Sujet Précédent Sujet Suivant

Rapport Hijack ! BESOIN D'AIDE

Résolu
Navid_92 Messages postés 778 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
Voici les caractéristiques de mon ordinateur :
AMD Athlon 64 x 2 Dual Core Processor 3800+, 1.0GB RAM, Windows XP
J'utilise Kaspersky, CCleaner et AVG Anti-Spyware.

Depuis quelque temps mon ordinateur lag pas mal et beaucoup de page de pub s'ouvre sans cesse quand je surf sur le net.

Je cherche des réponses au près de professionnelle
Merci

Voici mon rapport Hijack :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:04:32, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\fvumledk.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.freeze.com/?AcquisitionID=d4706b12-d304-45a0-9df0-1d88c932854d&s=&ipc=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: SmartShopper - {2BA1C226-EC1B-4471-A65F-D0688AC6EE3A} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdqeg.exe] C:\WINDOWS\system32\kdqeg.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [fvumledk] "c:\documents and settings\navid\local settings\application data\fvumledk.exe" fvumledk
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Policies\Explorer\Run: [{44E882B7-07D9-1036-0613-060517060021}] "C:\Program Files\Fichiers communs\{44E882B7-07D9-1036-0613-060517060021}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://euroafkabparis.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 85.255.112.81;85.255.112.205
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O20 - Winlogon Notify: winmbj32 - winmbj32.dll (file missing)
O22 - SharedTaskScheduler: {03413bf7-e34c-445b-bfc0-a2b127255871} - incestuously - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur PC-BaX - Unknown owner - C:\Program Files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
A voir également:

48 réponses

Précédent
Réponse 21 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
SmitFraudFix v2.381

Rapport fait à 17:41:03,20, 07/12/2008
Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 www.legal-at-spybot.info
127.0.0.1 legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\

C:\resycled\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Navid

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Navid\LOCALS~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Navid\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

C:\DOCUME~1\Navid\MENUDM~1\PROGRA~1\homeview PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Navid\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\homeview\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}"

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd3.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.81;85.255.112.205

HKLM\SYSTEM\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=85.255.112.81;85.255.112.205
HKLM\SYSTEM\CS1\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 22 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
SmitFraudFix v2.381

Rapport fait à 18:16:07,42, 07/12/2008
Executé à partir de C:\Documents and Settings\Navid\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}"

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\DOCUME~1\Navid\MENUDM~1\PROGRA~1\homeview supprimé
C:\Program Files\homeview\ supprimé
C:\resycled\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=85.255.112.81;85.255.112.205
HKLM\SYSTEM\CS1\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 23 / 48
Utilisateur anonyme
 
Bien! Tu peux relancer smitfraudfix et refaire l'option 1. Tu me postes le rapport s'il te plaît.
0
Réponse 24 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
SmitFraudFix v2.381

Rapport fait à 18:32:13,65, 07/12/2008
Executé à partir de C:\Documents and Settings\Navid\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Navid\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Navid

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Navid\LOCALS~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Navid\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Navid\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd3.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.81;85.255.112.205

HKLM\SYSTEM\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=85.255.112.81;85.255.112.205
HKLM\SYSTEM\CS1\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 48
Utilisateur anonyme
 
Relance-le et fais l'option 5. Poste le rapport suivi d'un log hijackthis tout frais.
0
Réponse 26 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Rapport
SmitFraudFix v2.381

Rapport fait à 18:53:30,92, 07/12/2008
Executé à partir de C:\Documents and Settings\Navid\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.81;85.255.112.205

HKLM\SYSTEM\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=85.255.112.81;85.255.112.205
HKLM\SYSTEM\CS1\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252

»»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

HKLM\SYSTEM\CS1\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer=212.27.54.252,212.27.53.252

--------------------------------------------------------------------------

Rapport Hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:54:49, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: SmartShopper - {2BA1C226-EC1B-4471-A65F-D0688AC6EE3A} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdqeg.exe] C:\WINDOWS\system32\kdqeg.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Policies\Explorer\Run: [{44E882B7-07D9-1036-0613-060517060021}] "C:\Program Files\Fichiers communs\{44E882B7-07D9-1036-0613-060517060021}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://euroafkabparis.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O20 - Winlogon Notify: winmbj32 - winmbj32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur PC-BaX - Unknown owner - C:\Program Files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
0
Réponse 27 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Ok il est en cours d'execution !
0
Réponse 28 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1469
Windows 5.1.2600 Service Pack 3

07/12/2008 19:14:04
mbam-log-2008-12-07 (19-14-04).txt

Type de recherche: Examen rapide
Eléments examinés: 61618
Temps écoulé: 5 minute(s), 49 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winmbj32 (Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\VSAdd-in (Adware.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\winmbj32.dll (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Delete on reboot.
C:\Program Files\Setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
C:\Documents and Settings\Navid\Application Data\Dxcknwrd.dll (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 29 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:35:08, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: SmartShopper - {2BA1C226-EC1B-4471-A65F-D0688AC6EE3A} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Policies\Explorer\Run: [{44E882B7-07D9-1036-0613-060517060021}] "C:\Program Files\Fichiers communs\{44E882B7-07D9-1036-0613-060517060021}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://euroafkabparis.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur PC-BaX - Unknown owner - C:\Program Files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
0
Réponse 30 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
-----------\\ ToolBar S&D 1.2.6 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Navid ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Activated)
Firewall : Kaspersky Anti-Virus 8.0.0.506 (Not Activated)
C:\ (Local Disk) - NTFS - Total:113 Go (Free:16 Go)
D:\ (Local Disk) - FAT32 - Total:114 Go (Free:2 Go)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (USB)

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 07/12/2008|19:48 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\Navid\APPLIC~1\SmartShopper
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\Config.xml
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\db
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\dwld
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\report
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\res1
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\db\Aliases.dbs
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\db\Sites.dbs
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\dwld\Phishinglist.xip
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\dwld\WhiteList.xip
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\report\aggr_storage.xml
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\report\send_storage.xml
C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs\res1\WhiteList.dbs
C:\Program Files\SmartShopper
C:\Program Files\SmartShopper\Bin
C:\Program Files\SmartShopper\Uninst.exe
C:\Program Files\SmartShopper\Bin\2.5.0
C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\SmartShopper
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrow.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bottom.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bottom_left.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bottom_right.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\CAlogo.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\email_b.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\equalizer_loading.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\equalizer_off.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\equalizer_on.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\ErrorPageTemplate_search.css
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\IEtab1_8.zip
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\images01.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\left.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\logo_facebook.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\minus.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\minus_on.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\music2.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\New York_NY_weather.txt43167781
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\newsb.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\play.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\play_on.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\plus.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\plus_on.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\right.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\search.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\search.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\search_fr.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\settings.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\shop2.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt10632718
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt10983578
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt1563859
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt18664437
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt19601562
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt24194109
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt25892281
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt25897421
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt43167781
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stop.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stop_on.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tabdataV3.js
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\Thumbs.db
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\top.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\top_left.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\top_right.png
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\web_fr.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\zoom.bmp
C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\__slider.bmp
C:\Program Files\VMNToolbar
C:\Program Files\VMNToolbar\install.ico
C:\Program Files\VMNToolbar\tbuninstall.exe
C:\Program Files\VMNToolbar\toolbar.ini
C:\Program Files\VMNToolbar\uninstall.exe
C:\Program Files\VMNToolbar\vmntoolbar.dll

-----------\\ Extensions

(Navid) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\Navid\Bureau\MessengerSkinner_setup.exe
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Navid\Bureau\Nouveau dossier (3)\Nouveau dossier 2\Nouveau dossier\GG\cracken.zip

1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|19:49 - Option : [1]

-----------\\ Fin du rapport a 19:49:33,70
0
Réponse 31 / 48
Utilisateur anonyme
 
/!\ Attention aux cracks, sources d'infections /!\

Désactive AVG anti-spyware et Kasper le temps de l'option 2. N'oublie pas de les réactiver avant de poster ici.

Relance Toolbar S&D et exécute l'option 2.

/!\ Ne ferme pas la fenêtre lors de la suppression /!\

Poste le rapport.
0
Réponse 32 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Fo que je fasse l'option 2 en premier mais celui de kel logiciel ?
0
Réponse 33 / 48
Utilisateur anonyme
 
Non, il faut désactiver tes protections (Antivirus et antispywares) le temps de l'exécution de l'option 2 de Toolbar S&D.
0
Réponse 34 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
-----------\\ ToolBar S&D 1.2.6 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Navid ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Not Activated)
Firewall : Kaspersky Anti-Virus 8.0.0.506 (Not Activated)
C:\ (Local Disk) - NTFS - Total:113 Go (Free:16 Go)
D:\ (Local Disk) - FAT32 - Total:114 Go (Free:2 Go)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (USB)

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [2] ( 07/12/2008|19:59 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Navid\APPLIC~1\SmartShopper\cs
Supprime! - C:\Program Files\SmartShopper\Bin
Supprime! - C:\Program Files\SmartShopper\Uninst.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\SmartShopper
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrow.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bottom.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bottom_left.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\bottom_right.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\CAlogo.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\email_b.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\equalizer_loading.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\equalizer_off.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\equalizer_on.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\ErrorPageTemplate_search.css
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\IEtab1_8.zip
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\images01.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\left.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\logo_facebook.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\minus.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\minus_on.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\music2.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\New York_NY_weather.txt43167781
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\newsb.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\play.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\play_on.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\plus.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\plus_on.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\right.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\search.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\search.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\search_fr.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\settings.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\shop2.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt10632718
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt10983578
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt1563859
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt18664437
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt19601562
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt24194109
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt25892281
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt25897421
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sinfo.txt43167781
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stop.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\stop_on.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tabdataV3.js
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\Thumbs.db
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\top.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\top_left.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\top_right.png
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\web_fr.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar\__slider.bmp
Supprime! - C:\Program Files\VMNToolbar\install.ico
Supprime! - C:\Program Files\VMNToolbar\tbuninstall.exe
Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\SmartShopper
Supprime! - C:\Program Files\SmartShopper
Supprime! - C:\DOCUME~1\Navid\APPLIC~1\VMNToolbar
Supprime! - C:\Program Files\VMNToolbar

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ Extensions

(Navid) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\Navid\Bureau\MessengerSkinner_setup.exe
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Navid\Bureau\Nouveau dossier (3)\Nouveau dossier 2\Nouveau dossier\GG\cracken.zip

1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|19:49 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 07/12/2008|20:02 - Option : [2]

-----------\\ Fin du rapport a 20:02:33,37
0
Réponse 35 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Je n'arrive pas à mettre le fichier que tu dis dans la partie que tu indique.
Je vois le fichier spécial mais comment le met on dans le cadre
0
Réponse 36 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Non rien en faite j'y arrive mais sa me met :
Error: Unable to interpret <C:\DOCUME~1\Navid\Bureau\MessengerSkinner_setup.exe> in the current context!
0
Réponse 37 / 48
Utilisateur anonyme
 
Copie/colle-le directement depuis mon message.
0
Réponse 38 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Non j'y arrive mais sa me met :
Error: Unable to interpret <C:\DOCUME~1\Navid\Bureau\MessengerSkinner_setup.exe> in the current context!
0
Réponse 39 / 48
Utilisateur anonyme
 
Ok! Essaie de le supprimer manuellement. Tu te rends dans C:\DOCUME~1\Navid\Bureau et tu supprimes le fichier MessengerSkinner_setup.exe
0
Réponse 40 / 48
Navid_92 Messages postés 778 Statut Membre 87
 
Je l'ai supprimé manuelement c bon, apres je fais koi ?
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses