TrojanDownload:Win32/Renos.JM
Résolu/Fermé
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
-
28 janv. 2010 à 18:36
Utilisateur anonyme - 30 janv. 2010 à 12:23
Utilisateur anonyme - 30 janv. 2010 à 12:23
28 réponses
Utilisateur anonyme
28 janv. 2010 à 18:41
28 janv. 2010 à 18:41
Hello ;
• Télécharge UsbFix sur ton Bureau :
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir.
• Double clic sur UsbFix.exe présent sur ton bureau .
• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
• Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]
• Ton bureau disparaîtra et le pc redémarrera.
• Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
• Ensuite poste le rapport UsbFix.txt qui apparaîtra avec le bureau.
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Tuto : http://pagesperso-orange.fr/NosTools/tuto_usbfix3.html
• Home : http://pagesperso-orange.fr/NosTools/usbfix.html
• Télécharge UsbFix sur ton Bureau :
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir.
• Double clic sur UsbFix.exe présent sur ton bureau .
• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
• Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]
• Ton bureau disparaîtra et le pc redémarrera.
• Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
• Ensuite poste le rapport UsbFix.txt qui apparaîtra avec le bureau.
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Tuto : http://pagesperso-orange.fr/NosTools/tuto_usbfix3.html
• Home : http://pagesperso-orange.fr/NosTools/usbfix.html
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
28 janv. 2010 à 19:02
28 janv. 2010 à 19:02
Désolée, I E à du redémarrer, Ma question peut paraître bête mais si je n'ai pas de périphérique USB de stockage est -il necessaire de faire ça ?
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
28 janv. 2010 à 19:20
28 janv. 2010 à 19:20
Re, j'ai suivi la procedure avec UsbFix, le PC s'éteind normalement mais au redémarrage le scan ne démarre pas .
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
28 janv. 2010 à 19:27
28 janv. 2010 à 19:27
on va faire autrement
• Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
• Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
• Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
• Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
• Sélectionne Exécuter un examen rapide.
• Clique sur Rechercher. L'analyse démarre.
• A la fin de l'analyse, un message s'affiche :
"L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés."
• Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
• Ferme tes navigateurs.
• Si des malwares ont été détectés, clique sur Afficher les résultats.
• Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
• Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
• Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
• Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
• Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
• Sélectionne Exécuter un examen rapide.
• Clique sur Rechercher. L'analyse démarre.
• A la fin de l'analyse, un message s'affiche :
"L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés."
• Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
• Ferme tes navigateurs.
• Si des malwares ont été détectés, clique sur Afficher les résultats.
• Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
28 janv. 2010 à 19:31
28 janv. 2010 à 19:31
J'ai fait un scan avec MBAM hier, je poste le rapport :
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3645
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
27/01/2010 20:45:11
mbam-log-2010-01-27 (20-45-11).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 321610
Temps écoulé: 3 hour(s), 13 minute(s), 15 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 54
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 16
Fichier(s) infecté(s): 47
Processus mémoire infecté(s):
C:\Users\christel\lsass.exe (Trojan.Agent) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8bdd5d9-080c-448e-b868-db856c6be8ca} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fstcqrvc (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8bdd5d9-080c-448e-b868-db856c6be8ca} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{daa37aad-f156-4c2c-ac48-3c22ef92ae2f} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ec1a2105-5621-440f-987d-27ef428131d9} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bkpbvbar (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b8bdd5d9-080c-448e-b868-db856c6be8ca} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IGB (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WebMediaPlayer (Rogue.WebMedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\znsfjgc (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsa shellu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmimzmhmfm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\losalamos (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\Hotbar (Adware.Hotbar) -> Delete on reboot.
C:\ProgramData\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\Windows\System32\fmuaqej.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\Users\christel\AppData\Local\znsfjgc.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.
C:\Users\christel\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\GamesBar\oberontb.dll (Adware.Gamesbar) -> Delete on reboot.
C:\Users\christel\AppData\Local\Temp\Php.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\InternetGameBox.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\language (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\languages_v2.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\webmedias (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\wmp_translation_file.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA_kyf_update.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\log.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherStartup.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\ACItems (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\WeatherPreferences (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\Display (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\Loading (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\screen1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\Version (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\Weather_XML\General (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Users\christel\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\christel\Local Settings\Application Data\znsfjgc_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\christel\Local Settings\Application Data\znsfjgc_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3645
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
27/01/2010 20:45:11
mbam-log-2010-01-27 (20-45-11).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 321610
Temps écoulé: 3 hour(s), 13 minute(s), 15 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 54
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 16
Fichier(s) infecté(s): 47
Processus mémoire infecté(s):
C:\Users\christel\lsass.exe (Trojan.Agent) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8bdd5d9-080c-448e-b868-db856c6be8ca} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fstcqrvc (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8bdd5d9-080c-448e-b868-db856c6be8ca} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{daa37aad-f156-4c2c-ac48-3c22ef92ae2f} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ec1a2105-5621-440f-987d-27ef428131d9} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bkpbvbar (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b8bdd5d9-080c-448e-b868-db856c6be8ca} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IGB (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WebMediaPlayer (Rogue.WebMedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\znsfjgc (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsa shellu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmimzmhmfm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\losalamos (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\Hotbar (Adware.Hotbar) -> Delete on reboot.
C:\ProgramData\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\Windows\System32\fmuaqej.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\Users\christel\AppData\Local\znsfjgc.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.
C:\Users\christel\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\GamesBar\oberontb.dll (Adware.Gamesbar) -> Delete on reboot.
C:\Users\christel\AppData\Local\Temp\Php.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\InternetGameBox.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\language (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\languages_v2.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\webmedias (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\wmp_translation_file.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA_kyf_update.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\log.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherStartup.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\ACItems (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\WeatherPreferences (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\Display (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\Loading (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\screen1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\Version (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\christel\AppData\Roaming\WeatherDPA\Weather\Weather_XML\General (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Users\christel\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\christel\Local Settings\Application Data\znsfjgc_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\christel\Local Settings\Application Data\znsfjgc_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
Utilisateur anonyme
28 janv. 2010 à 20:09
28 janv. 2010 à 20:09
Réouvre malewarebyte's , va sur quarantaine et supprime tout .
