Crawler\firefox\components\xsupport.dll
C:\Program Files\Crawler\firefox\components\xsupport.xpt
C:\Program Files\Crawler\firefox\components\xwsg.dll
C:\Program Files\Crawler\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Languages\STWSG_NL.cab
C:\Program Files\Crawler\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Languages\TBR5_EN.cab.old
C:\Program Files\Crawler\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Languages\TBR5_FR.cab
C:\Program Files\Crawler\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Languages\TBR5_NL.cab
C:\Program Files\Crawler\Languages\TBR5_PL.cab
C:\Program Files\Crawler\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Languages\TBR5_RU.cab
C:\Program Files\Crawler\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Update\domains.cab
C:\Program Files\Crawler\Update\domains_022_diff.cab
C:\Program Files\Crawler\WSGData\domains
C:\Program Files\Crawler\WSGData\g_S-1-5-21-3978879325-2782128261-3790254934-1002.dat
C:\Program Files\Crawler\WSGData\p_S-1-5-21-3978879325-2782128261-3790254934-1002.dat
C:\Program Files\Crawler\WSGData\wfilter.dat
C:\Program Files\Crawler\WSGData\w_S-1-5-21-3978879325-2782128261-3790254934-1002.dat
C:\Program Files\Crawler\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_025.dat
C:\Program Files\Crawler\WSGData\domains\domains_025_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_026.dat
C:\Program Files\Crawler\WSGData\domains\domains_026_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_027.dat
C:\Program Files\Crawler\WSGData\domains\domains_027_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_028.dat
C:\Program Files\Crawler\WSGData\domains\domains_028_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_029.dat
C:\Program Files\Crawler\WSGData\domains\domains_029_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_030.dat
C:\Program Files\Crawler\WSGData\domains\domains_030_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_031.dat
C:\Program Files\Crawler\WSGData\domains\domains_031_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_032.dat
C:\Program Files\Crawler\WSGData\domains\domains_032_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_033.dat
C:\Program Files\Crawler\WSGData\domains\domains_033_diff.dat
C:\Program Files\Crawler\WSGData\domains\index.dat
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\PlayMP3z
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/"
"Start Page"="https://fr.yahoo.com/"
"Search Bar"="https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://fr.yahoo.com/"
"Default_Page_URL"="https://fr.yahoo.com/"
"Default_Search_URL"="http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/"
"Local Page"="C:\\Windows\\System32\\blank.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ ROGUES ..

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Spyware-Secure

--------------------\\ Cracks & Keygens ..

C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\EFA.DIZ
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\EFA.NFO
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\LICENSE.DAT
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MakeFloatLic.bat
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MakeLic.bat
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MLMCrypt.exe
C:\Users\moi\Documents\mp3 frero\compil staifi 2007_Crack.zip
C:\Users\moi\Documents\mp3 frero\A\Alpha 5.20\3025 Avant Rakailles 4\07 - Crack Saison.mp3
C:\Users\moi\Documents\mp3 frero\R\Rim-K\Famille Nombreuse\11 - Pilotes Crack Musik feat. Hamza.mp3


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 30/09/2009|15:27 - Option : [1]

-----------\\ Fin du rapport a 15:27:11,33
0
Réponse 4 / 15
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
30 sept. 2009 à 16:39
Fais aussi le scan AD-Remover stp.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009
30 sept. 2009 à 16:44
ok le AD-Remover à donné ça :

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_W | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 30.09.2009 à 11:52
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 14:24:11, 30/09/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: MONBLED | Utilisateur actuel: moi
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
.
HKCR\VirtualStore\MACHINE\SOFTWARE\CToolbar
HKCU\Software\Ask.com
HKCU\Software\CToolbar
HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
HKCU\Software\Popsicle
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
HKLM\Software\Classes\CTBR.R404Pro
HKLM\Software\Classes\CToolbar.TB4Client
HKLM\Software\Classes\CToolbar.TB4Script
HKLM\Software\Classes\CToolbar.TB4Server
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
HKU\S-1-5-21-3978879325-2782128261-3790254934-1002\Software\Ask.com
HKLM\Software\Mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
HKCU\software\microsoft\internet explorer\searchscopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
.
C:\Program Files\Ask.com
C:\Program Files\Crawler
C:\Program Files\Mozilla FireFox\regxpcom.exe
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barre d'outils Crawler
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z
C:\Users\moi\AppData\Local\Temp\AskSearch
C:\Users\moi\AppData\Roaming\Microsoft\Windows\Cookies\moi@ask[1].txt
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com
C:\Users\Public\Documents\Foxicle
C:\Users\Public\Documents\Popsicle
C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.14 *
.
Nom du profil: 25d2ojze.default (moi)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Google");
(Prefs.js) user_pref("browser.search.selectedEngine", "Google");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-divx&p=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.yahoo.com/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.14");
.
(prefs.js) TROUVÉ: user_pref("extensions.asktb.cbid", "AG");
(prefs.js) TROUVÉ: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&dm=lang");
(prefs.js) TROUVÉ: user_pref("extensions.asktb.l", "dis");
(prefs.js) TROUVÉ: user_pref("extensions.asktb.locale", "fr_FR");
(prefs.js) TROUVÉ: user_pref("extensions.asktb.o", "15084");
(prefs.js) TROUVÉ: user_pref("extensions.asktb.qsrc", "2871");
(prefs.js) TROUVÉ: user_pref("extensions.enabledItems", "toolbar@ask.com:3.4.4.118,{4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3,{3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20090917Wb1,{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05,{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02,{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}:3.1,{20a82645-c095-46ed-80e3-08825760534b}:1.1,searchrecs@veoh.com:1.5.1,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14");
.
* Internet Explorer Version 8.0.6001.18813 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page: hxxp://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://fr.search.yahoo.com
Start Page: hxxp://fr.yahoo.com
Search Bar: hxxp://g.msn.fr/0SEFRFR/SAOS02
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.yahoo.com
Default_Page_URL: hxxp://fr.yahoo.com
Default_Search_URL: hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*hxxp://fr.search.yahoo.com
Search Page: hxxp://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://fr.search.yahoo.com
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: tbr:res?id=tabs&rep=1
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\EFA.NFO
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MLMCrypt.exe
C:\Users\moi\Documents\mp3 frero\compil staifi 2007_Crack.zip
.
===================================
.
2699 Octet(s) - C:\Ad-Report-SCAN[0].log
7289 Octet(s) - C:\Ad-Report-SCAN[1].log
.
1225 Fichier(s) - C:\Users\moi\AppData\Local\Temp
376 Fichier(s) - C:\Windows\Temp
.
1 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 15:19:24 | 30/09/2009
.
============== E.O.F ==============
.
0
Réponse 6 / 15
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
30 sept. 2009 à 16:45
Bien, maintenant fais ceci :

--- Suppression ---

[x] Relance Toolbar S&D et choisi l'option 2 ( Suppression ).

[x] Ne fait rien pendant la procédure.

[x] Copie/Colle le rapport dans ton prochain message.


-----------

--------- SUPPRESSION ----------

[x] Relance Ad-Remover puis séléctionne l'option " L "

[x] Une fois le nettoyage terminé, le rapport s'affiche

[x] Copie/Colle le dans ton prochain message
0
Réponse 7 / 15
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009
30 sept. 2009 à 16:51
ça donne :

-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2080 @ 1.73GHz )
BIOS : Default System BIOS
USER : moi ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:141 Go (Free:63 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 30/09/2009|16:44 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Barre d'outils Crawler
Supprime! - C:\Program Files\Crawler\adrkeys.dat
Supprime! - C:\Program Files\Crawler\Cache
Supprime! - C:\Program Files\Crawler\COMMON_FF.dat
Supprime! - C:\Program Files\Crawler\confirm.dat
Supprime! - C:\Program Files\Crawler\ctbcomm.dll
Supprime! - C:\Program Files\Crawler\ctbr.dll
Supprime! - C:\Program Files\Crawler\CTConf.dat
Supprime! - C:\Program Files\Crawler\CTipsDef.dll
Supprime! - C:\Program Files\Crawler\CToolbar.exe
Supprime! - C:\Program Files\Crawler\CUpdate.exe
Supprime! - C:\Program Files\Crawler\Download
Supprime! - C:\Program Files\Crawler\firefox
Supprime! - C:\Program Files\Crawler\Languages
Supprime! - C:\Program Files\Crawler\lookfor.dat
Supprime! - C:\Program Files\Crawler\majorse.dat
Supprime! - C:\Program Files\Crawler\rootmenu.dat
Supprime! - C:\Program Files\Crawler\services.dat
Supprime! - C:\Program Files\Crawler\STWSGLanguageAct
Supprime! - C:\Program Files\Crawler\STWSG_FF.dat
Supprime! - C:\Program Files\Crawler\TBR5LanguageAct
Supprime! - C:\Program Files\Crawler\Update
Supprime! - C:\Program Files\Crawler\WebSecurityGuard.dll
Supprime! - C:\Program Files\Crawler\WSGData
Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\PlayMP3z
Supprime! - C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
Supprime! - C:\Program Files\Crawler

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/"
"Start Page"="https://fr.yahoo.com/"
"Search Bar"="https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://fr.yahoo.com/"
"Default_Search_URL"="http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/"
"Local Page"="C:\\Windows\\System32\\blank.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ ROGUES ..

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Spyware-Secure

--------------------\\ Cracks & Keygens ..

C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\EFA.DIZ
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\EFA.NFO
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\LICENSE.DAT
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MakeFloatLic.bat
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MakeLic.bat
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MLMCrypt.exe
C:\Users\moi\Documents\mp3 frero\compil staifi 2007_Crack.zip
C:\Users\moi\Documents\mp3 frero\A\Alpha 5.20\3025 Avant Rakailles 4\07 - Crack Saison.mp3
C:\Users\moi\Documents\mp3 frero\R\Rim-K\Famille Nombreuse\11 - Pilotes Crack Musik feat. Hamza.mp3


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 30/09/2009|15:27 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 30/09/2009|16:46 - Option : [2]

-----------\\ Fin du rapport a 16:46:09,86
0
Réponse 8 / 15
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
30 sept. 2009 à 21:38
Et le rapport d'AD-remover ?
0
Réponse 9 / 15
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009
30 sept. 2009 à 22:44
le rapport d'AD-remover est le suivant :

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_W | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 30.09.2009 à 11:52
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 17:33:31, 30/09/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: MONBLED | Utilisateur actuel: moi
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCR\VirtualStore\MACHINE\SOFTWARE\CToolbar - NON SUPPRIMÉ
HKCU\Software\Ask.com
HKCU\Software\CToolbar
HKCU\Software\Popsicle
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} - NON SUPPRIMÉ
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL - NON SUPPRIMÉ
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd - NON SUPPRIMÉ
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 - NON SUPPRIMÉ
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar - NON SUPPRIMÉ
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} - NON SUPPRIMÉ
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} - NON SUPPRIMÉ
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} - NON SUPPRIMÉ
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} - NON SUPPRIMÉ
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 - NON SUPPRIMÉ
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA - NON SUPPRIMÉ
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 - NON SUPPRIMÉ
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC - NON SUPPRIMÉ
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA - NON SUPPRIMÉ
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF - NON SUPPRIMÉ
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E - NON SUPPRIMÉ
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF - NON SUPPRIMÉ
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF - NON SUPPRIMÉ
.
C:\Program Files\Ask.com
C:\Program Files\Ask.com\config.xml
C:\Program Files\Ask.com\GenericAskToolbar.dll
C:\Program Files\Ask.com\mupcfg.xml
C:\Program Files\Ask.com\SaUpdate.exe
C:\Program Files\Ask.com\UpdateTask.exe
C:\Program Files\Mozilla FireFox\regxpcom.exe
C:\Users\moi\AppData\Local\Temp\AskSearch
C:\Users\moi\AppData\Local\Temp\AskSearch\partnercobranding.dat
C:\Users\moi\AppData\Roaming\Microsoft\Windows\Cookies\moi@ask[1].txt
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome.manifest
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\content
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\content\about.xul
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\content\options.js
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\content\options.xul
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\content\toolbar.js
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\skin
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\25d2ojze.default\extensions\toolbar@ask.com\chrome\skin\blogs.png

suite ......
0
Réponse 10 / 15
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
30 sept. 2009 à 22:46
Ok, fais maintenant ceci :

