Publicite intempestives(resolu)
Tags :
-
Sécurité
Dernière réponse : dans Sécurité et virus
terrien34
21 Mars 2010 22:33:21
Bonsoir
1
Télécharge DDS et sauvegarde-le sur ton bureau.
Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
Double-clique sur dds.scr pour lancer l'outil.
Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
Clique Oui à la prochaine invite Optional Scan.
Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
2
Télécharge Catchme ([#ff0000]Gmer[/#f]) sur ton Bureau.
Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse. (Ce rapport est sur ton bureau.)

1
Télécharge DDS et sauvegarde-le sur ton bureau.
2
terrien34
21 Mars 2010 23:15:55
merci de me repondre si vite,j'espere que c'est ca
DDS (Ver_10-03-17.01) - NTFSX64
Run by emmanuel at 22:59:18,18 on 21/03/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3071.1495 [GMT 1:00]
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\Ldegub.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\emmanuel\AppData\Local\Temp\Lld.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\emmanuel\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = local
mSearchAssistant = hxxp://www.ask.com/web?q={searchTerms}&o=14482&l=dis
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgHelper.dll
mURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
mWinlogon: Userinit=userinit.exe
BHO: Google Plus: {01677b4b-0610-4814-94a0-5f570dd7a88f} - c:\progra~2\google~1\17GOOG~1.DLL
BHO: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Automated Content Enhancer: {1d74e9dd-8987-448b-b2cb-67fff2b8a932} - c:\program files (x86)\automated content enhancer\4.2.0.5360\ACEIEAddOn.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~2\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files (x86)\real\realplayer\rpbrowserrecordplugin.dll
BHO: Customized Platform Advancer: {42c7c39f-3128-4a17-bdb7-91c46032b5b9} - c:\program files (x86)\customized platform advancer\4.2.0.2050\CPAIEAddOn.dll
BHO: D: {5e20e48b-9d4b-3287-92b7-5a8e31a7a848} - c:\windows\syswow64\jh86383.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\mcafee\virusscan\scriptsn.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Content Management Wizard: {b72681c0-a222-4b21-a0e2-53a5a5ca3d41} - c:\program files (x86)\content management wizard\1.2.0.2080\CMWIE.dll
BHO: Textual Content Provider: {cac89ff9-34a9-4431-8cfe-292a47f843bc} - c:\program files (x86)\textual content provider\1.2.0.2040\TCPIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Web Search Operator: {eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} - c:\program files (x86)\web search operator\4.2.0.2150\wso.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No File
uRun: [<NO NAME>]
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"
uRun: [Canaveral] rundll32.exe c:\windows\system32\sshnas21.dll,BackupReadW
uRun: [YVIBBBHA8C] c:\users\emmanuel\appdata\local\temp\Lld.exe
mRun: [mcagent_exe] "c:\program files (x86)\mcafee.com\agent\mcagent.exe" /runkey
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files (x86)\google\gmail notifier\gnotify.exe
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [Google Quick Search Box] "c:\program files (x86)\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [SweetIM] c:\program files (x86)\sweetim\messenger\SweetIM.exe
mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: ????3?? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetUrl.htm
IE: ????3?????? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
Trusted Zone: kuaiche.com\software
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files (x86)\pixiepack codec pack\InstallerHelper.exe
IFEO: ctfmon.exe - c:\windows\system32\ctfmon_jv.exe
{27B4851A-3207-45A2-B947-BE8AFE6163AB}
{7DB2D5A0-7241-4E79-B68D-6309F01C5231}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No File
TB-X64: {0FC85F5D-6207-4515-A490-45A549D285C0} - No File
TB-X64: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
IFEO-X64: ctfmon.exe - c:\windows\system32\ctfmon_jv.exe
================= FIREFOX ===================
FF - ProfilePath - c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|google.fr