#####
• Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
• Double-clique sur RSIT.exe afin de lancer le programme.
• Clique sur Continue à l'écran Disclaimer.
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
#####
• Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
• Double-clique sur RSIT.exe afin de lancer le programme.
• Clique sur Continue à l'écran Disclaimer.
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
28 janv. 2010 à 21:26
28 janv. 2010 à 21:26
Voici le contenu de log.txt :
Logfile of random's system information tool 1.06 (written by random/random)
Run by christel at 2010-01-28 21:22:35
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 37 GB (34%) free of 109 GB
Total RAM: 1013 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:22:52, on 28/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\VMSnap5.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\tsnp325.exe
C:\Windows\vsnp325.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\christel\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Users\christel\paejio.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\Program Files\D-Jix\D-Jix Media\D-Jix Media.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Windows\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdclt.exe
C:\Users\christel\Desktop\RSIT.exe
C:\Users\christel\Desktop\RSIT.exe
C:\Program Files\trend micro\christel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VMSnap5] C:\Windows\VMSnap5.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\Windows\vsnp325.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\christel\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [paejio] C:\Users\christel\paejio.exe
O4 - HKCU\..\Run: [BMIMZMHMFM] C:\Users\christel\AppData\Local\Temp\Phr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: BoontyBox NRJ.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: D-Jix Media.lnk = C:\Program Files\D-Jix\D-Jix Media\D-Jix Media.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9a96b6d67e510) (gupdate1c9a96b6d67e510) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by christel at 2010-01-28 21:22:35
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 37 GB (34%) free of 109 GB
Total RAM: 1013 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:22:52, on 28/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\VMSnap5.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\tsnp325.exe
C:\Windows\vsnp325.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\christel\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Users\christel\paejio.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\Program Files\D-Jix\D-Jix Media\D-Jix Media.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Windows\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdclt.exe
C:\Users\christel\Desktop\RSIT.exe
C:\Users\christel\Desktop\RSIT.exe
C:\Program Files\trend micro\christel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VMSnap5] C:\Windows\VMSnap5.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\Windows\vsnp325.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\christel\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [paejio] C:\Users\christel\paejio.exe
O4 - HKCU\..\Run: [BMIMZMHMFM] C:\Users\christel\AppData\Local\Temp\Phr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: BoontyBox NRJ.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: D-Jix Media.lnk = C:\Program Files\D-Jix\D-Jix Media\D-Jix Media.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9a96b6d67e510) (gupdate1c9a96b6d67e510) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Utilisateur anonyme
28 janv. 2010 à 21:32
28 janv. 2010 à 21:32
• Télécharge Ad-remover ( de C_XX ) sur ton bureau :
! Déconnecte toi et ferme toutes applications en cours (Navigateur compris) !
• Double clique sur Ad-remover.exe qui est sur ton bureau pour lancer l'outil .
• Au menu principal choisis l'option "S" et tape sur [entrée] .
• le scan démarre , laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin .
( Le rapport est sauvegardé aussi sous C:\Ad-report-SCAN.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus :
(AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Tuto : http://pagesperso-orange.fr/NosTools/tuto_ad_r2.html
! Déconnecte toi et ferme toutes applications en cours (Navigateur compris) !
• Double clique sur Ad-remover.exe qui est sur ton bureau pour lancer l'outil .
• Au menu principal choisis l'option "S" et tape sur [entrée] .
• le scan démarre , laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin .
( Le rapport est sauvegardé aussi sous C:\Ad-report-SCAN.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus :
(AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Tuto : http://pagesperso-orange.fr/NosTools/tuto_ad_r2.html
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
28 janv. 2010 à 22:46
28 janv. 2010 à 22:46
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 28.01.2010 à 18:26
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 21:52:55, 28/01/2010 | Mode Normal | Option: SCAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ HomeBasic Service Pack 2 v6.0.6001
Nom du PC: PC-DE-CHRISTEL | Utilisateur actuel: christel
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
C:\Users\christel\AppData\Roaming\Mozilla\FireFox\Profiles\ts52l1vh.default\searchplugins\ask.xml
C:\Windows\Installer\{59971D79-8111-42C2-9E40-883A0C277E78}
C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Users\christel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\Users\christel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\GamesBar
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Hotbar
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer
C:\Program Files\AskBarDis
C:\Program Files\GamesBar
C:\Program Files\Live-Player
C:\Program Files\SweetIM
C:\Users\christel\AppData\Roaming\live-player
C:\Users\christel\AppData\LocalLow\Hotbar
C:\Users\christel\AppData\LocalLow\SweetIM
C:\ProgramData\GamesBar
C:\ProgramData\SweetIM
C:\Windows\Installer\15a51114.msi
C:\Windows\Installer\15a5111a.msi
C:\Users\christel\Desktop\Mes raccourcis\Live-Player.lnk
C:\Users\christel\Desktop\Mes raccourcis\SweetImSetup.exe
C:\Users\christel\AppData\Local\dkpwywqdp_navtmp.dat
C:\Users\christel\AppData\Local\kiycmso.bat
.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\software\Hotbar
HKCU\software\GamesBar
HKCU\software\Live-Player
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\software\SweetIM
HKLM\software\AskBarDis
HKLM\software\classes\AskIBar.PopSwatterBarButton
HKLM\software\classes\AskIBar.PopSwatterBarButton.1
HKLM\software\classes\AskIBar.PopSwatterSettingsControl
HKLM\software\classes\AskIBar.PopSwatterSettingsControl.1
HKLM\software\classes\AskToolBar.SettingsPlugin
HKLM\software\classes\AskToolBar.SettingsPlugin.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SWEETIE.SWEETIE
HKLM\software\classes\SWEETIE.SWEETIE.3
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM\software\GamesBar
HKLM\software\GamesBarSetup
HKLM\software\Live-Player
HKLM\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\OBget.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
HKLM\software\microsoft\windows\currentversion\uninstall\GamesBar
HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
HKLM\software\SweetIM
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\appdatalow\AskBarDis
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\appdatalow\software\Hotbar
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\GamesBar
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\Live-Player
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\SweetIM
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 2.0.0.20 [fr] *
.
Nom du profil: ts52l1vh.default (christel)
.
(christel, prefs.js) Browser.download.lastDir, C:\Users\christel\Pictures
(christel, prefs.js) Browser.search.defaultenginename, Search the web
(christel, prefs.js) Browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
(christel, prefs.js) Browser.search.selectedEngine, Google
(christel, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(christel, prefs.js) Keyword.URL, hxxp://redirecterror.sfr.fr/?q=
.
(christel, prefs.js) TROUVE - CommunityToolbar.SearchFromAddressBarSavedUrl, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
(christel, prefs.js) TROUVE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1
(christel, prefs.js) TROUVE - Extensions.snipit.history_query, effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=hxxp://www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis
.
(christel, user.js) Keyword.URL, hxxp://redirecterror.sfr.fr/?q=
.
.
* Internet Explorer Version 7.0.6001.18000 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Enable Browser Extensions: yes
Start Page: hxxp://www.sfr.fr/kit/adsl/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://home.sweetim.com
Default_Page_URL: hxxp://fr.yahoo.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
518 Octet(s) - C:\Ad-Report-SCAN[1].log
15105 Octet(s) - C:\Ad-Report-SCAN[2].log
.
2180 Fichier(s) - C:\Users\christel\AppData\Local\Temp
54 Fichier(s) - C:\Windows\Temp
129 Fichier(s) - C:\Windows\Prefetch
.
4 Fichier(s) - C:\Ad-Remover\BACKUP
0 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 22:33:28 | 28/01/2010 - SCAN[2]
.
============== E.O.F ==============
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 28.01.2010 à 18:26
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 21:52:55, 28/01/2010 | Mode Normal | Option: SCAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ HomeBasic Service Pack 2 v6.0.6001
Nom du PC: PC-DE-CHRISTEL | Utilisateur actuel: christel
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
C:\Users\christel\AppData\Roaming\Mozilla\FireFox\Profiles\ts52l1vh.default\searchplugins\ask.xml
C:\Windows\Installer\{59971D79-8111-42C2-9E40-883A0C277E78}
C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Users\christel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\Users\christel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\GamesBar
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Hotbar
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer
C:\Program Files\AskBarDis
C:\Program Files\GamesBar
C:\Program Files\Live-Player
C:\Program Files\SweetIM
C:\Users\christel\AppData\Roaming\live-player
C:\Users\christel\AppData\LocalLow\Hotbar
C:\Users\christel\AppData\LocalLow\SweetIM
C:\ProgramData\GamesBar
C:\ProgramData\SweetIM
C:\Windows\Installer\15a51114.msi
C:\Windows\Installer\15a5111a.msi
C:\Users\christel\Desktop\Mes raccourcis\Live-Player.lnk
C:\Users\christel\Desktop\Mes raccourcis\SweetImSetup.exe
C:\Users\christel\AppData\Local\dkpwywqdp_navtmp.dat
C:\Users\christel\AppData\Local\kiycmso.bat
.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\software\Hotbar
HKCU\software\GamesBar
HKCU\software\Live-Player
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\software\SweetIM
HKLM\software\AskBarDis
HKLM\software\classes\AskIBar.PopSwatterBarButton
HKLM\software\classes\AskIBar.PopSwatterBarButton.1
HKLM\software\classes\AskIBar.PopSwatterSettingsControl
HKLM\software\classes\AskIBar.PopSwatterSettingsControl.1
HKLM\software\classes\AskToolBar.SettingsPlugin
HKLM\software\classes\AskToolBar.SettingsPlugin.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SWEETIE.SWEETIE
HKLM\software\classes\SWEETIE.SWEETIE.3
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM\software\GamesBar
HKLM\software\GamesBarSetup
HKLM\software\Live-Player
HKLM\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\OBget.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
HKLM\software\microsoft\windows\currentversion\uninstall\GamesBar
HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
HKLM\software\SweetIM
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\appdatalow\AskBarDis
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\appdatalow\software\Hotbar
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\GamesBar
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\Live-Player
HKU\s-1-5-21-3998010976-912583937-2554579818-1000\software\SweetIM
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 2.0.0.20 [fr] *
.
Nom du profil: ts52l1vh.default (christel)
.
(christel, prefs.js) Browser.download.lastDir, C:\Users\christel\Pictures
(christel, prefs.js) Browser.search.defaultenginename, Search the web
(christel, prefs.js) Browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
(christel, prefs.js) Browser.search.selectedEngine, Google
(christel, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(christel, prefs.js) Keyword.URL, hxxp://redirecterror.sfr.fr/?q=
.
(christel, prefs.js) TROUVE - CommunityToolbar.SearchFromAddressBarSavedUrl, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
(christel, prefs.js) TROUVE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1
(christel, prefs.js) TROUVE - Extensions.snipit.history_query, effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=hxxp://www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis
.
(christel, user.js) Keyword.URL, hxxp://redirecterror.sfr.fr/?q=
.
.
* Internet Explorer Version 7.0.6001.18000 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Enable Browser Extensions: yes
Start Page: hxxp://www.sfr.fr/kit/adsl/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://home.sweetim.com
Default_Page_URL: hxxp://fr.yahoo.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
518 Octet(s) - C:\Ad-Report-SCAN[1].log
15105 Octet(s) - C:\Ad-Report-SCAN[2].log
.
2180 Fichier(s) - C:\Users\christel\AppData\Local\Temp
54 Fichier(s) - C:\Windows\Temp
129 Fichier(s) - C:\Windows\Prefetch
.
4 Fichier(s) - C:\Ad-Remover\BACKUP
0 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 22:33:28 | 28/01/2010 - SCAN[2]
.
============== E.O.F ==============
.
Utilisateur anonyme
28 janv. 2010 à 22:53
28 janv. 2010 à 22:53
Re Christelle , relance ad remover et choisis l option L et post le rapport stp
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
29 janv. 2010 à 00:10
29 janv. 2010 à 00:10
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 28.01.2010 à 18:26
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 23:32:18, 28/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ HomeBasic Service Pack 2 v6.0.6001
Nom du PC: PC-DE-CHRISTEL | Utilisateur actuel: christel
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
C:\Users\christel\AppData\Roaming\Mozilla\FireFox\Profiles\ts52l1vh.default\searchplugins\ask.xml
C:\Windows\Installer\{59971D79-8111-42C2-9E40-883A0C277E78}
C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Users\christel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\Users\christel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\GamesBar
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Hotbar
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer
C:\Program Files\AskBarDis
C:\Program Files\GamesBar
C:\Program Files\Live-Player
C:\Program Files\SweetIM
C:\Users\christel\AppData\Roaming\live-player
C:\Users\christel\AppData\LocalLow\Hotbar
C:\Users\christel\AppData\LocalLow\SweetIM
C:\ProgramData\GamesBar
C:\ProgramData\SweetIM
C:\Windows\Installer\15a51114.msi
C:\Windows\Installer\15a5111a.msi
C:\Users\christel\Desktop\Mes raccourcis\Live-Player.lnk
C:\Users\christel\Desktop\Mes raccourcis\SweetImSetup.exe
C:\Users\christel\AppData\Local\dkpwywqdp_navtmp.dat
C:\Users\christel\AppData\Local\kiycmso.bat
(!) -- Fichiers temporaires supprimés.
.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\software\Hotbar
HKCU\software\GamesBar
HKCU\software\Live-Player
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\software\SweetIM
HKLM\software\AskBarDis
HKLM\software\classes\AskIBar.PopSwatterBarButton
HKLM\software\classes\AskIBar.PopSwatterBarButton.1
HKLM\software\classes\AskIBar.PopSwatterSettingsControl
HKLM\software\classes\AskIBar.PopSwatterSettingsControl.1
HKLM\software\classes\AskToolBar.SettingsPlugin
HKLM\software\classes\AskToolBar.SettingsPlugin.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SWEETIE.SWEETIE
HKLM\software\classes\SWEETIE.SWEETIE.3
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM\software\GamesBar
HKLM\software\GamesBarSetup
HKLM\software\Live-Player
HKLM\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\OBget.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
HKLM\software\microsoft\windows\currentversion\uninstall\GamesBar
HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
HKLM\software\SweetIM
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 2.0.0.20 [fr] *
.
Nom du profil: ts52l1vh.default (christel)
.
(christel, prefs.js) Browser.download.lastDir, C:\Users\christel\Pictures
(christel, prefs.js) Browser.search.defaultenginename, Search the web
(christel, prefs.js) Browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
(christel, prefs.js) Browser.search.selectedEngine, Google
(christel, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(christel, prefs.js) Keyword.URL, hxxp://redirecterror.sfr.fr/?q=
.
(christel, prefs.js) EFFACE - CommunityToolbar.SearchFromAddressBarSavedUrl, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
(christel, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1
(christel, prefs.js) EFFACE - Extensions.snipit.history_query, effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=hxxp://www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis
.
(christel, user.js) Keyword.URL, hxxp://redirecterror.sfr.fr/?q=
.
.
* Internet Explorer Version 7.0.6001.18000 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Start Page: hxxp://fr.msn.com/
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
523 Octet(s) - C:\Ad-Report-CLEAN[1].log
523 Octet(s) - C:\Ad-Report-CLEAN[2].log
14716 Octet(s) - C:\Ad-Report-CLEAN[3].log
518 Octet(s) - C:\Ad-Report-SCAN[1].log
15449 Octet(s) - C:\Ad-Report-SCAN[2].log
.
1981 Fichier(s) - C:\Users\christel\AppData\Local\Temp
49 Fichier(s) - C:\Windows\Temp
0 Fichier(s) - C:\Windows\Prefetch
.
25 Fichier(s) - C:\Ad-Remover\BACKUP
640 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 0:05:50 | 29/01/2010 - CLEAN[3]
.
============== E.O.F ==============
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 28.01.2010 à 18:26
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 23:32:18, 28/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ HomeBasic Service Pack 2 v6.0.6001
Nom du PC: PC-DE-CHRISTEL | Utilisateur actuel: christel
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
C:\Users\christel\AppData\Roaming\Mozilla\FireFox\Profiles\ts52l1vh.default\searchplugins\ask.xml
C:\Windows\Installer\{59971D79-8111-42C2-9E40-883A0C277E78}
C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Users\christel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\Users\christel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\GamesBar
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Hotbar
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer
C:\Program Files\AskBarDis
C:\Program Files\GamesBar
C:\Program Files\Live-Player
C:\Program Files\SweetIM
C:\Users\christel\AppData\Roaming\live-player
C:\Users\christel\AppData\LocalLow\Hotbar
C:\Users\christel\AppData\LocalLow\SweetIM
C:\ProgramData\GamesBar
C:\ProgramData\SweetIM
C:\Windows\Installer\15a51114.msi
C:\Windows\Installer\15a5111a.msi
C:\Users\christel\Desktop\Mes raccourcis\Live-Player.lnk
C:\Users\christel\Desktop\Mes raccourcis\SweetImSetup.exe
C:\Users\christel\AppData\Local\dkpwywqdp_navtmp.dat
C:\Users\christel\AppData\Local\kiycmso.bat
(!) -- Fichiers temporaires supprimés.
