Se connecter / S'enregistrer
Votre question

Iexplorer en processus de fond

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
2 Mai 2011 16:16:03

Bonjour,

Depuis peu j'ai remarquer que mon pc était ralentis et que j'entendais parfois des petits bruits de fond (style lancement de jeux flash ou pub ) , en regardant de plus près dans mes processus j'ai vu que iexplorer se lançait seul en plusieurs fois dans les processus , je crains donc d'avoir un virus ( j'ai notamment repéré un processus se lançant en plusieurs exemplaire du doux nom de eDF5Hj75.exe ) .
Spy bot et antivar n'ayant rien donné et n'étant pas très doué en informatique je post ici mon résultat d'analyse avec Trend Micro Hijackthis en espérant que vous pourrez m'éclairer sur la manip a suivre , voila merci .

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:46, on 02/05/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\serge\Downloads\HiJackThis.exe
C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: Hero Fighter Toolbar - {b12785f5-d8d0-4530-a3ea-5c4263b85bef} - C:\Program Files\Hero_Fighter\tbHero.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hero Fighter Toolbar - {b12785f5-d8d0-4530-a3ea-5c4263b85bef} - C:\Program Files\Hero_Fighter\tbHero.dll (file missing)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Hero Fighter Toolbar - {b12785f5-d8d0-4530-a3ea-5c4263b85bef} - C:\Program Files\Hero_Fighter\tbHero.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKCU\..\Run: [cacaoweb] "C:\Users\serge\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
O4 - HKCU\..\Run: [Awaleqepijov] rundll32.exe "C:\Users\serge\AppData\Local\wmsetofg.dll",Startup
O4 - HKCU\..\Run: [{9D39990C-8C80-426A-D896-8C1523D2C827}] C:\Users\serge\AppData\Roaming\Ussyt\nylya.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [svsh0st] C:\Users\serge\AppData\Roaming\svsh0sted.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe (User 'Default user')
O4 - .DEFAULT User Startup: edfo.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\serge\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMService - Dgofdrimg Software - C:\Windows\TEMP\vdpa\setup.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: wampapache - Unknown owner - C:\Newwow\wamp\bin\apache\apache2.2.11\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\Newwow\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe (file missing)

--
End of file - 7020 bytes

Autres pages sur : iexplorer processus fond

Anonyme
2 Mai 2011 16:49:11

Voila le rapport de Ad-remover :

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 16:46:44 le 02/05/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
serge@PC-DE-SERGE (Acer, inc. Aspire 5920G)

============== RECHERCHE ==============


Fichier trouvé: C:\Users\serge\AppData\Roaming\Mozilla\FireFox\Profiles\q4cvk8he.default\searchplugins\askcom.xml
Fichier trouvé: C:\Users\serge\AppData\Roaming\Mozilla\FireFox\Profiles\q4cvk8he.default\searchplugins\conduit.xml
Dossier trouvé: C:\Program Files\Conduit
Dossier trouvé: C:\ProgramData\PopCap Games
Dossier trouvé: C:\Users\serge\AppData\Roaming\EoRezo
Dossier trouvé: C:\Program Files\EoRezo
Dossier trouvé: C:\Users\serge\AppData\Roaming\ItsLabel
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ItsLabel

-- Fichier ouvert: C:\Users\serge\AppData\Roaming\Mozilla\FireFox\Profiles\q4cvk8he.default\Prefs.js --
Ligne trouvée: user_pref("CT2342185.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2342185.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT234...
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?FORM=IEFM1&q=...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2342185");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2342185");
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2342185");
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2342185&Sea...
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64F56FC1-1272-44CD-BA6E-39723696E350}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
Clé trouvée: HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
Clé trouvée: HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\EoRezo
Clé trouvée: HKLM\Software\ItsLabel
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKCU\Software\ItsLabel
Clé trouvée: HKCU\Software\PopCap
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ItsTv
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ItsTV_is1
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ItsTV_is1

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.17 (fr)] ****

Plugins\npBFPlugin.dll ( )
HKLM_MozillaPlugins\@fileplanet.com/fpdlm (x)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@Webzen.com/NPGameWebStarter (x)
HKCU_MozillaPlugins\@soe.sony.com/installer,version=1.0.3 (x)
HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Extensions - "talkback@mozilla.org" (?)
HKCU_Extensions|{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a} - C:\Users\serge\Program Files\DNA (x)