Malwarebyte's anti-malware ----->

[x] Télécharge Malwarebyte's anti-malware (MBAM) à cette adresse : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

[x] Installe le.

[x] Met le à jour.

[x] Coche bien tout les éléments trouvés et supprime les !

[x] Un tutoriel pour son utilisation est disponible ici : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

[x] Suis les indications données sur le lien précédent puis copie/colle le rapport généré dans ton prochain message
0
Réponse 11 / 15
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009
1 oct. 2009 à 09:50
slt Xplode
l'analyse par Malwarebyte's anti-malware à donnée ça :

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2878
Windows 6.0.6001 Service Pack 1

01/10/2009 09:47:23
mbam-log-2009-10-01 (09-47-23).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 364734
Temps écoulé: 10 hour(s), 51 minute(s), 40 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 12 / 15
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
1 oct. 2009 à 11:22
Ok,

C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\EFA.DIZ
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\EFA.NFO
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\LICENSE.DAT
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MakeFloatLic.bat
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MakeLic.bat
C:\Users\moi\Documents\logiciels\Mathlab 7 CD1\KeyGen\MLMCrypt.exe


Ceci est à supprimer, les cracks sont une source de virus et autre malwares.

Peux tu refaire un log hijackthis ?
0
Réponse 13 / 15
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009
1 oct. 2009 à 11:37
Ok, j'ai supprimé ce que tu ma dit , le rapport du scan avec hijackthis est :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:34:13, on 01/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {05595372-617F-47E4-B6B1-1B29DBC97767} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0941D65E-F46F-4A19-A488-9505DE25CEFA} - (no file)
O2 - BHO: (no name) - {0F8E6173-E305-44F9-9F74-5CB5D7198619} - (no file)
O2 - BHO: (no name) - {10D6AE97-8350-438A-81D8-AFBE9B28CA5C} - (no file)
O2 - BHO: (no name) - {173738EC-24D9-40AF-B34E-C79BC309B5C4} - (no file)
O2 - BHO: (no name) - {1E6AA990-C800-445F-B784-05F9A86426FF} - (no file)
O2 - BHO: (no name) - {1ED80524-5130-42A0-A281-E6AC6C25674F} - (no file)
O2 - BHO: (no name) - {25CB9566-36B0-462E-9D44-78F46FC25E62} - (no file)
O2 - BHO: (no name) - {2A11CE52-4DDB-4818-AB6F-C9500D10AACF} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {30FA50D8-279E-4DFA-AC4E-09294C86B261} - (no file)
O2 - BHO: (no name) - {4360085B-8E5A-4108-B485-605CB263979A} - (no file)
O2 - BHO: (no name) - {4E702B02-983D-4300-8A67-6A4E2AE365E6} - (no file)
O2 - BHO: (no name) - {4FFEFF43-F4CA-482F-B999-920D3A8D0916} - (no file)
O2 - BHO: (no name) - {52C15611-9385-462F-9DCD-FE8C83226CA9} - (no file)
O2 - BHO: (no name) - {5EA3E111-B1E1-4AD7-BF3A-106636AAD237} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {736820AC-DB02-488E-9B5C-BACCEA6AF87A} - (no file)
O2 - BHO: (no name) - {7903044C-CE5D-4D9D-9CDA-9A13434BCB1F} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EFCFB5F-FED2-4CCE-BEC0-9ECF6A3E4387} - (no file)
O2 - BHO: (no name) - {7F9596B5-EB8F-4771-8C14-7B068F0B4C65} - (no file)
O2 - BHO: (no name) - {81FE108B-4397-49D8-97A7-3AC9EF608CEB} - (no file)
O2 - BHO: (no name) - {820B2D1C-0ACB-4C53-9CD7-FB97BFC619A1} - (no file)
O2 - BHO: (no name) - {86425A83-EAC7-438A-A8AB-0F125736145E} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95D749D4-39E2-419C-8FC7-F17F0EB7C0BE} - (no file)
O2 - BHO: (no name) - {964DD63B-AEAA-4FFD-ACF8-098DC30EE63F} - (no file)
O2 - BHO: (no name) - {9B3BFF14-3392-4363-9A08-DCF719A71DF2} - (no file)
O2 - BHO: (no name) - {A5C4AACF-A420-4D05-B1ED-A5701D5C0EB9} - (no file)
O2 - BHO: (no name) - {A83C9FC0-AF53-4D45-A71B-440757A191A6} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: (no name) - {B211E0BD-88B6-4ADE-AFFF-116C3945DF2D} - (no file)
O2 - BHO: (no name) - {B33AE7D1-9ABD-4991-B4C9-BBC83EAAD6AE} - (no file)
O2 - BHO: (no name) - {B7498E6F-CD84-45F5-AF18-019E0F79C5E9} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: (no name) - {C2763FC7-5D8A-44B7-8F3A-111A8BFA29D4} - (no file)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: (no name) - {D4788400-8C1F-40A5-98BA-FC596D0AC22F} - (no file)
O2 - BHO: (no name) - {D87FE150-7B40-41A7-901D-ECAA9F36EF30} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E5F243A7-2F89-4719-878E-5D90143FADD0} - (no file)
O2 - BHO: (no name) - {F8658715-3707-464C-81AF-C52F6C2549F3} - (no file)
O2 - BHO: (no name) - {F8A19826-CFFB-4D8F-A7E4-ADC1B3136FFD} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NFSUserSIDGSSLink] C:\Program Files\Hummingbird\Connectivity\11.00\NFS Maestro\HumGSS.exe REG
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Google Update (gupdate1ca27147294fabf) (gupdate1ca27147294fabf) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hummingbird Export (HCLExport) - Hummingbird Ltd. - C:\Windows\system32\Hummingbird\Connectivity\11.00\NFS Maestro\expserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
0
Réponse 14 / 15
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
1 oct. 2009 à 11:45
Désinstalle yahoo! toolbar et google toolbar

-----------------------------

[x] Lance hijackthis ( C:\Program Files\Trend Micro\Hijackthis.exe )

[x] Clique sur " None of the above, just start the program " puis sur " Scan "

[x] Coche les lignes en gras ci dessous :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http:­//fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http:­//fr.search.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {05595372-617F-47E4-B6B1-1B29DBC97767} - (no file)
O2 - BHO: (no name) - {0941D65E-F46F-4A19-A488-9505DE25CEFA} - (no file)
O2 - BHO: (no name) - {0F8E6173-E305-44F9-9F74-5CB5D7198619} - (no file)
O2 - BHO: (no name) - {10D6AE97-8350-438A-81D8-AFBE9B28CA5C} - (no file)
O2 - BHO: (no name) - {173738EC-24D9-40AF-B34E-C79BC309B5C4} - (no file)
O2 - BHO: (no name) - {1E6AA990-C800-445F-B784-05F9A86426FF} - (no file)
O2 - BHO: (no name) - {1ED80524-5130-42A0-A281-E6AC6C25674F} - (no file)
O2 - BHO: (no name) - {25CB9566-36B0-462E-9D44-78F46FC25E62} - (no file)
O2 - BHO: (no name) - {2A11CE52-4DDB-4818-AB6F-C9500D10AACF} - (no file)
O2 - BHO: (no name) - {30FA50D8-279E-4DFA-AC4E-09294C86B261} - (no file)
O2 - BHO: (no name) - {4360085B-8E5A-4108-B485-605CB263979A} - (no file)
O2 - BHO: (no name) - {4E702B02-983D-4300-8A67-6A4E2AE365E6} - (no file)
O2 - BHO: (no name) - {4FFEFF43-F4CA-482F-B999-920D3A8D0916} - (no file)
O2 - BHO: (no name) - {52C15611-9385-462F-9DCD-FE8C83226CA9} - (no file)
O2 - BHO: (no name) - {5EA3E111-B1E1-4AD7-BF3A-106636AAD237} - (no file)
O2 - BHO: (no name) - {736820AC-DB02-488E-9B5C-BACCEA6AF87A} - (no file)
O2 - BHO: (no name) - {7903044C-CE5D-4D9D-9CDA-9A13434BCB1F} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EFCFB5F-FED2-4CCE-BEC0-9ECF6A3E4387} - (no file)
O2 - BHO: (no name) - {7F9596B5-EB8F-4771-8C14-7B068F0B4C65} - (no file)
O2 - BHO: (no name) - {81FE108B-4397-49D8-97A7-3AC9EF608CEB} - (no file)
O2 - BHO: (no name) - {820B2D1C-0ACB-4C53-9CD7-FB97BFC619A1} - (no file)
O2 - BHO: (no name) - {86425A83-EAC7-438A-A8AB-0F125736145E} - (no file)
O2 - BHO: (no name) - {95D749D4-39E2-419C-8FC7-F17F0EB7C0BE} - (no file)
O2 - BHO: (no name) - {964DD63B-AEAA-4FFD-ACF8-098DC30EE63F} - (no file)
O2 - BHO: (no name) - {9B3BFF14-3392-4363-9A08-DCF719A71DF2} - (no file)
O2 - BHO: (no name) - {A5C4AACF-A420-4D05-B1ED-A5701D5C0EB9} - (no file)
O2 - BHO: (no name) - {A83C9FC0-AF53-4D45-A71B-440757A191A6} - (no file)
O2 - BHO: (no name) - {B211E0BD-88B6-4ADE-AFFF-116C3945DF2D} - (no file)
O2 - BHO: (no name) - {B33AE7D1-9ABD-4991-B4C9-BBC83EAAD6AE} - (no file)
O2 - BHO: (no name) - {B7498E6F-CD84-45F5-AF18-019E0F79C5E9} - (no file)
O2 - BHO: (no name) - {C2763FC7-5D8A-44B7-8F3A-111A8BFA29D4} - (no file)
O2 - BHO: (no name) - {D4788400-8C1F-40A5-98BA-FC596D0AC22F} - (no file)
O2 - BHO: (no name) - {D87FE150-7B40-41A7-901D-ECAA9F36EF30} - (no file)
O2 - BHO: (no name) - {E5F243A7-2F89-4719-878E-5D90143FADD0} - (no file)
O2 - BHO: (no name) - {F8658715-3707-464C-81AF-C52F6C2549F3} - (no file)
O2 - BHO: (no name) - {F8A19826-CFFB-4D8F-A7E4-ADC1B3136FFD} - (no file)
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab


[x] Clique ensuite sur " Fix checked "

-------------

Reposte ensuite un nouveau log hijackthis
0
Réponse 15 / 15
assan59 Messages postés 9 Date d'inscription mardi 29 septembre 2009 Statut Membre Dernière intervention 1 octobre 2009
1 oct. 2009 à 12:07
ok ,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:39, on 01/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NFSUserSIDGSSLink] C:\Program Files\Hummingbird\Connectivity\11.00\NFS Maestro\HumGSS.exe REG
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Google Update (gupdate1ca27147294fabf) (gupdate1ca27147294fabf) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hummingbird Export (HCLExport) - Hummingbird Ltd. - C:\Windows\system32\Hummingbird\Connectivity\11.00\NFS Maestro\expserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
0

Discussions similaires

Cherche chanteur et titre chanson pub kinder noel 2023
Herme80 -
Domaldan -

17 réponses
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses
Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Recherche nom acteur Pub
Visu -
Lorenzo -

4 réponses