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files (x86)\automated content enhancer\4.2.0.5360\ff\components\ACEFFAddOn.dll
FF - component: c:\program files (x86)\customized platform advancer\4.2.0.2050\ff\components\CPAFFAddOn.dll
FF - component: c:\program files (x86)\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files (x86)\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files (x86)\web search operator\4.2.0.2150\ff\components\WSOFFAddOn.dll
FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files (x86)\google\google updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-12-19 308296]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/01 01:45:01];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-5-7 146928]
R2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-10-7 191000]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe [2009-12-23 110312]
R2 McProxy;McAfee Proxy Service;c:\progra~2\common~1\mcafee\mcproxy\mcproxy.exe [2009-12-19 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-12-19 155456]
R2 TeamViewer4;TeamViewer 4;c:\program files (x86)\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 185640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-12-17 1394504]
R2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\rapidsolution\tunebite 7\vcdwriter\64\VCDAudioService.exe [2009-12-10 148848]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x64.sys [2009-10-13 61440]
R3 lvpepf64;Volume Adapter;c:\windows\system32\drivers\lv302a64.sys [2009-12-20 15896]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\drivers\lvrs64.sys [2009-12-20 327576]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-19 102472]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB64.sys [2009-6-10 1627520]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\drivers\rsvcdwdr.sys [2009-12-10 29216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S2 gupdate;Service Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-12-19 133104]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-19 40904]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-19 49480]
S3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2009-10-6 25088]
S3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2009-10-6 18944]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-24 31800]
S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
S4 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe [2009-12-19 606736]
=============== Created Last 30 ================
2010-03-21 09:17:04 160768 ----a-w- c:\windows\Ldegub.exe
2010-03-20 22:27:06 160768 ----a-w- c:\windows\Ldegua.exe
2010-03-20 22:27:00 193536 ----a-w- c:\windows\syswow64\sshnas21.dll
2010-03-20 22:02:39 0 d-----w- c:\programdata\DivX
2010-03-19 18:31:17 0 d-----w- c:\program files (x86)\Zattoo4
2010-03-16 19:44:44 0 d-----w- c:\programdata\SweetIM
2010-03-16 19:44:44 0 d-----w- c:\program files (x86)\SweetIM
2010-03-14 15:30:51 0 d-----w- c:\users\emmanuel\appdata\roaming\QuickScan
2010-03-13 21:21:06 315904 ----a-w- c:\windows\syswow64\Difx6382.rra
2010-03-08 17:59:18 94208 ----a-w- c:\windows\syswow64\dpl100.dll
2010-03-08 16:56:43 0 d-----w- c:\program files (x86)\Conduit
2010-03-08 16:56:42 0 d-----w- c:\program files (x86)\Radio_Bar_1
2010-03-02 18:16:04 353592 ----a-w- c:\windows\syswow64\DivXControlPanelApplet.cpl
==================== Find3M ====================
2010-03-21 17:11:49 798232 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-21 17:11:49 168096 ----a-w- c:\windows\system32\perfc00C.dat
2010-02-23 21:34:06 53248 ----a-w- c:\windows\syswow64\CSVer.dll
2010-02-19 19:27:36 720384 ----a-w- c:\windows\syswow64\DivX.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx0c.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx07.dll
2010-02-19 19:27:16 847872 ----a-w- c:\windows\syswow64\divx_xx0a.dll
2010-02-19 19:27:16 843776 ----a-w- c:\windows\syswow64\divx_xx16.dll
2010-02-19 19:27:16 839680 ----a-w- c:\windows\syswow64\divx_xx11.dll
2010-02-02 08:36:47 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-02 07:45:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-01-30 22:27:42 2183680 ----a-w- c:\windows\syswow64\libvlccore.dll
2010-01-30 22:27:42 114176 ----a-w- c:\windows\syswow64\libvlc.dll