-- C:\Users\serge\AppData\Roaming\Mozilla\FireFox\Profiles\q4cvk8he.default --
Extensions\battlefieldheroespatcher@ea.com (Battlefield Heroes Updater)
Extensions\cacaoweb@cacaoweb.org (cacaoweb)
Extensions\CSWebLauncher@cyberstep.com (CS Web Launcher)
Extensions\illimitux@illimitux.net (Illimitux)
Extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A} (<em:name>SOE Web Installer)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{b12785f5-d8d0-4530-a3ea-5c4263b85bef}-trash (?)
Searchplugins\askcom.xml (?)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2342185&SearchSource=3&q={searchTerms} /)
Prefs.js - browser.download.dir, C:\\Users\\serge\\Downloads
Prefs.js - browser.search.defaultenginename, Ask.com
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2342185&SearchSource=3&q={searchTerms}
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.17
Prefs.js - keyword.URL, hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navcli...

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|SearchMigratedDefaultURL - hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKCU_Main|Search bar - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Start Page - hxxp://www.facebook.com/home.php
HKLM_Main|Default_Page_URL - hxxp://fr.fr.acer.yahoo.com
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://lo.st
HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll) (x)
HKCU_URLSearchHooks|{b12785f5-d8d0-4530-a3ea-5c4263b85bef} - "Hero Fighter Toolbar" (C:\Program Files\Hero_Fighter\tbHero.dll) (x)
HKLM_URLSearchHooks|{b12785f5-d8d0-4530-a3ea-5c4263b85bef} - "Hero Fighter Toolbar" (C:\Program Files\Hero_Fighter\tbHero.dll) (x)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=VD&o=14770&src=crm&q={searchTerms...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Hero Fighter Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Hero Fighter Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (C:\Windows\system32\eDStoolbar.dll)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_Toolbar|{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} (C:\Windows\system32\eDStoolbar.dll)
HKLM_Toolbar|{b12785f5-d8d0-4530-a3ea-5c4263b85bef} (C:\Program Files\Hero_Fighter\tbHero.dll) (x)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKCU_ElevationPolicy\{A791D71C-0C01-4761-BB29-76C5A55DCAAA} - C:\Program Files\Orange\Launcher\Launcher.exe (x)
HKLM_ElevationPolicy\e812693b-024a-41e7-8563-e363142c806c - C:\Program Files\Hero_Fighter\Hero_FighterToolbarHelper.exe (x)
HKLM_ElevationPolicy\{3644F00E-747A-44aa-8DC3-139CCBEF5BFB} - C:\Program Files\Pando Networks\Media Booster\PMB.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A72296F2-F88D-4EB4-92F7-3BC70F5A5755} - D:\Download Manager\DLM.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\Belkin\Bluetooth Software\bt_cold_icon.ico)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll)
BHO\{1E8A6170-7264-4D0F-BEAE-D42A53123C75} (?)
BHO\{64F56FC1-1272-44CD-BA6E-39723696E350} - "EoBho Class" (C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll)
BHO\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - "ShowBarObj Class" (C:\Windows\system32\ActiveToolBand.dll)
BHO\{b12785f5-d8d0-4530-a3ea-5c4263b85bef} - "Hero Fighter Toolbar" (C:\Program Files\Hero_Fighter\tbHero.dll) (x)
BHO\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} - "FDMIECookiesBHO Class" (C:\Program Files\Free Download Manager\iefdm2.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 02/05/2011 16:46:53 (9399 Octet(s))

Fin à: 16:48:38, 02/05/2011

============== E.O.F ==============

Contenus similaires
a c 267 8 Sécurité
2 Mai 2011 17:05:03

Ok, relance Ad-Remover, choisis l'option "Nettoyer" et poste le rapport.
Anonyme
2 Mai 2011 18:09:58

J'ai fait l'option nettoyer , j'ai redémarrer le système cmme conseiller et relancer l'option scan , voila le résultat :

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 18:06:28 le 02/05/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
serge@PC-DE-SERGE (Acer, inc. Aspire 5920G)

============== RECHERCHE ==============



-- Fichier ouvert: C:\Users\serge\AppData\Roaming\Mozilla\FireFox\Profiles\q4cvk8he.default\Prefs.js --
Ligne trouvée: user_pref("CT2342185.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2342185.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT234...
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?FORM=IEFM1&q=...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2342185");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2342185");
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2342185");
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2342185&Sea...
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
-- Fichier Fermé --




============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.17 (fr)] ****

Plugins\npBFPlugin.dll ( )
HKLM_MozillaPlugins\@fileplanet.com/fpdlm (x)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@Webzen.com/NPGameWebStarter (x)
HKCU_MozillaPlugins\@soe.sony.com/installer,version=1.0.3 (x)
HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Extensions - "talkback@mozilla.org" (?)
HKCU_Extensions|{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a} - C:\Users\serge\Program Files\DNA (x)

-- C:\Users\serge\AppData\Roaming\Mozilla\FireFox\Profiles\q4cvk8he.default --
Extensions\battlefieldheroespatcher@ea.com (Battlefield Heroes Updater)
Extensions\cacaoweb@cacaoweb.org (cacaoweb)
Extensions\CSWebLauncher@cyberstep.com (CS Web Launcher)
Extensions\illimitux@illimitux.net (Illimitux)
Extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A} (<em:name>SOE Web Installer)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{b12785f5-d8d0-4530-a3ea-5c4263b85bef}-trash (?)
Prefs.js - browser.download.dir, C:\\Users\\serge\\Downloads
Prefs.js - browser.search.defaultenginename, Ask.com
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2342185&SearchSource=3&q={searchTerms}
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.17
Prefs.js - keyword.URL, hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navcli...

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll) (x)
HKCU_URLSearchHooks|{b12785f5-d8d0-4530-a3ea-5c4263b85bef} - "Hero Fighter Toolbar" (C:\Program Files\Hero_Fighter\tbHero.dll) (x)
HKLM_URLSearchHooks|{b12785f5-d8d0-4530-a3ea-5c4263b85bef} - "Hero Fighter Toolbar" (C:\Program Files\Hero_Fighter\tbHero.dll) (x)
HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (C:\Windows\system32\eDStoolbar.dll)
HKLM_Toolbar|{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} (C:\Windows\system32\eDStoolbar.dll)
HKLM_Toolbar|{b12785f5-d8d0-4530-a3ea-5c4263b85bef} (C:\Program Files\Hero_Fighter\tbHero.dll) (x)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKCU_ElevationPolicy\{A791D71C-0C01-4761-BB29-76C5A55DCAAA} - C:\Program Files\Orange\Launcher\Launcher.exe (x)
HKLM_ElevationPolicy\e812693b-024a-41e7-8563-e363142c806c - C:\Program Files\Hero_Fighter\Hero_FighterToolbarHelper.exe (x)
HKLM_ElevationPolicy\{3644F00E-747A-44aa-8DC3-139CCBEF5BFB} - C:\Program Files\Pando Networks\Media Booster\PMB.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A72296F2-F88D-4EB4-92F7-3BC70F5A5755} - D:\Download Manager\DLM.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\Belkin\Bluetooth Software\bt_cold_icon.ico)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll)
BHO\{1E8A6170-7264-4D0F-BEAE-D42A53123C75} (?)
BHO\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - "ShowBarObj Class" (C:\Windows\system32\ActiveToolBand.dll)
BHO\{b12785f5-d8d0-4530-a3ea-5c4263b85bef} - "Hero Fighter Toolbar" (C:\Program Files\Hero_Fighter\tbHero.dll) (x)
BHO\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} - "FDMIECookiesBHO Class" (C:\Program Files\Free Download Manager\iefdm2.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 192 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 18 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 02/05/2011 17:56:30 (8776 Octet(s))
C:\Ad-Report-SCAN[1].txt - 02/05/2011 16:46:53 (9537 Octet(s))
C:\Ad-Report-SCAN[2].txt - 02/05/2011 18:07:22 (6525 Octet(s))

Fin à: 18:08:31, 02/05/2011

============== E.O.F ==============
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS