BV:AutoRun-E [Wrm]

Résolu
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   -  
 jlpjlp -
Bonjour,
Voici un virus repéré par Avast: BV:AutoRun-E [Wrm].
Comment faire pour le supprimer?
Dois-je le supprimer?
Merci d'avance!

49 réponses

Précédent
Réponse 21 / 49
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   1
 
Search Navipromo version 3.6.9 commencé le 2008-11-25 à 15:04:19.84

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Sophie Chantrel"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Sophie Chantrel\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Sophie Chantrel\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Sophie Chantrel\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Sophie Chantrel\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\Sophie Chantrel\locals~1\applic~1" :

ozzrxjvn.dat trouvé !
ozzrxjvn_nav.dat trouvé !
ozzrxjvn_navps.dat trouvé !
ygmms.exe trouvé !
ygmms.dat trouvé !
ygmms_nav.dat trouvé !
ygmms_navps.dat trouvé !

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 2008-11-25 à 15:07:24.35 ***
0
Réponse 22 / 49
Utilisateur anonyme
 
Double cliques sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valides.
(ne fais pas le choix 3 ou 4 sans notre avis/accord)

Le fix va t'informer qu'il va alors redémarrer ton PC
Fermes toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuies sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le bloc-notes. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.

Postes le rapport içi.
0
Réponse 23 / 49
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   1
 
Clean Navipromo version 3.6.9 commencé le 2008-11-25 à 15:12:05.42

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Sophie Chantrel"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\Sophie Chantrel\locals~1\applic~1" *


* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Sophie Chantrel\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Sophie Chantrel\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Sophie Chantrel\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Sophie Chantrel\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


* Dans "C:\Documents and Settings\Sophie Chantrel\locals~1\applic~1" *


ozzrxjvn.dat trouvé !
Copie ozzrxjvn.dat réalisée avec succès !
ozzrxjvn.dat supprimé !

ozzrxjvn_nav.dat trouvé !
Copie ozzrxjvn_nav.dat réalisée avec succès !
ozzrxjvn_nav.dat supprimé !

ozzrxjvn_navps.dat trouvé !
Copie ozzrxjvn_navps.dat réalisée avec succès !
ozzrxjvn_navps.dat supprimé !

ygmms.exe trouvé !
Copie ygmms.exe réalisée avec succès !
ygmms.exe supprimé !

ygmms.dat trouvé !
Copie ygmms.dat réalisée avec succès !
ygmms.dat supprimé !

ygmms_nav.dat trouvé !
Copie ygmms_nav.dat réalisée avec succès !
ygmms_nav.dat supprimé !

ygmms_navps.dat trouvé !
Copie ygmms_navps.dat réalisée avec succès !
ygmms_navps.dat supprimé !

C:\WINDOWS\prefetch\ygmms*.pf trouvé !
Copie C:\WINDOWS\prefetch\ygmms*.pf réalisée avec succès !
C:\WINDOWS\prefetch\ygmms*.pf supprimé !


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 2008-11-25 à 15:16:25.06 ***
0
Réponse 24 / 49
Utilisateur anonyme
 
# Télécharge ceci: (merci a S!RI pour ce petit programme).

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Exécute le, Double click sur Smitfraudfix.exe choisit l’option 5,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 49
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   1
 
SmitFraudFix v2.378

Rapport fait à 15:27:13.95, 2008-11-25
Executé à partir de C:\Documents and Settings\Sophie Chantrel\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.114;85.255.112.14

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.114;85.255.112.14

HKLM\SYSTEM\CCS\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: DhcpNameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CCS\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: DhcpNameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS2\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS3\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.114;85.255.112.14

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.114;85.255.112.14

HKLM\SYSTEM\CCS\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: DhcpNameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CCS\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: DhcpNameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS2\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS3\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: NameServer=85.255.112.114;85.255.112.14
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
0
Réponse 26 / 49
Utilisateur anonyme
 
Télécharge Ad-remover ( de C_XX ) sur ton bureau ( et pas ailleurs!) :

http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

! Déconnecte toi et ferme toutes applications en cours !

* Clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installe par défaut .
* Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "A" et tape sur [entrée] .

Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 27 / 49
Utilisateur anonyme
 
des soucis ?
0
Réponse 28 / 49
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   1
 
Nan désolée mais je suis dans une résidence avec des pb de connexion...
Le scan demandé est en cours...
0
Réponse 29 / 49
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   1
 
F --------- Logfile of AD-Remover 1.0.4.4 by C_XX ---------

START at: 16:31:30 | 2008-11-25
ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
Internet Explorer: 7.0.5730.11
OPTION: Scan
EXECUTED FROM: C:\Documents and Settings\Sophie Chantrel\Bureau\AD-Remover.bat
USER: Sophie Chantrel | PC: SOPHIE
BOOT MODE: Normal
DRIVE(S): C:\
~> Systemdrive: C:\

--------- [ PROCESSES ] ---------

\??\C:\WINDOWS\system32\csrss.exe [1004]
\??\C:\WINDOWS\system32\winlogon.exe [1032]
C:\WINDOWS\system32\services.exe [1076]
C:\WINDOWS\system32\lsass.exe [1088]
C:\WINDOWS\system32\svchost.exe [1296]
C:\WINDOWS\system32\svchost.exe [1332]
C:\WINDOWS\system32\svchost.exe [1392]
C:\WINDOWS\System32\svchost.exe [1436]
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [1492]
C:\WINDOWS\Explorer.EXE [1744]
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [1808]
C:\WINDOWS\system32\svchost.exe [1992]
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe [252]
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe [540]
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [620]
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [748]
C:\Program Files\Alwil Software\Avast4\ashServ.exe [980]
C:\WINDOWS\system32\spoolsv.exe [1160]
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [164]
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [284]
C:\Program Files\Bonjour\mDNSResponder.exe [324]
C:\WINDOWS\eHome\ehRecvr.exe [380]
C:\WINDOWS\eHome\ehSched.exe [676]
C:\WINDOWS\System32\GEARSec.exe [728]
C:\Program Files\Norton Ghost\Agent\VProSvc.exe [1912]
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2128]
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2228]
C:\WINDOWS\system32\svchost.exe [2328]
C:\WINDOWS\system32\svchost.exe [2392]
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2440]
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2584]
C:\WINDOWS\system32\igfxext.exe [2636]
C:\WINDOWS\system32\igfxsrvc.exe [2672]
C:\WINDOWS\ehome\mcrdsvc.exe [2708]
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2768]
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2852]
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [3244]
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [3272]
C:\WINDOWS\system32\dllhost.exe [3328]
C:\WINDOWS\System32\alg.exe [3748]
C:\Program Files\Apoint\Apoint.exe [3968]
C:\WINDOWS\ehome\ehtray.exe [4036]
C:\WINDOWS\system32\ICO.EXE [664]
C:\Program Files\Apoint\Apntex.exe [2236]
C:\WINDOWS\system32\igfxpers.exe [2224]
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2620]
C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2888]
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2912]
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [708]
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [3140]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [3144]
C:\Program Files\Norton Ghost\Agent\GhostTray.exe [3180]
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe [3316]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [3408]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [3536]
C:\Program Files\SweetIM\Messenger\SweetIM.exe [3676]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [4060]
C:\Program Files\iTunes\iTunesHelper.exe [2112]
C:\WINDOWS\system32\ctfmon.exe [2180]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [644]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [316]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3076]
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [3084]
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2148]
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [1608]
C:\Program Files\Rainlendar\Rainlendar.exe [1688]
C:\Program Files\SM\skymessnet.exe [1852]
C:\Program Files\OpenOffice.org 3\program\soffice.exe [1352]
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe [1696]
C:\Program Files\OpenOffice.org 3\program\soffice.bin [1684]
C:\Program Files\iPod\bin\iPodService.exe [1304]
C:\WINDOWS\system32\wbem\wmiapsrv.exe [4188]
C:\WINDOWS\system32\wuauclt.exe [4296]
C:\Program Files\Internet Explorer\iexplore.exe [4320]
C:\WINDOWS\System32\svchost.exe [2468]
C:\Program Files\Windows Live\Messenger\usnsvc.exe [5404]
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe [4700]

---------------------------- [~> 77]


+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND
+---------------------------------------------------------------------------+


+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND
+---------------------------------------------------------------------------+

"HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3}"
"HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}"
"HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}"
"HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}"
"HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}"
"HKEY_CURRENT_USER\SOFTWARE\FunWebProducts"
"HKEY_CURRENT_USER\SOFTWARE\Fun Web Products"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search"
"HKEY_CURRENT_USER\SOFTWARE\MyWebSearch"
"HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products"
"HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts"
"HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch"
"HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}"
"HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
"HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
"HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
"HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
"HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
"HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
"HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
"HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
"HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
"HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
"HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
"HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
"HKEY_CURRENT_USER\SOFTWARE\SWEETIE"
"HKEY_CURRENT_USER\SOFTWARE\SweetIM"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0337C6624F0C5E94F8025AF6F9288257"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D91C9455EF645794DA45B5738EF76F2E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{266C7330-C0F4-49E5-8F20-A56F9F822875}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5549C19D-46FE-4975-AD54-5B37E87FF6E2}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0337C6624F0C5E94F8025AF6F9288257"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D91C9455EF645794DA45B5738EF76F2E"
"HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND
+---------------------------------------------------------------------------+

[2007-04-30 22:05|d--------] C:\Program Files\FunWebProducts
[2007-05-01 11:49|d--------] C:\Program Files\MyWebSearch
[2005-07-14 16:28|--a--c---] C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
[2008-11-19 08:09|d--------] C:\Program Files\SweetIM
[2008-11-19 08:09|d--------] C:\Documents and Settings\All Users\Application Data\SweetIM
[2008-11-19 08:09|--a------] C:\Documents and Settings\Sophie Chantrel\Application Data\Mozilla\Firefox\Profiles\8qqazg3g.default\searchplugins\sweetim.xml
[2008-11-19 08:09|d--------] C:\Documents and Settings\Sophie Chantrel\Application Data\Mozilla\Firefox\Profiles\8qqazg3g.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\8qqazg3g.default\prefs.js :

~~~~ Mozilla FireFox version 2.0.0.12 ~~~~


+----------+


+---------------------------------------------------------------------------+


+---------- Added scan ...

+-----[HKLM\...\Run]

Apoint REG_SZ C:\Program Files\Apoint\Apoint.exe
ehTray REG_SZ C:\WINDOWS\ehome\ehtray.exe
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
SkyTel REG_SZ SkyTel.EXE
Alcmtr REG_SZ ALCMTR.EXE
AzMixerSel REG_SZ C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
Mouse Suite 98 Daemon REG_SZ ICO.EXE
igfxtray REG_SZ C:\WINDOWS\system32\igfxtray.exe
igfxhkcmd REG_SZ C:\WINDOWS\system32\hkcmd.exe
igfxpers REG_SZ C:\WINDOWS\system32\igfxpers.exe
SonyPowerCfg REG_SZ "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
ISBMgr.exe REG_SZ C:\Program Files\Sony\ISB Utility\ISBMgr.exe
Switcher.exe REG_SZ C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
VAIO Update 2 REG_SZ "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
Acrobat Assistant 7.0 REG_SZ "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
Norton Ghost 10.0 REG_SZ "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
RoxioDragToDisc REG_SZ "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
KernelFaultCheck REG_EXPAND_SZ %systemroot%\system32\dumprep 0 -k
WinampAgent REG_SZ "C:\Program Files\Winamp\winampa.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\kdyvp.exe REG_SZ C:\WINDOWS\system32\kdyvp.exe
SweetIM REG_SZ C:\Program Files\SweetIM\Messenger\SweetIM.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"

+-----[HKCU\...\Run]

CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
DesktopX REG_SZ "C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX Builder.exe" -noui
MsnMsgr REG_SZ ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
Veoh REG_SZ "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
<SANS NOM> REG_SZ
VeohPlugin REG_SZ "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

+-----[HKLM\...\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/
Start Page : hxxp://www.live.com/\0\0

+-----[HKCU\...\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+---------------------------------------------------------------------------+
+------------------------------- [ EOF - 273 lines ]
+---------------------------------------------------------------------------+

[ END at: 16:36:46 | 2008-11-25 ] - [ Time elapsed: 5 minutes, 15 seconds ]
0
Réponse 30 / 49
Utilisateur anonyme
 
Nettoyage AD-Remover :

! Déconnecte toi et ferme toutes application en cours ( navigarteur compris ) !

* Relance "Ad-remover" : au menu principal choisis l'option "B" .

* A l'écran de sélection ( écran ) :

> choisis le(s) chiffre(s) suivant pour nettoyer les traces de :

4 - "Funwebproduct/MyWay/MyWebsearch" puis [entrée]
6 - "Sweetim" puis [entrée]


Une fois la sélection faite, tape S puis [entrée] pour lancer la suppression .

--> le programme va travailler , ne touche à rien ...


* Poste le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide ) /!\
0
Réponse 31 / 49
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   1
 
F --------- Logfile of AD-Remover 1.0.4.4 by C_XX ---------

START at: 16:43:46 | 2008-11-25
ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
Internet Explorer: 7.0.5730.11
OPTION: Clean

*** Limited to ***

Funwebproduct/MyWay/MyWebsearch
Sweetim

******************

EXECUTED FROM: C:\Documents and Settings\Sophie Chantrel\Bureau\AD-Remover.bat
USER: Sophie Chantrel | PC: SOPHIE
BOOT MODE: Normal
DRIVE(S): C:\
~> Systemdrive: C:\

--------- [ PROCESSES ] ---------

\??\C:\WINDOWS\system32\csrss.exe [1004]
\??\C:\WINDOWS\system32\winlogon.exe [1032]
C:\WINDOWS\system32\services.exe [1076]
C:\WINDOWS\system32\lsass.exe [1088]
C:\WINDOWS\system32\svchost.exe [1296]
C:\WINDOWS\system32\svchost.exe [1332]
C:\WINDOWS\system32\svchost.exe [1392]
C:\WINDOWS\System32\svchost.exe [1436]
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [1492]
C:\WINDOWS\Explorer.EXE [1744]
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [1808]
C:\WINDOWS\system32\svchost.exe [1992]
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe [252]
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe [540]
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [620]
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [748]
C:\Program Files\Alwil Software\Avast4\ashServ.exe [980]
C:\WINDOWS\system32\spoolsv.exe [1160]
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [164]
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [284]
C:\Program Files\Bonjour\mDNSResponder.exe [324]
C:\WINDOWS\eHome\ehRecvr.exe [380]
C:\WINDOWS\eHome\ehSched.exe [676]
C:\WINDOWS\System32\GEARSec.exe [728]
C:\Program Files\Norton Ghost\Agent\VProSvc.exe [1912]
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2128]
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2228]
C:\WINDOWS\system32\svchost.exe [2328]
C:\WINDOWS\system32\svchost.exe [2392]
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2440]
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2584]
C:\WINDOWS\system32\igfxext.exe [2636]
C:\WINDOWS\system32\igfxsrvc.exe [2672]
C:\WINDOWS\ehome\mcrdsvc.exe [2708]
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2768]
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2852]
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [3244]
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [3272]
C:\WINDOWS\system32\dllhost.exe [3328]
C:\WINDOWS\System32\alg.exe [3748]
C:\Program Files\Apoint\Apoint.exe [3968]
C:\WINDOWS\ehome\ehtray.exe [4036]
C:\WINDOWS\system32\ICO.EXE [664]
C:\Program Files\Apoint\Apntex.exe [2236]
C:\WINDOWS\system32\igfxpers.exe [2224]
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2620]
C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2888]
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2912]
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [708]
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [3140]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [3144]
C:\Program Files\Norton Ghost\Agent\GhostTray.exe [3180]
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe [3316]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [3408]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [3536]
C:\Program Files\SweetIM\Messenger\SweetIM.exe [3676]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [4060]
C:\Program Files\iTunes\iTunesHelper.exe [2112]
C:\WINDOWS\system32\ctfmon.exe [2180]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [644]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [316]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3076]
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [3084]
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2148]
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [1608]
C:\Program Files\Rainlendar\Rainlendar.exe [1688]
C:\Program Files\SM\skymessnet.exe [1852]
C:\Program Files\OpenOffice.org 3\program\soffice.exe [1352]
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe [1696]
C:\Program Files\OpenOffice.org 3\program\soffice.bin [1684]
C:\Program Files\iPod\bin\iPodService.exe [1304]
C:\WINDOWS\system32\wbem\wmiapsrv.exe [4188]
C:\WINDOWS\system32\wuauclt.exe [4296]
C:\WINDOWS\System32\svchost.exe [2468]
C:\Program Files\Windows Live\Messenger\usnsvc.exe [5404]

---------------------------- [~> 75]

(!) ---- IE start pages reset

+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED
+---------------------------------------------------------------------------+


+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED
+---------------------------------------------------------------------------+

"HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3}"
"HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}"
"HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}"
"HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}"
"HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}"
"HKEY_CURRENT_USER\SOFTWARE\FunWebProducts"
"HKEY_CURRENT_USER\SOFTWARE\Fun Web Products"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search"
"HKEY_CURRENT_USER\SOFTWARE\MyWebSearch"
"HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products"
"HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts"
"HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch"
"HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}"
"HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
"HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
"HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
"HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
"HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
"HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
"HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
"HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
"HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
"HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
"HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
"HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
"HKEY_CURRENT_USER\SOFTWARE\SWEETIE"
"HKEY_CURRENT_USER\SOFTWARE\SweetIM"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0337C6624F0C5E94F8025AF6F9288257"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D91C9455EF645794DA45B5738EF76F2E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{266C7330-C0F4-49E5-8F20-A56F9F822875}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5549C19D-46FE-4975-AD54-5B37E87FF6E2}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0337C6624F0C5E94F8025AF6F9288257"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D91C9455EF645794DA45B5738EF76F2E"
"HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED
+---------------------------------------------------------------------------+

[2007-04-30 22:05|d--------] C:\Program Files\FunWebProducts
[2007-05-01 11:49|d--------] C:\Program Files\MyWebSearch
[2005-07-14 16:28|--a--c---] C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
/!\ NOT DELETED - [2008-11-25 16:49|d--------] C:\Program Files\SweetIM
[2008-11-19 08:09|d--------] C:\Documents and Settings\All Users\Application Data\SweetIM
[2008-11-19 08:09|--a------] C:\Documents and Settings\Sophie Chantrel\Application Data\Mozilla\Firefox\Profiles\8qqazg3g.default\searchplugins\sweetim.xml
[2008-11-19 08:09|d--------] C:\Documents and Settings\Sophie Chantrel\Application Data\Mozilla\Firefox\Profiles\8qqazg3g.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\8qqazg3g.default\prefs.js :

~~~~ Mozilla FireFox version 2.0.0.12 ~~~~


+----------+


(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


************* /!\ Files/Folder Not deleted /!\ *************

"C:\Program Files\SweetIM"

Second run ...

"C:\Program Files\SweetIM" - RESIST !


+---------- Added scan ...

+-----[HKLM\...\Run]

Apoint REG_SZ C:\Program Files\Apoint\Apoint.exe
ehTray REG_SZ C:\WINDOWS\ehome\ehtray.exe
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
SkyTel REG_SZ SkyTel.EXE
Alcmtr REG_SZ ALCMTR.EXE
AzMixerSel REG_SZ C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
Mouse Suite 98 Daemon REG_SZ ICO.EXE
igfxtray REG_SZ C:\WINDOWS\system32\igfxtray.exe
igfxhkcmd REG_SZ C:\WINDOWS\system32\hkcmd.exe
igfxpers REG_SZ C:\WINDOWS\system32\igfxpers.exe
SonyPowerCfg REG_SZ "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
ISBMgr.exe REG_SZ C:\Program Files\Sony\ISB Utility\ISBMgr.exe
Switcher.exe REG_SZ C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
VAIO Update 2 REG_SZ "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
ccApp REG_SZ "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
Acrobat Assistant 7.0 REG_SZ "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
Norton Ghost 10.0 REG_SZ "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
RoxioDragToDisc REG_SZ "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
KernelFaultCheck REG_EXPAND_SZ %systemroot%\system32\dumprep 0 -k
WinampAgent REG_SZ "C:\Program Files\Winamp\winampa.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\kdyvp.exe REG_SZ C:\WINDOWS\system32\kdyvp.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"

+-----[HKCU\...\Run]

CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
DesktopX REG_SZ "C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX Builder.exe" -noui
MsnMsgr REG_SZ ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
Veoh REG_SZ "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
<SANS NOM> REG_SZ
VeohPlugin REG_SZ "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

+-----[HKLM\...\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/
Start Page : hxxp://www.live.com/\0\0

+-----[HKCU\...\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+---------------------------------------------------------------------------+
+------------------------------- [ EOF - 280 lines ]
+---------------------------------------------------------------------------+

[ END at: 16:53:46 | 2008-11-25 ] - [ Time elapsed: 9 minutes, 59 seconds ]
0
Réponse 32 / 49
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:08, on 2008-11-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\SM\skymessnet.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Sophie Chantrel\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdyvp.exe] C:\WINDOWS\system32\kdyvp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DesktopX] "C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX Builder.exe" -noui
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Rainlendar.lnk = ?
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter un site de support RSS à VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{07D7E714-13C0-4F8A-AC41-7CCA07050B9D}: NameServer = 85.255.112.114;85.255.112.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F7C65E8-4635-4116-AFB0-AA2BAD451A29}: NameServer = 85.255.112.114;85.255.112.14
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Avlib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0
Réponse 33 / 49
Utilisateur anonyme
 
Telecharge malwarebytes

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log
0
Réponse 34 / 49
sofie353 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention   1
 
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1422
Windows 5.1.2600 Service Pack 2

2008-11-25 18:15:52
mbam-log-2008-11-25 (18-15-52).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 150115
Temps écoulé: 1 hour(s), 1 minute(s), 58 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 20
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 13
Dossier(s) infecté(s): 25
Fichier(s) infecté(s): 62

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ab3dfa03-f743-4302-81dd-c370bffeca23} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e550dc77-ef3b-474f-b59c-b3e2aa1fa6a5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware370 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware370 (Adware.Starware) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdyvp.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{07d7e714-13c0-4f8a-ac41-7cca07050b9d}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{07d7e714-13c0-4f8a-ac41-7cca07050b9d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3f7c65e8-4635-4116-afb0-aa2bad451a29}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3f7c65e8-4635-4116-afb0-aa2bad451a29}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{07d7e714-13c0-4f8a-ac41-7cca07050b9d}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{07d7e714-13c0-4f8a-ac41-7cca07050b9d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3f7c65e8-4635-4116-afb0-aa2bad451a29}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3f7c65e8-4635-4116-afb0-aa2bad451a29}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{07d7e714-13c0-4f8a-ac41-7cca07050b9d}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{07d7e714-13c0-4f8a-ac41-7cca07050b9d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{3f7c65e8-4635-4116-afb0-aa2bad451a29}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{3f7c65e8-4635-4116-afb0-aa2bad451a29}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.114;85.255.112.14 -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\bin (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\icons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_6 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_7 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_8 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Paroles (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Telechargement (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\kdyvp.exe (Rootkit.DNSChanger.H) -> Delete on reboot.
C:\Program Files\Starware370\Starware370Config.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\Starware370Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_60.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_70.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_80.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sophie Chantrel\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
0
Réponse 35 / 49
Utilisateur anonyme
 
réouvre malewarebyte
va sur quarantaine
supprime tout


---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:files
C:\WINDOWS\system32\kdyvp.exe
C:\Program Files\SweetIM

:commands
[emptytemp]
[start explorer]
[reboot]




---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 36 / 49
sofie353
 
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\kdyvp.exe not found.
C:\Program Files\SweetIM\Messenger moved successfully.
C:\Program Files\SweetIM moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr9E33.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr9E35.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Perflib_Perfdata_6e4.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Perflib_Perfdata_acc.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Perflib_Perfdata_b0c.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Perflib_Perfdata_b50.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DF7C3C.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFA12A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFA720.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFA748.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFB778.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFB78E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFC056.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFC07D.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~WRF0001.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JETD10B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JETD1C7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_398.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_604.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11262008_194916

Files moved on Reboot...
C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr9E33.tmp moved successfully.
C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr9E35.tmp moved successfully.
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Perflib_Perfdata_6e4.dat not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Perflib_Perfdata_acc.dat not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Perflib_Perfdata_b0c.dat not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Perflib_Perfdata_b50.dat not found!
C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DF7C3C.tmp moved successfully.
C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFA12A.tmp moved successfully.
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFA720.tmp not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFA748.tmp not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFB778.tmp not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFB78E.tmp not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFC056.tmp not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFC07D.tmp not found!
File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~WRF0001.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\JETD10B.tmp not found!
File C:\WINDOWS\temp\JETD1C7.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_398.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_604.dat not found!
0
Réponse 37 / 49
Utilisateur anonyme
 
hé sofie ,


j y croyais plus -;)


désinstal norton :

pour désinstaller norton proprement telecharge cet outil


http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20050414110429924?OpenDocument&seg=hm&lg=fr&ct=fr


ensuite refais un scan hijackthis et pos le rapport stp
0
Réponse 38 / 49
sofie353
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:25:21, on 2008-11-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\SM\skymessnet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\Sophie Chantrel\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdyvp.exe] C:\WINDOWS\system32\kdyvp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DesktopX] "C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX Builder.exe" -noui
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Rainlendar.lnk = ?
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ajouter un site de support RSS à VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Avlib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0
Réponse 39 / 49
Utilisateur anonyme
 
bon c est nettoyé

on va affiner


réouvre hijackthis
fais scan only
coches ces lignes :


R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC

R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)



O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Rainlendar.lnk = ?
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab


tu les coches et tu clic sur fix checked


ensuite :


Démarrer > executer > tape : services.msc

- Clic droit sur le service cité - Planificateur LiveUpdate automatique
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »

Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html


ensuite :

regarde ceci concernant avast :

antivir vs avast :

-> http://forum.malekal.com/ftopic3528.php


alors je te conseille de le desinstaller et d´installer antivir a la place

Telecharge et instales l'antivirus Antivir Personal Edition Classic :

->Antivir le telecharger


tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59

Pour désinstaller Avast telecharge cet outil



ensuite :

-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):


http://download.piriform.com/ccsetup210.exe

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

-> Tuto : https://www.malekal.com/tutoriel-ccleaner/


ensuite :

* pour supprimer les outils/fix utilisés :

Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).




Désactive et réactive ta restauration system :

(1) Désactiver la Restauration du système

cliques sur Démarrer
Cliques droit sur Poste de travail
cliques sur Propriétés
Cliques sur l'onglet Restauration du système
Coches Désactiver la Restauration du système sur tous les lecteurs
Cliques sur Appliquer, Lorsque le message de confirmation apparaît,
cliques sur Oui.
Cliques sur OK.


(2) Activer la Restauration du système


cliques sur Démarrer
Cliques droit sur Poste de travail
cliques sur Propriétés
Cliques sur l'onglet Restauration du système
Décoches Désactiver la Restauration du système sur tous les lecteurs
Cliques sur Appliquer, Lorsque le message de confirmation apparaît,
cliques sur Oui.
Cliques sur OK.


Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924




0
sofie353
 
je restaure quand même le système?
0
Réponse 40 / 49
sofie353
 
J'ai un souci, Toolscleaner2.exe ne veut pas s'ouvrir, voici le message: "n'est pas une application Win 32 valide"
0

Discussions similaires

Que veut dire bv sur facebook ?
facebook -
Maelie -

3 réponses
je ne c’est pas s’en que cela veut dire bv
ginettedu76 -
baladur13 -

1 réponse
language sms à traduire
mullan -
Ouiie59 -

9 réponses
Worldpay escroquerie internet sur carte bancaire
Cayayou -
Pareillement -

9 réponses
Bv
Ben -
transat -

1 réponse