Virus

Résolu
mamy1439 -  
 siladan -
Bonjour,
voila j'ai été sur un site je demandais un jeux mais ils m,on envoyer un

Erreur! Votre ordinateur a été piraté par le virus dangereux! Quelques résultats ont été changés par la publicité de pornographie, vos mots de passe et d'autres informations privées pas plus dans le coffre-fort! Vous devez pour nettoyer votre système immédiatement pour le prévenir. Téléchargez le plus nouveau logiciel antivirulent!
virus et voila ce que ca dit depuis j'ai fait un scan avec trend micro ,mais la mon ordi est tres lent

p/s je doit vous dire que j'ai 65 ans et pas tres rapide pour comprendre mais si vous etes patient et voulez m'aider
ca serais tres apprecier

merci mamy1439
Configuration: Windows XP
Internet Explorer 7.0

25 réponses

  • 1
  • 2
Résumé de la discussion

Question: Un avertissement de sécurité trompeur sur un ordinateur Windows XP signale un piratage et des résultats modifiés par une publicité pornographique, avec des menaces potentielles.
Plusieurs conseils proposent des solutions techniques simples adaptées à un utilisateur âgé, telles que CCleaner, ToolsCleaner et la gestion de la restauration système pour XP.
Des conseils supplémentaires préconisent d'examiner le rapport HijackThis et de désactiver temporairement puis réactiver la restauration système, afin de neutraliser les modifications et de vérifier l'absence de composants indésirables.
En cas de doute, privilégier des outils éprouvés et envisager une assistance adaptée à une personne âgée, car un nettoyage complet peut nécessiter plusieurs étapes et vérifications des rapports système.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    non mamie tu n as plus de "verus"

    fais ceci :

    -> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

    http://download.piriform.com/ccsetup210.exe

    https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

    -> Tuto : https://www.malekal.com/tutoriel-ccleaner/

    ensuite :

    * pour supprimer les outils/fix utilisés :

    Télécharge ToolsCleaner sur ton bureau.
    -->
    http://pc-system.fr/
    http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    et :

    Désactive et réactive ta restauration system :

    (1) Désactiver la Restauration du système

    cliques sur Démarrer
    Cliques droit sur Poste de travail
    cliques sur Propriétés
    Cliques sur l'onglet Restauration du système
    Coches Désactiver la Restauration du système sur tous les lecteurs
    Cliques sur Appliquer, Lorsque le message de confirmation apparaît,
    cliques sur Oui.
    Cliques sur OK.

    (2) Activer la Restauration du système

    cliques sur Démarrer
    Cliques droit sur Poste de travail
    cliques sur Propriétés
    Cliques sur l'onglet Restauration du système
    Décoches Désactiver la Restauration du système sur tous les lecteurs
    Cliques sur Appliquer, Lorsque le message de confirmation apparaît,
    cliques sur Oui.
    Cliques sur OK.

    Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924

    1
  2. Utilisateur anonyme
     
    Salut,

    commencer par ceci:

    télécharge hijackthis
    -> enregistre la cible sous .... "le bureau"

    -> Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

    -> Clique sur Install ensuite sur "I Accept"

    -> Clique sur" Do a scan system and save log file"

    -> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

    ->Tuto hijackthis
    0
    1. mamy1439
       
      bonjour
      je vous ai envoyer le coller mais je ne savai pas que je devais ecrire votre nom
      excuser moi merci


      mamy1439
      0
  3. Utilisateur anonyme
     
    Bonsoir mamie , bienvenue sur comment ça marche

    Fais un clic droit sur ce lien : (IL-MAFIOSO)
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le blocnote.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

    Tuto: http://www.malekal.com/Adware.Magic_Control.php
    0
    1. mamy1439
       
      re- bonjour
      voila j'ai fait tous mais voila maintenant je ne peut plus imprimer les écrits que vous me donnez et la page gel encore..merci croyer vous que j ai encore le virus


      merci mamy1430
      0
  4. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    faire un rapport avec hijackthis, faire un double-clic sur HJTInstall.exe afin de lancer l'installation ,cliquez sur Install ensuite sur I Accept, ensuite Cliquez sur Do a scan system and save log file.Le bloc-notes s'ouvrira, faire un copier-coller de tout son contenu et postez le ici pour que l'on puisse l'analyser,voici le tuto hijackthis, puis téléchargez malwarebyte-s-anti-malware, faite un scan complet puis à la fin afficher rapport, faire un copier coller du contenu et postez le ici, voici le tuto malwarebyte-s-anti-malware.
    0
    1. siladan
       
      salu

      finalement je crois ke je v reformaté mon pc pour etre du nettoyage mé sa membete car j perdrer tous les programme ke g instalé:(
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    RE ,

    Vous laisse finir .

    Bonne soirée à vous.

    @+
    0
  7. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    désolé j'avais pas vu que vous aviez déjà répondu.
    0
  8. Utilisateur anonyme
     
    on te laisse la suite

    @++
    0
    1. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
       
      pourquoi. vous étiez là avant moi.
      0
  9. mamy1439
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:51:05, on 2008-11-07
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    D:\flippen25\FlippenMenusv5.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
    R3 - URLSearchHook: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
    O2 - BHO: Mirar - {E7D269BF-A79A-47A5-A932-03D3FB44981E} - C:\WINDOWS\system32\wingc75.dll (file missing)
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: Mirar - {E7D269BE-A79A-47A5-A932-03D3FB44981E} - C:\WINDOWS\system32\wingc75.dll (file missing)
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
    O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: FlippenMenu.lnk = D:\flippen25\FlippenMenusv5.exe
    O8 - Extra context menu item: &Search - ?p=ZRxdm103YYCA
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\impot\New Folder\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\impot\New Folder\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted IP range: http://8.5.0.53
    O15 - Trusted IP range: http://8.5.0.58
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} - http://hoylegames.sierra.com/cab/WONWebLauncherControl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    0
  10. Utilisateur anonyme
     
    re mamie je prend le topic

    fais ceci :

    Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :

    /!\ Déconnectes toi et fermes toutes applications en cours

    ● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
    ● Double clique sur l'icône Ad-removersituée sur ton bureau
    ● Au menu principal choisi l'option "A"
    ● Postes le rapport qui apparait à la fin .

    ( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :

    "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    0
    1. mamy1439
       
      F --------- Logfile of AD-Remover 1.0.2.9 by C_XX ---------

      START at: 14:24:18 | 2008-11-07
      ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
      OPTION: Scan
      EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
      USER: cyr | PC: GISELE
      BOOT MODE: Normal
      DRIVE(S): A:\ (Systemdrive= C:\)

      --------- [ PROCESSES ] ---------

      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\WINDOWS\system32\ctfmon.exe
      D:\flippen25\FlippenMenusv5.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      C:\Program Files\Grisoft\AVG7\avgcc.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\WINDOWS\system32\cmd.exe
      C:\WINDOWS\System32\WScript.exe

      ---------------------------- [ 24 ]


      +---------------------------------------------------------------------------+
      +------------------------------- SERVICES FOUND
      +---------------------------------------------------------------------------+

      Found ! - "Boonty Games"

      +---------------------------------------------------------------------------+
      +------------------------------- REGISTRY ELEMENTS FOUND
      +---------------------------------------------------------------------------+

      "HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"
      "HKEY_LOCAL_MACHINE\Software\Boonty"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
      "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
      "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
      "HKEY_CURRENT_USER\Software\SweetIM"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
      "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
      "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
      "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
      "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
      "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
      "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
      "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
      "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
      "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
      "HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
      "HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
      "HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}"
      "HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
      "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"

      +---------------------------------------------------------------------------+
      +------------------------------- FILES\FOLDERS FOUND
      +---------------------------------------------------------------------------+

      [2008-05-06 13:50|d--------] C:\Program Files\SweetIM
      [2008-10-31 21:22|d--------] C:\Program Files\Boonty
      [2008-10-31 21:23|d--------] C:\Program Files\BoontyGames
      [2008-03-05 09:31|d--------] C:\Program Files\FunWebProducts
      [2008-03-04 13:17|d--------] C:\Program Files\MyWebSearch
      [2008-10-31 21:24|d--------] C:\Program Files\Fichiers communs\BOONTY Shared
      [2008-05-06 13:50|d--------] C:\Documents and Settings\All Users\Application Data\SweetIM
      [2008-10-31 21:24|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY

      +---------- Temp files found.. ( Elements found aren't necessarily harmful )

      [2008-11-06 19:20|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\.zylomisrtemp1226017224
      [2008-11-07 13:32|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\08HKZN5C.htm
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\18MY4D97.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\1IE151ON.htm
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\49CJ9NQA.htm
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\4WSPAGMZ.emf
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\6H253OAF.htm
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\8ANBCB24.htm
      [2008-11-07 13:38|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\avg7inst.log
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\B7204VJZ.htm
      [2008-11-07 13:32|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\B7VQ9RM9.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\BCS94VO4.emf
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\CA75O7LX.htm
      [2008-11-07 13:32|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\CPJZTR1Z.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\EGRFP2SE.htm
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\EJVQOCNY.htm
      [2008-11-07 13:32|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\EUB3GDEH.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\FU1JCJHH.emf
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\FW3RI09K.htm
      [2008-11-05 23:20|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\Google Toolbar
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\H8LTG9VN.htm
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\HEEGLFHR.htm
      [2008-11-06 14:35|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\hsperfdata_cyr
      [2008-11-06 00:56|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\IMT4.xml
      [2008-11-06 00:56|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\IMT5.xml
      [2008-11-06 00:56|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\IMT6.xml
      [2008-11-06 01:08|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\iWinArcadeAutocleanup.bat
      [2008-11-06 11:50|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\java_install_reg.log
      [2008-11-06 15:55|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\jusched.log
      [2008-11-07 08:15|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\MessengerCache
      [2008-11-07 13:07|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\msohtmlclip
      [2008-11-07 13:37|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\msohtmlclip1
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\NE2XCOCU.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\O6BV9U7R.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\P0FUICPH.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\P20PD158.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\P69YBSU5.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\QE5GRN4G.htm
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\QF13DHVE.htm
      [2008-11-07 13:38|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\RarSFX0
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\RH32N7PX.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\TD19PPNM.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\TS4DBUI5.emf
      [2008-11-06 15:55|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\TWAIN.LOG
      [2008-11-06 15:55|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\Twain001.Mtx
      [2008-11-06 15:55|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\Twunk001.MTX
      [2008-11-06 15:51|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\Twunk002.MTX
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\UW0MCFL5.htm
      [2008-11-06 13:17|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\V1DOFHa03228
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\V5GA49T1.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\VKX81X7Y.htm
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\W3K8S9K8.htm
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\WOLG9OY5.htm
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\WSGVNY8X.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\XAAAWUSW.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\YY6HAH87.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\ZVBPA65V.htm
      [2008-11-06 15:40|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\_avast4_
      [2008-11-06 15:58|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF13B2.tmp
      [2008-11-06 16:07|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF1990.tmp
      [2008-11-06 16:25|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF2B91.tmp
      [2008-11-06 16:01|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF32C6.tmp
      [2008-11-06 15:50|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF6B88.tmp
      [2008-11-07 13:30|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DFC6B.tmp
      [2008-11-06 11:38|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DFC985.tmp
      [2008-11-06 02:59|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~nsu.tmp
      [2008-10-16 19:35|--a------] C:\WINDOWS\temp\avg8info.id
      [2008-02-28 21:01|d--------] C:\WINDOWS\temp\Google Toolbar
      [2008-11-07 01:49|--a------] C:\WINDOWS\temp\MpCmdRun.log
      [2008-11-06 12:45|--a------] C:\WINDOWS\temp\MpSigStub.log
      [2008-09-11 01:49|d--------] C:\WINDOWS\temp\ONEBA.tmp
      [2008-11-05 23:13|--a----t-] C:\WINDOWS\temp\Perflib_Perfdata_3b0.dat
      [2008-09-14 21:44|--a----t-] C:\WINDOWS\temp\Perflib_Perfdata_550.dat
      [2008-11-07 13:30|--a----t-] C:\WINDOWS\temp\Perflib_Perfdata_6a0.dat
      [2008-11-06 11:34|--a----t-] C:\WINDOWS\temp\Perflib_Perfdata_6b0.dat
      [2008-11-07 13:30|--a------] C:\WINDOWS\temp\WGAErrLog.txt
      [2008-11-04 06:10|--a------] C:\WINDOWS\temp\WGANotify.settings
      [2008-09-11 01:49|d--------] C:\WINDOWS\temp\WLTB Custom Button Feeds
      [2008-11-07 13:37|d--------] C:\WINDOWS\temp\_avast4_
      [2008-09-11 01:49|d--------] C:\WINDOWS\temp\_ISTMP0.DIR
      [2008-02-28 21:47|d--------] C:\WINDOWS\temp\~nsu.tmp

      +---------- Added scan ...

      +-----[HKLM\...\Run]

      avast! REG_SZ "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
      MSConfig REG_SZ C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
      AVG7_CC REG_SZ C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
      QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime

      +-----[HKCU\...\Run]

      ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
      AVG7_Run REG_SZ C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE

      +-----[HKLM\...\Internet Explorer\MAIN]

      Start Page : hxxp://home.sweetim.com

      +-----[HKCU\...\Internet Explorer\MAIN]

      Start Page : hxxp://sympatico.msn.ca/defaultf.aspx

      +---------------------------------------------------------------------------+
      +------------------------------- [ EOF - 242 lines ]
      +---------------------------------------------------------------------------+

      [ END at: 14:24:56 | 2008-11-07 ] - [ Time elapsed: 37.6 seconds ]
      0
  11. Utilisateur anonyme
     
    ! Déconnectes toi et fermes toutes applications en cours !

    * Relances "Ad-remover" : au menu principal choisi l'option "B" .

    --> le programme va travailler ...

    * Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    /!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\

    0
  12. Utilisateur anonyme
     
    re mamie

    tu as le rapport ption B de ad remover ??
    0
    1. mamy1439
       
      F --------- Logfile of AD-Remover 1.0.2.9 by C_XX ---------

      START at: 14:41:29 | 2008-11-07
      ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
      OPTION: Clean
      EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
      USER: cyr | PC: GISELE
      BOOT MODE: Normal
      DRIVE(S): A:\ (Systemdrive= C:\)


      --------- [ PROCESSES ] ---------

      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
      C:\WINDOWS\system32\ctfmon.exe
      D:\flippen25\FlippenMenusv5.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      C:\WINDOWS\system32\cmd.exe
      C:\WINDOWS\System32\WScript.exe

      ---------------------------- [ 20 ]


      +---------------------------------------------------------------------------+
      +------------------------------- SERVICES DELETED
      +---------------------------------------------------------------------------+

      Deleted successfully ! - "Boonty Games"

      +---------------------------------------------------------------------------+
      +------------------------------- REGISTRY ELEMENTS DELETED
      +---------------------------------------------------------------------------+

      "HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"
      "HKEY_LOCAL_MACHINE\Software\Boonty"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
      "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
      "HKEY_CURRENT_USER\Software\SweetIM"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search"
      "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
      "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
      "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
      "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
      "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
      "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
      "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
      "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
      "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
      "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
      "HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
      "HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
      "HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}"
      "HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
      "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
      "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"

      +---------------------------------------------------------------------------+
      +------------------------------- FILES\FOLDERS DELETED
      +---------------------------------------------------------------------------+

      [2008-05-06 13:50|d--------] C:\Program Files\SweetIM
      [2008-10-31 21:22|d--------] C:\Program Files\Boonty
      [2008-10-31 21:23|d--------] C:\Program Files\BoontyGames
      [2008-03-05 09:31|d--------] C:\Program Files\FunWebProducts
      [2008-03-04 13:17|d--------] C:\Program Files\MyWebSearch
      [2008-10-31 21:24|d--------] C:\Program Files\Fichiers communs\BOONTY Shared
      [2008-05-06 13:50|d--------] C:\Documents and Settings\All Users\Application Data\SweetIM
      [2008-10-31 21:24|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY

      +---------- Temp files deleted.. ( Elements deleted was not necessarily harmful )

      (!) ---- Recycle bin emptyed in all drives.

      [2008-11-06 19:20|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\.zylomisrtemp1226017224
      [2008-11-07 13:32|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\08HKZN5C.htm
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\18MY4D97.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\1IE151ON.htm
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\49CJ9NQA.htm
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\4WSPAGMZ.emf
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\6H253OAF.htm
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\8ANBCB24.htm
      [2008-11-07 13:38|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\avg7inst.log
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\B7204VJZ.htm
      [2008-11-07 13:32|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\B7VQ9RM9.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\BCS94VO4.emf
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\CA75O7LX.htm
      [2008-11-07 13:32|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\CPJZTR1Z.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\EGRFP2SE.htm
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\EJVQOCNY.htm
      [2008-11-07 13:32|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\EUB3GDEH.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\FU1JCJHH.emf
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\FW3RI09K.htm
      [2008-11-05 23:20|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\Google Toolbar
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\H8LTG9VN.htm
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\HEEGLFHR.htm
      [2008-11-06 14:35|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\hsperfdata_cyr
      [2008-11-06 00:56|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\IMT4.xml
      [2008-11-06 00:56|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\IMT5.xml
      [2008-11-06 00:56|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\IMT6.xml
      [2008-11-06 01:08|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\iWinArcadeAutocleanup.bat
      [2008-11-06 11:50|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\java_install_reg.log
      [2008-11-06 15:55|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\jusched.log
      [2008-11-07 08:15|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\MessengerCache
      [2008-11-07 13:07|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\msohtmlclip
      [2008-11-07 13:37|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\msohtmlclip1
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\NE2XCOCU.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\O6BV9U7R.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\P0FUICPH.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\P20PD158.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\P69YBSU5.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\QE5GRN4G.htm
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\QF13DHVE.htm
      [2008-11-07 13:38|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\RarSFX0
      [2008-11-07 13:22|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\RH32N7PX.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\TD19PPNM.htm
      [2008-11-07 13:18|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\TS4DBUI5.emf
      [2008-11-06 15:55|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\TWAIN.LOG
      [2008-11-06 15:55|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\Twain001.Mtx
      [2008-11-06 15:55|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\Twunk001.MTX
      [2008-11-06 15:51|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\Twunk002.MTX
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\UW0MCFL5.htm
      [2008-11-06 13:17|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\V1DOFHa03228
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\V5GA49T1.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\VKX81X7Y.htm
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\W3K8S9K8.htm
      [2008-11-07 14:06|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\WOLG9OY5.htm
      [2008-11-07 13:23|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\WSGVNY8X.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\XAAAWUSW.htm
      [2008-11-07 13:42|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\YY6HAH87.htm
      [2008-11-07 13:24|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\ZVBPA65V.htm
      [2008-11-06 15:40|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\_avast4_
      [2008-11-06 15:58|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF13B2.tmp
      [2008-11-06 16:07|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF1990.tmp
      [2008-11-06 16:25|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF2B91.tmp
      [2008-11-06 16:01|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF32C6.tmp
      [2008-11-06 15:50|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DF6B88.tmp
      /!\ - [2008-11-07 14:33|---------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DFBA11.tmp
      [2008-11-07 13:30|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DFC6B.tmp
      [2008-11-06 11:38|--a------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~DFC985.tmp
      [2008-11-06 02:59|d--------] C:\DOCUME~1\cyr\LOCALS~1\Temp\~nsu.tmp
      [2008-10-16 19:35|--a------] C:\WINDOWS\temp\avg8info.id
      [2008-02-28 21:01|d--------] C:\WINDOWS\temp\Google Toolbar
      [2008-11-07 01:49|--a------] C:\WINDOWS\temp\MpCmdRun.log
      [2008-11-06 12:45|--a------] C:\WINDOWS\temp\MpSigStub.log
      [2008-09-11 01:49|d--------] C:\WINDOWS\temp\ONEBA.tmp
      [2008-11-05 23:13|--a----t-] C:\WINDOWS\temp\Perflib_Perfdata_3b0.dat
      [2008-09-14 21:44|--a----t-] C:\WINDOWS\temp\Perflib_Perfdata_550.dat
      /!\ - [2008-11-07 14:32|-------t-] C:\WINDOWS\temp\Perflib_Perfdata_608.dat
      [2008-11-06 11:34|--a----t-] C:\WINDOWS\temp\Perflib_Perfdata_6b0.dat
      [2008-11-07 14:32|--a------] C:\WINDOWS\temp\WGAErrLog.txt
      [2008-11-04 06:10|--a------] C:\WINDOWS\temp\WGANotify.settings
      [2008-09-11 01:49|d--------] C:\WINDOWS\temp\WLTB Custom Button Feeds
      [2008-11-07 14:34|d--------] C:\WINDOWS\temp\_avast4_
      [2008-09-11 01:49|d--------] C:\WINDOWS\temp\_ISTMP0.DIR
      [2008-02-28 21:47|d--------] C:\WINDOWS\temp\~nsu.tmp

      +---------- Added scan ...

      +-----[HKLM\...\Run]

      avast! REG_SZ "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
      MSConfig REG_SZ C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
      AVG7_CC REG_SZ C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

      +-----[HKCU\...\Run]

      ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

      +-----[HKLM\...\Internet Explorer\MAIN]

      Start Page : hxxp://fr.msn.com/

      +-----[HKCU\...\Internet Explorer\MAIN]

      Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome


      +---------------------------------------------------------------------------+
      +------------------------------- [ EOF - 238 lines ]
      +---------------------------------------------------------------------------+

      [ END at: 14:46:06 | 2008-11-07 ] - [ Time elapsed: 4 minutes, 37 seconds ]
      0
  13. Utilisateur anonyme
     
    Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    * Lance l'installation du programme en exécutant le fichier téléchargé.
    * Double-clique maintenant sur le raccourci de Toolbar-S&D.
    * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
    * Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
    * Poste le rapport généré. (C:\TB.txt)
    0
    1. mamy1439
       
      -----------\\ ToolBar S&D 1.1.9 XP/Vista

      Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
      BIOS : BIOS Date: 01/26/05 17:26:53 Ver: 08.00.09
      USER : cyr ( Administrator )
      BOOT : Normal boot
      Antivirus : avast! antivirus 4.8.1229 [VPS 081107-0] 4.8.1229 (Not Activated)

      "C:\ToolBar SD" ( MAJ : 13-09-2008|02:54 )
      Option : [1] ( 2008-11-07|15:24 )

      -----------\\ Recherche de Fichiers / Dossiers ...

      C:\Program Files\FBrowserAdvisor
      C:\Program Files\FBrowsingAdvisor
      C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
      C:\Program Files\FBrowsingAdvisor\Logo.png
      C:\Program Files\FBrowsingAdvisor\main.db
      C:\Program Files\FBrowsingAdvisor\unins000.dat
      C:\Program Files\FBrowsingAdvisor\unins000.exe
      C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
      C:\Program Files\GamesBar
      C:\Program Files\GamesBar\Localization-French.ini
      C:\Program Files\GamesBar\oberontb.dll
      C:\Program Files\MySearch
      C:\Program Files\MySearch\bar

      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Start Page"="https://www.msn.com/fr-fr"


      --------------------\\ Recherche d'autres infections

      --------------------\\ ROGUES ..

      C:\DOCUME~1\cyr\MENUDM~1\PROGRA~1\WinDefender 2009.lnk
      C:\PROGRA~1\WinDefender

      --------------------\\ Cracks & Keygens ..

      C:\DOCUME~1\cyr\Mes documents\Universal crack
      C:\DOCUME~1\cyr\Mes documents\Universal crack\FFF-ReflexV2.exe



      1 - "C:\ToolBar SD\TB_1.txt" - 2008-09-13|23:30 - Option : [1]
      2 - "C:\ToolBar SD\TB_2.txt" - 2008-11-07|15:25 - Option : [1]

      -----------\\ Fin du rapport a 15:25:02,68
      0
    2. mamy1439
       
      voila es ce que sait ce que vous voulez


      merci mamy1439
      0
  14. Utilisateur anonyme
     
    parfait maie tu t en sors bien si je peux dire tu

    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    ! Ne ferme pas la fenêtre lors de la suppression !
    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.
    0
    1. mamy1439
       
      re bonjour en passant merci pour ta patience un gros merci et oui on peut se dire tu
      merci encore car la je fait des choses qui sont du chinoi pour moi
      merci

      -----------\\ ToolBar S&D 1.1.9 XP/Vista

      Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
      BIOS : BIOS Date: 01/26/05 17:26:53 Ver: 08.00.09
      USER : cyr ( Administrator )
      BOOT : Normal boot
      Antivirus : avast! antivirus 4.8.1229 [VPS 081107-0] 4.8.1229 (Activated)

      "C:\ToolBar SD" ( MAJ : 13-09-2008|02:54 )
      Option : [2] ( 2008-11-07|15:48 )

      -----------\\ SUPPRESSION

      Supprime! - C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
      Supprime! - C:\Program Files\FBrowsingAdvisor\Logo.png
      Supprime! - C:\Program Files\FBrowsingAdvisor\main.db
      Supprime! - C:\Program Files\FBrowsingAdvisor\unins000.dat
      Supprime! - C:\Program Files\FBrowsingAdvisor\unins000.exe
      Supprime! - C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
      Supprime! - C:\Program Files\GamesBar\Localization-French.ini
      Supprime! - C:\Program Files\GamesBar\oberontb.dll
      Supprime! - C:\Program Files\MySearch\bar
      Supprime! - C:\Program Files\FBrowserAdvisor
      Supprime! - C:\Program Files\FBrowsingAdvisor
      Supprime! - C:\Program Files\GamesBar
      Supprime! - C:\Program Files\MySearch

      -----------\\ Recherche de Fichiers / Dossiers ...


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
      "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      "Start Page"="https://www.msn.com/fr-fr/"


      --------------------\\ Recherche d'autres infections

      --------------------\\ ROGUES ..

      C:\DOCUME~1\cyr\MENUDM~1\PROGRA~1\WinDefender 2009.lnk
      C:\PROGRA~1\WinDefender

      --------------------\\ Cracks & Keygens ..

      C:\DOCUME~1\cyr\Mes documents\Universal crack
      C:\DOCUME~1\cyr\Mes documents\Universal crack\FFF-ReflexV2.exe



      1 - "C:\ToolBar SD\TB_1.txt" - 2008-09-13|23:30 - Option : [1]
      2 - "C:\ToolBar SD\TB_2.txt" - 2008-11-07|15:25 - Option : [1]
      3 - "C:\ToolBar SD\TB_3.txt" - 2008-11-07|15:49 - Option : [2]

      -----------\\ Fin du rapport a 15:49:28,42
      0
  15. Utilisateur anonyme
     
    t inkiete pas mamie on avance tres bien dans le nettoyage de ton pc

    il te reste un rogue >> un faux logiciel de securité

    Telecharge malwarebytes

    Tu l´instale; le programme va se mettre automatiquement a jour.

    Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

    Puis click sur "rechercher".

    Laisse le scanner le pc...

    Si des elements on ete trouvés > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "yes".

    A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
    Copie et colle le rapport stp.

    PS : les rapport sont aussi rangé dans l onglet rapport/log
    0
    1. mamy1439
       
      re bonjour désolé que se soit été si long je ne savait pas qu'il y avais tant de programe sur cette ordi

      merci
      mamy1439

      Malwarebytes' Anti-Malware 1.30
      Version de la base de données: 1373
      Windows 5.1.2600 Service Pack 3

      2008-11-07 17:19:10
      mbam-log-2008-11-07 (17-19-10).txt

      Type de recherche: Examen complet (C:\|D:\|)
      Eléments examinés: 137077
      Temps écoulé: 1 hour(s), 3 minute(s), 46 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 27
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 1
      Fichier(s) infecté(s): 18

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_CLASSES_ROOT\anoniso (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\jurtob.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{37029de8-6378-45e3-ae58-d2c4a416aeb0} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{d4480bb2-36cd-497b-83ff-15350ea6c122} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{dee7b1f7-a014-477c-b0c5-23a51aa81db5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{10026069-7a5f-4531-811e-c8df20643bee} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{dee7b1f7-a014-477c-b0c5-23a51aa81db5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\windefender 2009 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\WinDefender2009 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7d269bf-a79a-47a5-a932-03d3fb44981e} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{e7d269bf-a79a-47a5-a932-03d3fb44981e} (Adware.BHO) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      C:\Program Files\WinDefender (Rogue.WinDefender) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{836F75E7-DF42-48D7-ABE0-CDF5CDE2422E}\RP349\A0036371.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{836F75E7-DF42-48D7-ABE0-CDF5CDE2422E}\RP350\A0036395.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{836F75E7-DF42-48D7-ABE0-CDF5CDE2422E}\RP353\A0036725.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\ToolBar SD\Backup-TB\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s1 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s2 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s3 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s4 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s5 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s6 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\c.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\m.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\p.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\s.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\k.txt (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Documents and Settings\cyr\Favoris\SMS TRAP.url (Rogue.Link) -> Quarantined and deleted successfully.
      C:\Documents and Settings\cyr\Menu Démarrer\SMS TRAP.url (Rogue.Link) -> Quarantined and deleted successfully.
      Malwarebytes' Anti-Malware 1.30
      Version de la base de données: 1373
      Windows 5.1.2600 Service Pack 3

      2008-11-07 17:19:10
      mbam-log-2008-11-07 (17-19-10).txt

      Type de recherche: Examen complet (C:\|D:\|)
      Eléments examinés: 137077
      Temps écoulé: 1 hour(s), 3 minute(s), 46 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 27
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 1
      Fichier(s) infecté(s): 18

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_CLASSES_ROOT\anoniso (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\jurtob.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{37029de8-6378-45e3-ae58-d2c4a416aeb0} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{d4480bb2-36cd-497b-83ff-15350ea6c122} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{dee7b1f7-a014-477c-b0c5-23a51aa81db5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{10026069-7a5f-4531-811e-c8df20643bee} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{dee7b1f7-a014-477c-b0c5-23a51aa81db5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\windefender 2009 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\WinDefender2009 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7d269bf-a79a-47a5-a932-03d3fb44981e} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{e7d269bf-a79a-47a5-a932-03d3fb44981e} (Adware.BHO) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      C:\Program Files\WinDefender (Rogue.WinDefender) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{836F75E7-DF42-48D7-ABE0-CDF5CDE2422E}\RP349\A0036371.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{836F75E7-DF42-48D7-ABE0-CDF5CDE2422E}\RP350\A0036395.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{836F75E7-DF42-48D7-ABE0-CDF5CDE2422E}\RP353\A0036725.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\ToolBar SD\Backup-TB\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s1 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s2 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s3 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s4 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s5 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\Program Files\WinDefender\WinDefender.s6 (Rogue.WinDefender) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\c.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\m.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\p.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\s.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\k.txt (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Documents and Settings\cyr\Favoris\SMS TRAP.url (Rogue.Link) -> Quarantined and deleted successfully.
      C:\Documents and Settings\cyr\Menu Démarrer\SMS TRAP.url (Rogue.Link) -> Quarantined and deleted successfully.
      0
  16. Utilisateur anonyme
     
    re mamie

    réouvre malewarebyte
    va sur quarantaine
    supprime tout

    ensuite refais un scan hijackthis et post le rapport stp et dis moi comment va le pc aussi
    0
    1. mamy1439
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 17:35:33, on 2008-11-07
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16735)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      R3 - URLSearchHook: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
      O3 - Toolbar: Mirar - {E7D269BE-A79A-47A5-A932-03D3FB44981E} - C:\WINDOWS\system32\wingc75.dll (file missing)
      O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
      O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\impot\New Folder\PartyPoker\RunApp.exe (file missing)
      O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\impot\New Folder\PartyPoker\RunApp.exe (file missing)
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O15 - Trusted IP range: http://8.5.0.53
      O15 - Trusted IP range: http://8.5.0.58
      O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
      O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
      O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} - http://hoylegames.sierra.com/cab/WONWebLauncherControl.cab
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
      0
  17. Utilisateur anonyme
     
    réouve hijackthis
    fais scan only
    coches ces lignes :

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\impot\New Folder\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\impot\New Folder\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)

    tu les coches et tu clic sur fix checked

    ensuite :

    Télécharge ce fichier sur le bureau :

    http://downloads.malwareremoval.com/Nel/FixP.zip

    Extrait et double clique sur Fix_Protocol_zones_ranges.reg.

    Acceptes lorsqu'il te demande de fusionner avec le registre.

    ensuite désinstal AVG

    ensuite désinstal java car pas a jours et telecharege et instal cette vesrion :

    https://www.java.com/fr/download/manual.jsp

    ensuite :

    regarde ceci concernant avast :

    antivir vs avast :

    -> http://forum.malekal.com/ftopic3528.php

    alors je te conseille de le desinstaller et d´installer antivir a la place

    Telecharge et instales l'antivirus Antivir Personal Edition Classic :

    ->Antivir le telecharger

    tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
    tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59

    Pour désinstaller Avast telecharge cet outil

    ensuite refais un scan hijackthis et post le rapport stp

    0
    1. mamy1439
       
      re- je voudrais savoir ce que veut dire ses mots en anglais et quoi je doit faire merci


      Hijack this is about to remove a BHO and the corresponding file from your system.close all internet explorer windows and all windows explorer windows before continuring for the best chance of succes
      0
  18. Utilisateur anonyme
     
    re mamie

    ça veux diire ferme internet explorer avant de faire "fix checked"
    0
    1. mamy1439
       
      re bonjour
      voici j'ai fait tous et voila ce que ca me dit es ce que ses correct , mais voila je ne peut toujours pas imprime les choses que vous me donner a faire , je ne sait pas ce qui arrive
      mais je vous remerci beaucoup pour votre patience.

      07.11.2008 18:58:58 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
      07.11.2008 18:58:58 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
      07.11.2008 18:58:58 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\
      07.11.2008 18:58:58 - Using System's global Proxy settings
      07.11.2008 18:58:58 - Launching GUI... display mode: 0
      07.11.2008 18:58:58 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
      07.11.2008 18:58:58 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
      07.11.2008 18:58:58 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
      07.11.2008 18:58:58 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
      07.11.2008 18:58:58 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\
      07.11.2008 18:58:58 - Using System's global Proxy settings
      07.11.2008 18:58:58 - Launching GUI... display mode: 0
      07.11.2008 18:58:58 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
      07.11.2008 18:58:58 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
      07.11.2008 18:58:58 - Avira AntiVir Personal - Free Antivirus
      07.11.2008 18:59:05 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\idx/master.idx to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\master.idx
      07.11.2008 18:59:05 - Master IDX file has changed
      07.11.2008 18:59:06 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/classic-nt-en.info.gz
      07.11.2008 18:59:07 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\classic-nt-en.info to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
      07.11.2008 18:59:07 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/vdf.info.gz
      07.11.2008 18:59:08 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/specvir-nt.info.gz
      07.11.2008 18:59:08 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/ave2.info.gz
      07.11.2008 18:59:09 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/info-wks-classic-nt-en.info.gz
      07.11.2008 18:59:10 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
      07.11.2008 18:59:10 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 83
      07.11.2008 18:59:10 - Module: COMMAPPDATA_AV Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\ Files: 1
      07.11.2008 18:59:10 - Module: COMMAPP Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\ Files: 4
      07.11.2008 18:59:10 - Module: COMMAPDATA_AV_PROFILES Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\ Files: 2
      07.11.2008 18:59:10 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
      07.11.2008 18:59:10 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
      07.11.2008 18:59:10 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf 6.40.0.0 < 7.1.0.0
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf 7.0.5.1 < 7.1.0.21
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.5.20 < 7.1.0.44
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.5.23 < 7.1.0.55
      07.11.2008 18:59:11 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll 7.0.0.1 < 8.0.0.2
      07.11.2008 18:59:11 - Module: AVE2 Source: ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 14
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll 8.1.2.6 < 8.1.4.1
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll 8.1.0.41 < 8.1.1.0
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll 8.1.1.2 < 8.1.1.3
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll 8.1.0.59 < 8.1.0.71
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll 8.1.0.28 < 8.1.0.30
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll 8.1.2.4 < 8.1.3.3
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll 8.1.1.2 < 8.1.1.3
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll 8.1.1.3 < 8.1.1.5
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll 8.1.1.8 < 8.1.1.13
      07.11.2008 18:59:11 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat 8.2.0.4 < 8.2.0.29
      07.11.2008 18:59:11 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
      07.11.2008 18:59:11 - Module: PRODINFO Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
      07.11.2008 18:59:11 - Minifilter is installed
      07.11.2008 18:59:11 - Minifilter is possible
      07.11.2008 18:59:11 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType
      07.11.2008 18:59:11 - Initialize avnotify.exe
      07.11.2008 18:59:11 - Starting avnotify.exe successful
      07.11.2008 18:59:11 - Preparing to download files
      07.11.2008 18:59:11 - 17 files need to be downloaded / copied from http://dl7.avgate.net/upd/
      07.11.2008 18:59:11 - #1: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/classic-nt/filelist.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\winwks\en\classic-nt/filelist.ini
      07.11.2008 18:59:16 - #2: Downloading and extracting http://dl7.avgate.net/upd/winwks/en/classic-nt/product.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\winwks\en\classic-nt/product.ini
      07.11.2008 18:59:17 - #3: Downloading and extracting http://dl7.avgate.net/upd/vdf/antivir0.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\antivir0.vdf
      07.11.2008 18:59:56 - #4: Downloading and extracting http://dl7.avgate.net/upd/vdf/antivir1.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\antivir1.vdf
      07.11.2008 18:59:57 - #5: Downloading and extracting http://dl7.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\antivir2.vdf
      07.11.2008 18:59:58 - #6: Downloading and extracting http://dl7.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\antivir3.vdf
      07.11.2008 18:59:59 - #7: Downloading and extracting http://dl7.avgate.net/upd/engine/nt/avrep.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\engine\nt\avrep.dll
      07.11.2008 18:59:59 - #8: Downloading and extracting http://dl7.avgate.net/upd/ave2/aecore.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aecore.dll
      07.11.2008 19:00:00 - #9: Downloading and extracting http://dl7.avgate.net/upd/ave2/aegen.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aegen.dll
      07.11.2008 19:00:01 - #10: Downloading and extracting http://dl7.avgate.net/upd/ave2/aehelp.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aehelp.dll
      07.11.2008 19:00:01 - #11: Downloading and extracting http://dl7.avgate.net/upd/ave2/aeheur.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aeheur.dll
      07.11.2008 19:00:04 - #12: Downloading and extracting http://dl7.avgate.net/upd/ave2/aeoffice.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aeoffice.dll
      07.11.2008 19:00:04 - #13: Downloading and extracting http://dl7.avgate.net/upd/ave2/aepack.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aepack.dll
      07.11.2008 19:00:05 - #14: Downloading and extracting http://dl7.avgate.net/upd/ave2/aerdl.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aerdl.dll
      07.11.2008 19:00:06 - #15: Downloading and extracting http://dl7.avgate.net/upd/ave2/aescn.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aescn.dll
      07.11.2008 19:00:07 - #16: Downloading and extracting http://dl7.avgate.net/upd/ave2/aescript.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aescript.dll
      07.11.2008 19:00:07 - #17: Downloading and extracting http://dl7.avgate.net/upd/ave2/aeset.dat.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aeset.dat
      07.11.2008 19:00:17 - Keyfile: OK [FULL Mode]
      07.11.2008 19:00:17 - Status of service AntiVirService is running
      07.11.2008 19:00:17 - Initialize avscan.exe
      07.11.2008 19:00:17 - Initialize avcenter.exe
      07.11.2008 19:00:17 - Initialize avgnt.exe
      07.11.2008 19:00:17 - avscan.exe closed.
      07.11.2008 19:00:18 - avgnt.exe closed.
      07.11.2008 19:00:18 - Starting to install
      07.11.2008 19:00:18 - File C:\Program Files\Avira\AntiVir PersonalEdition Classic\filelist.ini will not be backed up because it doesn't exist
      07.11.2008 19:00:18 - File C:\Program Files\Avira\AntiVir PersonalEdition Classic\product.ini will not be backed up because it doesn't exist
      07.11.2008 19:00:18 - Processing module MAIN Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
      07.11.2008 19:00:18 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\winwks\en\classic-nt/filelist.ini to C:\Program Files\Avira\AntiVir PersonalEdition Classic\filelist.ini
      07.11.2008 19:00:18 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\winwks\en\classic-nt/product.ini to C:\Program Files\Avira\AntiVir PersonalEdition Classic\product.ini
      07.11.2008 19:00:18 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir0.vdf
      07.11.2008 19:00:18 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir1.vdf
      07.11.2008 19:00:18 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir2.vdf
      07.11.2008 19:00:18 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir3.vdf
      07.11.2008 19:00:18 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
      07.11.2008 19:00:20 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\antivir0.vdf to C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf
      07.11.2008 19:00:20 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\antivir1.vdf to C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf
      07.11.2008 19:00:20 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\antivir2.vdf to C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf
      07.11.2008 19:00:20 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\vdf\antivir3.vdf to C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\avrep.dll
      07.11.2008 19:00:20 - Processing module AVREP_NT Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
      07.11.2008 19:00:20 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\engine\nt\avrep.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aecore.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aegen.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aehelp.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeheur.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeoffice.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aepack.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aerdl.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aescn.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aescript.dll
      07.11.2008 19:00:20 - Copy file C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeset.dat
      07.11.2008 19:00:20 - Processing module AVE2 Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
      07.11.2008 19:00:21 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aecore.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll
      07.11.2008 19:00:22 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aegen.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll
      07.11.2008 19:00:23 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aehelp.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll
      07.11.2008 19:00:24 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aeheur.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll
      07.11.2008 19:00:25 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aeoffice.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll
      07.11.2008 19:00:27 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aepack.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll
      07.11.2008 19:00:28 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aerdl.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll
      07.11.2008 19:00:29 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aescn.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll
      07.11.2008 19:00:30 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aescript.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll
      07.11.2008 19:00:30 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4914d642\ave2\aeset.dat to C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat
      07.11.2008 19:00:30 - A total of 17 files were updated
      07.11.2008 19:00:30 - Initialize AVWSC.EXE
      07.11.2008 19:00:30 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress
      07.11.2008 19:00:30 - Status of service AntiVirService is running
      07.11.2008 19:00:32 - Reinitialization of AntiVirService carried out successfully.
      07.11.2008 19:00:33 - Starting avgnt.exe successful
      07.11.2008 19:00:33 - Dialup: 0
      07.11.2008 19:00:33 - Downloaded bytes: 17694062
      07.11.2008 19:00:33 - Downloaded file(s): 17
      07.11.2008 19:00:33 - Downloaded file(s): filelist.ini; product.ini; antivir0.vdf; antivir1.vdf; antivir2.vdf; antivir3.vdf; avrep.dll; aecore.dll; aegen.dll; aehelp.dll
      07.11.2008 19:00:33 - Downloaded file(s): aeheur.dll; aeoffice.dll; aepack.dll; aerdl.dll; aescn.dll; aescript.dll; aeset.dat
      07.11.2008 19:00:33 - Required time: 01:34
      07.11.2008 19:00:33 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate
      07.11.2008 19:00:34 - Update finished successfully
      0
    2. mamy1439
       
      voici le dernier de hijack

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:08:24, on 2008-11-07
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16735)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
      O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
      O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
      O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} - http://hoylegames.sierra.com/cab/WONWebLauncherControl.cab
      O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
      0
  19. Utilisateur anonyme
     
    re mamie

    quand tu as finit post moi un nouveau rapport hijackthi stp

    mais voila je ne peut toujours pas imprime

    --->>ton imprimante marche plus ??
    0
    1. mamy1439
       
      re - mon imprimante fonctionne mais si je veut imprimer ce que tu ma ecrit en soulignant elle n'imprime pas , je voudrais te dire que ca fonctionne tres bien maintenant ,il y a juste quand je clic sur le x pour fermer la fenetre elle gel quelque instant, croie tu que ses arranger pour mon ordi et si oui
      je te re merci tres sincerement et de ta patience



      une mamy qui est fiere de t'avoir fait confiance
      0
  20. Utilisateur anonyme
     
    re mamaie

    on s est croisé

    avast est mal désinstallé ...
    0
    1. mamy1439
       
      re et merci


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:21:59, on 2008-11-07
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16735)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll (file missing)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
      O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWin.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
      O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
      O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} - http://hoylegames.sierra.com/cab/WONWebLauncherControl.cab
      O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
      0
  • 1
  • 2