.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\software\Hotbar
HKCU\software\GamesBar
HKCU\software\Live-Player
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\software\SweetIM
HKLM\software\AskBarDis
HKLM\software\classes\AskIBar.PopSwatterBarButton
HKLM\software\classes\AskIBar.PopSwatterBarButton.1
HKLM\software\classes\AskIBar.PopSwatterSettingsControl
HKLM\software\classes\AskIBar.PopSwatterSettingsControl.1
HKLM\software\classes\AskToolBar.SettingsPlugin
HKLM\software\classes\AskToolBar.SettingsPlugin.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SWEETIE.SWEETIE
HKLM\software\classes\SWEETIE.SWEETIE.3
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM\software\GamesBar
HKLM\software\GamesBarSetup
HKLM\software\Live-Player
HKLM\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\OBget.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
HKLM\software\microsoft\windows\currentversion\uninstall\GamesBar
HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
HKLM\software\SweetIM
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 2.0.0.20 [fr] *
.
Nom du profil: ts52l1vh.default (christel)
.
(christel, prefs.js) Browser.download.lastDir, C:\Users\christel\Pictures
(christel, prefs.js) Browser.search.defaultenginename, Search the web
(christel, prefs.js) Browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
(christel, prefs.js) Browser.search.selectedEngine, Google
(christel, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(christel, prefs.js) Keyword.URL, hxxp://redirecterror.sfr.fr/?q=
.
(christel, prefs.js) EFFACE - CommunityToolbar.SearchFromAddressBarSavedUrl, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
(christel, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1
(christel, prefs.js) EFFACE - Extensions.snipit.history_query, effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=hxxp://www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis||effacer%20ask%20de%20la%20page%20d%20aceuil=ASKURL=//www.ask.com/web?q=effacer%20ask%20de%20la%20page%20d%20aceuil&qsrc=2871&o=101761&l=dis
.
(christel, user.js) Keyword.URL, hxxp://redirecterror.sfr.fr/?q=
.
.
* Internet Explorer Version 7.0.6001.18000 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Start Page: hxxp://fr.msn.com/
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
523 Octet(s) - C:\Ad-Report-CLEAN[1].log
523 Octet(s) - C:\Ad-Report-CLEAN[2].log
14716 Octet(s) - C:\Ad-Report-CLEAN[3].log
518 Octet(s) - C:\Ad-Report-SCAN[1].log
15449 Octet(s) - C:\Ad-Report-SCAN[2].log
.
1981 Fichier(s) - C:\Users\christel\AppData\Local\Temp
49 Fichier(s) - C:\Windows\Temp
0 Fichier(s) - C:\Windows\Prefetch
.
25 Fichier(s) - C:\Ad-Remover\BACKUP
640 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 0:05:50 | 29/01/2010 - CLEAN[3]
.
============== E.O.F ==============
.
Utilisateur anonyme
29 janv. 2010 à 00:13
29 janv. 2010 à 00:13
Re Elodie , bien joué ;)
Supprime usbfix.exe
ensuite :
Désactive l uac vista :
http://pagesperso-orange.fr/nostools/uac_vista.html et redémarre
######### ensuite :
• Télécharge UsbFix sur ton Bureau :
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir.
• Double clic sur UsbFix.exe présent sur ton bureau .
• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
• Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]
• Ton bureau disparaîtra et le pc redémarrera.
• Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
• Ensuite poste le rapport UsbFix.txt qui apparaîtra avec le bureau.
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Tuto : http://pagesperso-orange.fr/NosTools/tuto_usbfix3.html
• Home : http://pagesperso-orange.fr/NosTools/usbfix.html
Supprime usbfix.exe
ensuite :
Désactive l uac vista :
http://pagesperso-orange.fr/nostools/uac_vista.html et redémarre
######### ensuite :
• Télécharge UsbFix sur ton Bureau :
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir.
• Double clic sur UsbFix.exe présent sur ton bureau .
• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
• Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]
• Ton bureau disparaîtra et le pc redémarrera.
• Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
• Ensuite poste le rapport UsbFix.txt qui apparaîtra avec le bureau.
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Tuto : http://pagesperso-orange.fr/NosTools/tuto_usbfix3.html
• Home : http://pagesperso-orange.fr/NosTools/usbfix.html
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
29 janv. 2010 à 00:16
29 janv. 2010 à 00:16
Je comprend pas pourquoi je dois désinstaller UsbFix pour le réinstaller après ???
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
29 janv. 2010 à 00:41
29 janv. 2010 à 00:41
############################## | UsbFix V6.081 |
User : christel (Administrateurs) # PC-DE-CHRISTEL
Update on 28/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 00:24:11 | 29/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Genuine Intel(R) CPU T2060 @ 1.60GHz
Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 106,89 Go (36,16 Go free) # NTFS
D:\ -> Disque fixe local # 4,89 Go (4,1 Go free) [PRESARIO_RP] # NTFS
E:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Windows\System32\smss.exe 424
C:\Windows\system32\csrss.exe 512
C:\Windows\system32\wininit.exe 556
C:\Windows\system32\csrss.exe 564
C:\Windows\system32\services.exe 600
C:\Windows\system32\lsass.exe 612
C:\Windows\system32\lsm.exe 620
C:\Windows\system32\winlogon.exe 648
C:\Windows\system32\svchost.exe 808
C:\Windows\system32\svchost.exe 892
C:\Windows\System32\svchost.exe 932
C:\Windows\System32\svchost.exe 1024
C:\Windows\System32\svchost.exe 1100
C:\Windows\system32\svchost.exe 1132
C:\Windows\system32\SLsvc.exe 1256
C:\Windows\system32\svchost.exe 1296
C:\Windows\system32\svchost.exe 1444
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1604
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1628
C:\Windows\system32\Dwm.exe 1756
C:\Windows\Explorer.EXE 1764
C:\Windows\system32\runonce.exe 1820
C:\Windows\System32\spoolsv.exe 196
C:\Windows\system32\taskeng.exe 276
C:\Windows\system32\svchost.exe 444
C:\Windows\system32\taskeng.exe 824
C:\Users\christel\AppData\Local\Temp\Phr.exe 1428
C:\Windows\system32\svchost.exe 248
C:\Program Files\Google\Update\GoogleUpdate.exe 1816
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2084
C:\Windows\system32\svchost.exe 2224
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2288
C:\Windows\system32\svchost.exe 2340
C:\Windows\System32\svchost.exe 2384
C:\Windows\system32\SearchIndexer.exe 2456
C:\Windows\system32\DRIVERS\xaudio.exe 2516
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 2540
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2844
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2872
C:\Windows\System32\alg.exe 2956
C:\Windows\system32\wbem\wmiprvse.exe 3160
C:\Windows\system32\WerCon.exe 3328
################## | Elements infectieux |
Supprimé ! C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
Supprimé ! C:\Users\christel\AppData\Local\Temp\Phq.exe
Supprimé ! C:\Users\christel\AppData\Local\Temp\Phr.exe
Supprimé ! C:\Users\christel\AppData\Local\Temp\a.dat
Supprimé ! C:\Users\christel\AppData\Local\Temp\sshnas21.dll
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3998010976-912583937-2554579818-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-4193549221-1683869985-1229017860-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-3998010976-912583937-2554579818-1000
################## | Registre |
Supprimé ! [HKCU\SOFTWARE\BMIMZMHMFM]
Supprimé ! [HKCU\SOFTWARE\XML]
Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BMIMZMHMFM"
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{05b3a120-c8fe-11de-bab0-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{0ca05c08-5d35-11dc-bad8-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{0e183233-8337-11de-afcd-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{191cce40-c0b1-11de-8d54-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1de71cd7-c0c1-11de-b99f-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1de71ce9-c0c1-11de-b99f-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2de4f7a0-d4db-11de-986f-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2f3e5c91-25cc-11dc-92ad-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{31ef6ae8-ec7b-11de-af70-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{31ef6b13-ec7b-11de-af70-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3e4a5efa-c387-11de-a9bf-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3e4a5f00-c387-11de-a9bf-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{4b9719e1-a741-11de-b7e7-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{4b9719e6-a741-11de-b7e7-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5a93c4bd-92bb-11dc-a08b-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{84467817-6d39-11dd-9d0f-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{922452c9-cd4c-11de-8a22-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a6fd73c2-c985-11dd-8c75-c362ff84581b}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a799f613-f5ee-11de-ae8e-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{c29a9878-0a30-11dd-8bf7-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{c41d9a66-d718-11dd-bb88-c2db6323540f}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fd6da77b-ebc5-11de-b3f2-001636f11967}\Shell\Auto\Command
################## | Listing des fichiers présent |
[22/07/2009 07:05|--a------|7242] C:\0x040c.ini
[22/07/2009 07:06|--a------|37888] C:\1036.MST
[28/01/2010 23:24|--a------|523] C:\Ad-Report-CLEAN[1].log
[28/01/2010 23:26|--a------|523] C:\Ad-Report-CLEAN[2].log
[29/01/2010 00:05|--a------|15149] C:\Ad-Report-CLEAN[3].log
[28/01/2010 21:48|--a------|518] C:\Ad-Report-SCAN[1].log
[28/01/2010 22:33|--a------|15449] C:\Ad-Report-SCAN[2].log
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[02/12/2007 11:16|--a------|90] C:\bcmwl6.log
[19/01/2008 08:45|-rahs----|333203] C:\bootmgr
[18/09/2006 22:43|--a------|10] C:\config.sys
[?|?|?] C:\hiberfil.sys
[01/07/2007 17:07|-rahs----|0] C:\IO.SYS
[01/07/2007 17:07|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[11/08/2008 14:57|--a------|159] C:\Setup.log
[29/01/2010 00:34|--a------|6480] C:\UsbFix.txt
[11/10/2007 13:18|--a------|16777216] D:\Top Trumps - Dogs and Dinosaurs.nds
[11/10/2007 13:26|--a------|16777216] D:\Top Trumps - Horror and Predators.nds
[15/09/2008 19:22|--a------|16777216] D:\Touch Detective.nds
[18/05/2007 12:54|--a------|16777216] D:\Touch the Dead.nds
[14/11/2007 13:39|--a------|33554432] D:\Tous Ambidextres.nds
[27/04/2006 08:59|--a------|33554432] D:\Trauma Center - Under The Knife.nds
[05/06/2007 11:25|--a------|16777216] D:\Trioncube.nds
[13/11/2007 14:35|--a------|67108864] D:\Ultimate Mortal Kombat.nds
[29/05/2007 13:17|--a------|8388608] D:\Uno - Skip-Bo - Uno Free Fall.nds
[12/04/2007 07:34|--a------|8388608] D:\Uno 52.nds
[02/02/2007 15:02|--a------|16777216] D:\Vegas Casino High 5.nds
[03/03/2006 20:47|--a------|67108864] D:\Viewtiful Joe - Double Trouble.nds
[30/05/2007 18:21|--a------|67108864] D:\Wario - Master of Disguise.nds
[16/07/2007 13:32|--a------|33554432] D:\WarioWare - Touched!.nds
[29/03/2007 15:37|--a------|8388608] D:\Wiffle Ball.nds
[06/12/2006 08:36|--a------|16777216] D:\Winx Club - La Quˆte Du Codex.nds
[09/11/2007 22:37|--a------|29925716] D:\Worms - Open Warfare 2.nds
[22/03/2006 08:07|--a------|16777216] D:\Worms - Open Warfare.nds
[26/05/2006 12:07|--a------|67108864] D:\X-Men - The Official Game.nds
[16/07/2007 13:31|--a------|16777216] D:\Yoshi Touch & Go.nds
[29/11/2006 18:14|--a------|33554432] D:\Yoshi's Island DS.nds
[19/04/2007 07:44|--a------|16777216] D:\Zendoku.nds
[16/07/2007 13:43|--a------|8388608] D:\Zoo Keeper.nds
[06/11/2007 14:23|--a------|33554432] D:\Zo‚ Cr‚atrice De Mode.nds
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
User : christel (Administrateurs) # PC-DE-CHRISTEL
Update on 28/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 00:24:11 | 29/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Genuine Intel(R) CPU T2060 @ 1.60GHz
Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 106,89 Go (36,16 Go free) # NTFS
D:\ -> Disque fixe local # 4,89 Go (4,1 Go free) [PRESARIO_RP] # NTFS
E:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Windows\System32\smss.exe 424
C:\Windows\system32\csrss.exe 512
C:\Windows\system32\wininit.exe 556
C:\Windows\system32\csrss.exe 564
C:\Windows\system32\services.exe 600
C:\Windows\system32\lsass.exe 612
C:\Windows\system32\lsm.exe 620
C:\Windows\system32\winlogon.exe 648
C:\Windows\system32\svchost.exe 808
C:\Windows\system32\svchost.exe 892
C:\Windows\System32\svchost.exe 932
C:\Windows\System32\svchost.exe 1024
C:\Windows\System32\svchost.exe 1100
C:\Windows\system32\svchost.exe 1132
C:\Windows\system32\SLsvc.exe 1256
C:\Windows\system32\svchost.exe 1296
C:\Windows\system32\svchost.exe 1444
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1604
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1628
C:\Windows\system32\Dwm.exe 1756
C:\Windows\Explorer.EXE 1764
C:\Windows\system32\runonce.exe 1820
C:\Windows\System32\spoolsv.exe 196
C:\Windows\system32\taskeng.exe 276
C:\Windows\system32\svchost.exe 444
C:\Windows\system32\taskeng.exe 824
C:\Users\christel\AppData\Local\Temp\Phr.exe 1428
C:\Windows\system32\svchost.exe 248
C:\Program Files\Google\Update\GoogleUpdate.exe 1816
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2084
C:\Windows\system32\svchost.exe 2224
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2288
C:\Windows\system32\svchost.exe 2340
C:\Windows\System32\svchost.exe 2384
C:\Windows\system32\SearchIndexer.exe 2456
C:\Windows\system32\DRIVERS\xaudio.exe 2516
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 2540
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2844
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2872
C:\Windows\System32\alg.exe 2956
C:\Windows\system32\wbem\wmiprvse.exe 3160
C:\Windows\system32\WerCon.exe 3328
################## | Elements infectieux |
Supprimé ! C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
Supprimé ! C:\Users\christel\AppData\Local\Temp\Phq.exe
Supprimé ! C:\Users\christel\AppData\Local\Temp\Phr.exe
Supprimé ! C:\Users\christel\AppData\Local\Temp\a.dat
Supprimé ! C:\Users\christel\AppData\Local\Temp\sshnas21.dll
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3998010976-912583937-2554579818-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-4193549221-1683869985-1229017860-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-3998010976-912583937-2554579818-1000
################## | Registre |
Supprimé ! [HKCU\SOFTWARE\BMIMZMHMFM]
Supprimé ! [HKCU\SOFTWARE\XML]
Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BMIMZMHMFM"
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{05b3a120-c8fe-11de-bab0-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{0ca05c08-5d35-11dc-bad8-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{0e183233-8337-11de-afcd-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{191cce40-c0b1-11de-8d54-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1de71cd7-c0c1-11de-b99f-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1de71ce9-c0c1-11de-b99f-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2de4f7a0-d4db-11de-986f-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2f3e5c91-25cc-11dc-92ad-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{31ef6ae8-ec7b-11de-af70-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{31ef6b13-ec7b-11de-af70-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3e4a5efa-c387-11de-a9bf-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3e4a5f00-c387-11de-a9bf-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{4b9719e1-a741-11de-b7e7-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{4b9719e6-a741-11de-b7e7-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5a93c4bd-92bb-11dc-a08b-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{84467817-6d39-11dd-9d0f-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{922452c9-cd4c-11de-8a22-001636f11967}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a6fd73c2-c985-11dd-8c75-c362ff84581b}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a799f613-f5ee-11de-ae8e-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{c29a9878-0a30-11dd-8bf7-001636f11967}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{c41d9a66-d718-11dd-bb88-c2db6323540f}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fd6da77b-ebc5-11de-b3f2-001636f11967}\Shell\Auto\Command
################## | Listing des fichiers présent |
[22/07/2009 07:05|--a------|7242] C:\0x040c.ini
[22/07/2009 07:06|--a------|37888] C:\1036.MST
[28/01/2010 23:24|--a------|523] C:\Ad-Report-CLEAN[1].log
[28/01/2010 23:26|--a------|523] C:\Ad-Report-CLEAN[2].log
[29/01/2010 00:05|--a------|15149] C:\Ad-Report-CLEAN[3].log
[28/01/2010 21:48|--a------|518] C:\Ad-Report-SCAN[1].log
[28/01/2010 22:33|--a------|15449] C:\Ad-Report-SCAN[2].log
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[02/12/2007 11:16|--a------|90] C:\bcmwl6.log
[19/01/2008 08:45|-rahs----|333203] C:\bootmgr
[18/09/2006 22:43|--a------|10] C:\config.sys
[?|?|?] C:\hiberfil.sys
[01/07/2007 17:07|-rahs----|0] C:\IO.SYS
[01/07/2007 17:07|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[11/08/2008 14:57|--a------|159] C:\Setup.log
[29/01/2010 00:34|--a------|6480] C:\UsbFix.txt
[11/10/2007 13:18|--a------|16777216] D:\Top Trumps - Dogs and Dinosaurs.nds
[11/10/2007 13:26|--a------|16777216] D:\Top Trumps - Horror and Predators.nds
[15/09/2008 19:22|--a------|16777216] D:\Touch Detective.nds
[18/05/2007 12:54|--a------|16777216] D:\Touch the Dead.nds
[14/11/2007 13:39|--a------|33554432] D:\Tous Ambidextres.nds
[27/04/2006 08:59|--a------|33554432] D:\Trauma Center - Under The Knife.nds
[05/06/2007 11:25|--a------|16777216] D:\Trioncube.nds
[13/11/2007 14:35|--a------|67108864] D:\Ultimate Mortal Kombat.nds
[29/05/2007 13:17|--a------|8388608] D:\Uno - Skip-Bo - Uno Free Fall.nds
[12/04/2007 07:34|--a------|8388608] D:\Uno 52.nds
[02/02/2007 15:02|--a------|16777216] D:\Vegas Casino High 5.nds
[03/03/2006 20:47|--a------|67108864] D:\Viewtiful Joe - Double Trouble.nds
[30/05/2007 18:21|--a------|67108864] D:\Wario - Master of Disguise.nds
[16/07/2007 13:32|--a------|33554432] D:\WarioWare - Touched!.nds
[29/03/2007 15:37|--a------|8388608] D:\Wiffle Ball.nds
[06/12/2006 08:36|--a------|16777216] D:\Winx Club - La Quˆte Du Codex.nds
[09/11/2007 22:37|--a------|29925716] D:\Worms - Open Warfare 2.nds
[22/03/2006 08:07|--a------|16777216] D:\Worms - Open Warfare.nds
[26/05/2006 12:07|--a------|67108864] D:\X-Men - The Official Game.nds
[16/07/2007 13:31|--a------|16777216] D:\Yoshi Touch & Go.nds
[29/11/2006 18:14|--a------|33554432] D:\Yoshi's Island DS.nds
[19/04/2007 07:44|--a------|16777216] D:\Zendoku.nds
[16/07/2007 13:43|--a------|8388608] D:\Zoo Keeper.nds
[06/11/2007 14:23|--a------|33554432] D:\Zo‚ Cr‚atrice De Mode.nds
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
Utilisateur anonyme
29 janv. 2010 à 00:43
29 janv. 2010 à 00:43
Nickel Elodie ;)
Comment va le pc ... mieux ?
Refais un scan Rsit et post log.txt et on termine .
Comment va le pc ... mieux ?
Refais un scan Rsit et post log.txt et on termine .
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
29 janv. 2010 à 00:46
29 janv. 2010 à 00:46
Apparement ça à l'air d'aller, tout fonctionne correctement. Je fais le scan et je post le rapport tout de suite .
elodu21
Messages postés
45
Date d'inscription
jeudi 9 juillet 2009
Statut
Membre
Dernière intervention
14 septembre 2010
29 janv. 2010 à 00:47
29 janv. 2010 à 00:47
Logfile of random's system information tool 1.06 (written by random/random)
Run by christel at 2010-01-29 00:46:33
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 37 GB (34%) free of 109 GB
Total RAM: 1013 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:46:46, on 29/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Users\christel\AppData\Local\Temp\Phr.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\sdclt.exe
C:\Windows\explorer.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\Program Files\D-Jix\D-Jix Media\D-Jix Media.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\christel\Desktop\RSIT.exe
C:\Program Files\trend micro\christel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VMSnap5] C:\Windows\VMSnap5.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\Windows\vsnp325.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [paejio] C:\Users\christel\paejio.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: BoontyBox NRJ.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: D-Jix Media.lnk = C:\Program Files\D-Jix\D-Jix Media\D-Jix Media.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9a96b6d67e510) (gupdate1c9a96b6d67e510) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Run by christel at 2010-01-29 00:46:33
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 37 GB (34%) free of 109 GB
Total RAM: 1013 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:46:46, on 29/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Users\christel\AppData\Local\Temp\Phr.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\sdclt.exe
C:\Windows\explorer.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\Program Files\D-Jix\D-Jix Media\D-Jix Media.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\christel\Desktop\RSIT.exe
C:\Program Files\trend micro\christel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VMSnap5] C:\Windows\VMSnap5.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\Windows\vsnp325.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [paejio] C:\Users\christel\paejio.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: BoontyBox NRJ.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: D-Jix Media.lnk = C:\Program Files\D-Jix\D-Jix Media\D-Jix Media.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9a96b6d67e510) (gupdate1c9a96b6d67e510) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Utilisateur anonyme
29 janv. 2010 à 00:52
29 janv. 2010 à 00:52
Re ,
Une merdouille est passée au travers ...
#####
• Télécharge OTM (OldTimer) sur ton Bureau.
• Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
• Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:services
ZTEusbnmea
ZTEusbser6k
:files
C:\Users\christel\paejio.exe
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"paejio"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BEWINTERNET-FR-DMGP-V2SessionManager"=-
:commands
[purity]
[emptytemp]
[reboot]
• Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
• Clique maintenant sur le bouton MoveIt! puis ferme OTM.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
• Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
+ un nouveau rapport RSIT : log.txt stp .
Une merdouille est passée au travers ...
#####
• Télécharge OTM (OldTimer) sur ton Bureau.
• Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
• Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:services
ZTEusbnmea
ZTEusbser6k
:files
C:\Users\christel\paejio.exe
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"paejio"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BEWINTERNET-FR-DMGP-V2SessionManager"=-
:commands
[purity]
[emptytemp]
[reboot]
• Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
• Clique maintenant sur le bouton MoveIt! puis ferme OTM.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
• Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
+ un nouveau rapport RSIT : log.txt stp .