2010-01-27 15:58:38 115312 ----a-w- c:\windows\system32\drivers\jraid.sys
2010-01-19 09:28:44 1976944 ----a-w- c:\windows\syswow64\xRaidSetup.exe
2010-01-19 09:28:22 158320 ----a-w- c:\windows\syswow64\xRaidAPI.dll
2010-01-19 09:05:57 424960 ----a-w- c:\windows\system32\secproc.dll
2010-01-19 09:05:57 422912 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-19 09:00:44 305152 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-19 09:00:43 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-19 09:00:37 356352 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-19 09:00:37 306688 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp_isv.dll
2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp.dll
2010-01-18 23:29:31 365568 ----a-w- c:\windows\syswow64\secproc_isv.dll
2010-01-18 23:29:30 369152 ----a-w- c:\windows\syswow64\secproc.dll
2010-01-18 23:28:33 324608 ----a-w- c:\windows\syswow64\RMActivate_isv.exe
2010-01-18 23:28:33 277504 ----a-w- c:\windows\syswow64\RMActivate_ssp_isv.exe
2010-01-18 23:28:30 320512 ----a-w- c:\windows\syswow64\RMActivate.exe
2010-01-18 23:28:30 280064 ----a-w- c:\windows\syswow64\RMActivate_ssp.exe
2010-01-11 22:19:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-01-11 22:19:00 14822504 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-11 22:19:00 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-11 22:19:00 1037416 ----a-w- c:\windows\system32\nvsvc64.dll
2010-01-11 07:12:38 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-12-22 08:36:19 243200 ----a-w- c:\windows\system32\wow64.dll
2009-12-22 08:24:35 14336 ----a-w- c:\windows\syswow64\ntvdm64.dll
2009-12-22 08:23:35 25600 ----a-w- c:\windows\syswow64\setup16.exe
2009-12-22 08:22:10 5120 ----a-w- c:\windows\syswow64\wow32.dll
2009-12-22 04:28:10 7680 ----a-w- c:\windows\syswow64\instnm.exe
2009-12-22 04:28:08 2048 ----a-w- c:\windows\syswow64\user.exe
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 22:59:34,29 ===============
DDS (Ver_10-03-17.01) - NTFSX64
Run by emmanuel at 22:59:18,18 on 21/03/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3071.1495 [GMT 1:00]
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\Ldegub.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\emmanuel\AppData\Local\Temp\Lld.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\emmanuel\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = local
mSearchAssistant = hxxp://www.ask.com/web?q={searchTerms}&o=14482&l=dis
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgHelper.dll
mURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
mWinlogon: Userinit=userinit.exe
BHO: Google Plus: {01677b4b-0610-4814-94a0-5f570dd7a88f} - c:\progra~2\google~1\17GOOG~1.DLL
BHO: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Automated Content Enhancer: {1d74e9dd-8987-448b-b2cb-67fff2b8a932} - c:\program files (x86)\automated content enhancer\4.2.0.5360\ACEIEAddOn.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~2\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files (x86)\real\realplayer\rpbrowserrecordplugin.dll
BHO: Customized Platform Advancer: {42c7c39f-3128-4a17-bdb7-91c46032b5b9} - c:\program files (x86)\customized platform advancer\4.2.0.2050\CPAIEAddOn.dll
BHO: D: {5e20e48b-9d4b-3287-92b7-5a8e31a7a848} - c:\windows\syswow64\jh86383.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\mcafee\virusscan\scriptsn.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Content Management Wizard: {b72681c0-a222-4b21-a0e2-53a5a5ca3d41} - c:\program files (x86)\content management wizard\1.2.0.2080\CMWIE.dll
BHO: Textual Content Provider: {cac89ff9-34a9-4431-8cfe-292a47f843bc} - c:\program files (x86)\textual content provider\1.2.0.2040\TCPIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Web Search Operator: {eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} - c:\program files (x86)\web search operator\4.2.0.2150\wso.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No File
uRun: [<NO NAME>]
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"
uRun: [Canaveral] rundll32.exe c:\windows\system32\sshnas21.dll,BackupReadW
uRun: [YVIBBBHA8C] c:\users\emmanuel\appdata\local\temp\Lld.exe
mRun: [mcagent_exe] "c:\program files (x86)\mcafee.com\agent\mcagent.exe" /runkey
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files (x86)\google\gmail notifier\gnotify.exe
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [Google Quick Search Box] "c:\program files (x86)\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [SweetIM] c:\program files (x86)\sweetim\messenger\SweetIM.exe
mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: ????3?? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetUrl.htm
IE: ????3?????? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
Trusted Zone: kuaiche.com\software
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files (x86)\pixiepack codec pack\InstallerHelper.exe
IFEO: ctfmon.exe - c:\windows\system32\ctfmon_jv.exe
{27B4851A-3207-45A2-B947-BE8AFE6163AB}
{7DB2D5A0-7241-4E79-B68D-6309F01C5231}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No File
TB-X64: {0FC85F5D-6207-4515-A490-45A549D285C0} - No File
TB-X64: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
IFEO-X64: ctfmon.exe - c:\windows\system32\ctfmon_jv.exe
================= FIREFOX ===================
FF - ProfilePath - c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|google.fr
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files (x86)\automated content enhancer\4.2.0.5360\ff\components\ACEFFAddOn.dll
FF - component: c:\program files (x86)\customized platform advancer\4.2.0.2050\ff\components\CPAFFAddOn.dll
FF - component: c:\program files (x86)\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files (x86)\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files (x86)\web search operator\4.2.0.2150\ff\components\WSOFFAddOn.dll
FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files (x86)\google\google updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-12-19 308296]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/01 01:45:01];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-5-7 146928]
R2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-10-7 191000]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe [2009-12-23 110312]
R2 McProxy;McAfee Proxy Service;c:\progra~2\common~1\mcafee\mcproxy\mcproxy.exe [2009-12-19 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-12-19 155456]
R2 TeamViewer4;TeamViewer 4;c:\program files (x86)\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 185640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-12-17 1394504]
R2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\rapidsolution\tunebite 7\vcdwriter\64\VCDAudioService.exe [2009-12-10 148848]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x64.sys [2009-10-13 61440]
R3 lvpepf64;Volume Adapter;c:\windows\system32\drivers\lv302a64.sys [2009-12-20 15896]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\drivers\lvrs64.sys [2009-12-20 327576]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-19 102472]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB64.sys [2009-6-10 1627520]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\drivers\rsvcdwdr.sys [2009-12-10 29216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S2 gupdate;Service Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-12-19 133104]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-19 40904]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-19 49480]
S3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2009-10-6 25088]
S3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2009-10-6 18944]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-24 31800]
S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
S4 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe [2009-12-19 606736]
=============== Created Last 30 ================
2010-03-21 09:17:04 160768 ----a-w- c:\windows\Ldegub.exe
2010-03-20 22:27:06 160768 ----a-w- c:\windows\Ldegua.exe
2010-03-20 22:27:00 193536 ----a-w- c:\windows\syswow64\sshnas21.dll
2010-03-20 22:02:39 0 d-----w- c:\programdata\DivX
2010-03-19 18:31:17 0 d-----w- c:\program files (x86)\Zattoo4
2010-03-16 19:44:44 0 d-----w- c:\programdata\SweetIM
2010-03-16 19:44:44 0 d-----w- c:\program files (x86)\SweetIM
2010-03-14 15:30:51 0 d-----w- c:\users\emmanuel\appdata\roaming\QuickScan
2010-03-13 21:21:06 315904 ----a-w- c:\windows\syswow64\Difx6382.rra
2010-03-08 17:59:18 94208 ----a-w- c:\windows\syswow64\dpl100.dll
2010-03-08 16:56:43 0 d-----w- c:\program files (x86)\Conduit
2010-03-08 16:56:42 0 d-----w- c:\program files (x86)\Radio_Bar_1
2010-03-02 18:16:04 353592 ----a-w- c:\windows\syswow64\DivXControlPanelApplet.cpl
==================== Find3M ====================
2010-03-21 17:11:49 798232 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-21 17:11:49 168096 ----a-w- c:\windows\system32\perfc00C.dat
2010-02-23 21:34:06 53248 ----a-w- c:\windows\syswow64\CSVer.dll
2010-02-19 19:27:36 720384 ----a-w- c:\windows\syswow64\DivX.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx0c.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx07.dll
2010-02-19 19:27:16 847872 ----a-w- c:\windows\syswow64\divx_xx0a.dll
2010-02-19 19:27:16 843776 ----a-w- c:\windows\syswow64\divx_xx16.dll
2010-02-19 19:27:16 839680 ----a-w- c:\windows\syswow64\divx_xx11.dll
2010-02-02 08:36:47 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-02 07:45:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-01-30 22:27:42 2183680 ----a-w- c:\windows\syswow64\libvlccore.dll
2010-01-30 22:27:42 114176 ----a-w- c:\windows\syswow64\libvlc.dll
2010-01-27 15:58:38 115312 ----a-w- c:\windows\system32\drivers\jraid.sys
2010-01-19 09:28:44 1976944 ----a-w- c:\windows\syswow64\xRaidSetup.exe
2010-01-19 09:28:22 158320 ----a-w- c:\windows\syswow64\xRaidAPI.dll
2010-01-19 09:05:57 424960 ----a-w- c:\windows\system32\secproc.dll
2010-01-19 09:05:57 422912 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-19 09:00:44 305152 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-19 09:00:43 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-19 09:00:37 356352 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-19 09:00:37 306688 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp_isv.dll
2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp.dll
2010-01-18 23:29:31 365568 ----a-w- c:\windows\syswow64\secproc_isv.dll
2010-01-18 23:29:30 369152 ----a-w- c:\windows\syswow64\secproc.dll
2010-01-18 23:28:33 324608 ----a-w- c:\windows\syswow64\RMActivate_isv.exe
2010-01-18 23:28:33 277504 ----a-w- c:\windows\syswow64\RMActivate_ssp_isv.exe
2010-01-18 23:28:30 320512 ----a-w- c:\windows\syswow64\RMActivate.exe
2010-01-18 23:28:30 280064 ----a-w- c:\windows\syswow64\RMActivate_ssp.exe
2010-01-11 22:19:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-01-11 22:19:00 14822504 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-11 22:19:00 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-11 22:19:00 1037416 ----a-w- c:\windows\system32\nvsvc64.dll
2010-01-11 07:12:38 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-12-22 08:36:19 243200 ----a-w- c:\windows\system32\wow64.dll
2009-12-22 08:24:35 14336 ----a-w- c:\windows\syswow64\ntvdm64.dll
2009-12-22 08:23:35 25600 ----a-w- c:\windows\syswow64\setup16.exe
2009-12-22 08:22:10 5120 ----a-w- c:\windows\syswow64\wow32.dll
2009-12-22 04:28:10 7680 ----a-w- c:\windows\syswow64\instnm.exe
2009-12-22 04:28:08 2048 ----a-w- c:\windows\syswow64\user.exe
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 22:59:34,29 ===============
Contenus similaires
- RESOLU probleme publicitées intempestives , besoin d'aide svp !! - Forum
- publicites intempestives qui s 'ouvrent seules - Forum
- comment suprimer les publicite intempestive - Forum
- Publicité intempestives sur Firefox (Windows 10) - Forum
- [RÉSOLU] Problème publicité intempestive - Forum
- Fentres intempestives de publicité - Forum
terrien34
21 Mars 2010 23:25:31
re
Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Scanner.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
terrien34
22 Mars 2010 20:34:20
bonsoir sham
voila le rapport du scan
.
======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 22/03/10 à 19:30
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:27:06 le 22/03/2010 | Mode normal | Option: SCAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows 7™ Ultimate - X64
Nom du PC: EMMANUEL-PC | Utilisateur actuel: emmanuel (Administrateur)
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
.
C:\Program Files (x86)\Automated Content Enhancer
C:\Program Files (x86)\BrowserZinc
C:\Program Files (x86)\Content Management Wizard
C:\Program Files (x86)\Customized Platform Advancer
C:\Program Files (x86)\Internet Today
C:\Program Files (x86)\SweetIM
C:\Program Files (x86)\Textual Content Provider
C:\Program Files (x86)\Web Search Operator
C:\ProgramData\SweetIM
C:\Users\emmanuel\AppData\Local\Customized Platform Advancer
C:\Users\emmanuel\AppData\Local\Internet Today
C:\Users\emmanuel\AppData\LocalLow\Automated Content Enhancer
C:\Users\emmanuel\AppData\LocalLow\SweetIM
C:\Users\emmanuel\AppData\LocalLow\Textual Content Provider
C:\Users\emmanuel\AppData\LocalLow\Web Search Operator
C:\Users\emmanuel\AppData\Roaming\DesktopIcon
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\searchplugins\sweetim.xml
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\SweetIMToolbarData
.
HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\32 Vegas Casino
HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\AppDataLow\Software\Automated Content Enhancer
HKCU\Software\AppDataLow\Software\CMW
HKCU\Software\AppDataLow\Software\Customized Platform Advancer
HKCU\Software\AppDataLow\Software\Media Access Startup
HKCU\Software\AppDataLow\Software\Web Search Operator
HKCU\Software\Automated Content Enhancer
HKCU\Software\Customized Platform Advancer
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\SweetIM
HKLM64\Software\Classes\ExplorerBar.CMW
HKLM64\Software\Classes\ExplorerBar.CMW.1
HKLM64\Software\Classes\ExplorerBar.FunExplorer
HKLM64\Software\Classes\ExplorerBar.FunExplorer.1
HKLM64\Software\Classes\ExplorerBar.FunRedirector
HKLM64\Software\Classes\ExplorerBar.FunRedirector.1
HKLM64\Software\Classes\ExplorerBar.tcp
HKLM64\Software\Classes\ExplorerBar.tcp.1
HKLM64\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
HKLM64\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
HKLM64\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
HKLM64\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM64\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
HKLM64\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
HKLM64\Software\Classes\MediaPlayer.GraphicsUtils
HKLM64\Software\Classes\MediaPlayer.GraphicsUtils.1
HKLM64\Software\Classes\MgMediaPlayer.GifAnimator
HKLM64\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM64\Software\Classes\SWEETIE.IEToolbar
HKLM64\Software\Classes\SWEETIE.IEToolbar.1
HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM64\Software\Classes\Toolbar3.SWEETIE
HKLM64\Software\Classes\Toolbar3.SWEETIE.1
HKLM64\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM64\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM64\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM64\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM64\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM64\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM64\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM64\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM64\Software\Microsoft\Shared Tools\MSConfig\startupreg\Internet Today Task
HKLM64\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847}
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version Impossible d'obtenir la version *
.
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaultenginename: SweetIM Search
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaulturl: hxxp://search.sweetim.com/search.asp?src=2&q=
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.selectedEngine: Google
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&q=
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.search.defaultenginename: Google
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.keyword.URL: chrome://browser-region/locale/region.properties
.
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaultenginename", "SweetIM Search");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.mode.debug", "false");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Google");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.theprizeday.com/today.php|google.fr");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history", "free,kadokado");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history.capacity", "10");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.simapp_id", "{01B126B4-085F-4DEA-8CF7-51496BB221AE}");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.version", "1.0.0.10");
.
* Internet Explorer Version 8.0.7600.16385 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://home.sweetim.com
Start Page Restore: hxxp://home.mykeysearch.com
Use Custom Search URL: 0
Use Search Asst: no
.
[HKLM64\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
============== SUSPECT(S) ==============
.
C:\Users\emmanuel\AppData\Local\Temp\HouseCall\bspatch.exe
C:\Users\emmanuel\AppData\Roaming\uTorrent\O&O DiskRecovery v4.1.1334 Tech Edition multi incl. Keygen.torrent
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\Cacheman7_keygen.exe
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\cachm700.exe
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\FFF.NFO
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r.zip
C:\Users\emmanuel\Documents\Downloads\Divx 7.2 serial by pa1ze2.rar
C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\FFF.NFO
C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\keygen.exe
.
========================================
.
C:\Users\emmanuel\AppData\Local\Temp: 570 Fichier(s), 248 Dossier(s)
C:\Windows\temp: 216 Fichier(s), 14 Dossier(s)
C:\Users\emmanuel\AppData\Roaming\Microsoft\Windows\Cookies: 107 Fichier(s), 2 Dossier(s)
Temporary Internet Files: 333 Fichier(s), 14 Dossier(s)
.
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 1 Fichier(s)
.
C:\Ad-Report-SCAN[1].txt - 12506 Octet(s)
.
Fin à: 20:29:47, 22/03/2010
.
============== E.O.F - SCAN[1] ==============
voila le rapport du scan
.
======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 22/03/10 à 19:30
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:27:06 le 22/03/2010 | Mode normal | Option: SCAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows 7™ Ultimate - X64
Nom du PC: EMMANUEL-PC | Utilisateur actuel: emmanuel (Administrateur)
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
.
C:\Program Files (x86)\Automated Content Enhancer
C:\Program Files (x86)\BrowserZinc
C:\Program Files (x86)\Content Management Wizard
C:\Program Files (x86)\Customized Platform Advancer
C:\Program Files (x86)\Internet Today
C:\Program Files (x86)\SweetIM
C:\Program Files (x86)\Textual Content Provider
C:\Program Files (x86)\Web Search Operator
C:\ProgramData\SweetIM
C:\Users\emmanuel\AppData\Local\Customized Platform Advancer
C:\Users\emmanuel\AppData\Local\Internet Today
C:\Users\emmanuel\AppData\LocalLow\Automated Content Enhancer
C:\Users\emmanuel\AppData\LocalLow\SweetIM
C:\Users\emmanuel\AppData\LocalLow\Textual Content Provider
C:\Users\emmanuel\AppData\LocalLow\Web Search Operator
C:\Users\emmanuel\AppData\Roaming\DesktopIcon
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\searchplugins\sweetim.xml
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\SweetIMToolbarData
.
HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\32 Vegas Casino
HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\AppDataLow\Software\Automated Content Enhancer
HKCU\Software\AppDataLow\Software\CMW
HKCU\Software\AppDataLow\Software\Customized Platform Advancer
HKCU\Software\AppDataLow\Software\Media Access Startup
HKCU\Software\AppDataLow\Software\Web Search Operator
HKCU\Software\Automated Content Enhancer
HKCU\Software\Customized Platform Advancer
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\SweetIM
HKLM64\Software\Classes\ExplorerBar.CMW
HKLM64\Software\Classes\ExplorerBar.CMW.1
HKLM64\Software\Classes\ExplorerBar.FunExplorer
HKLM64\Software\Classes\ExplorerBar.FunExplorer.1
HKLM64\Software\Classes\ExplorerBar.FunRedirector
HKLM64\Software\Classes\ExplorerBar.FunRedirector.1
HKLM64\Software\Classes\ExplorerBar.tcp
HKLM64\Software\Classes\ExplorerBar.tcp.1
HKLM64\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
HKLM64\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
HKLM64\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
HKLM64\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM64\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
HKLM64\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
HKLM64\Software\Classes\MediaPlayer.GraphicsUtils
HKLM64\Software\Classes\MediaPlayer.GraphicsUtils.1
HKLM64\Software\Classes\MgMediaPlayer.GifAnimator
HKLM64\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM64\Software\Classes\SWEETIE.IEToolbar
HKLM64\Software\Classes\SWEETIE.IEToolbar.1
HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM64\Software\Classes\Toolbar3.SWEETIE
HKLM64\Software\Classes\Toolbar3.SWEETIE.1
HKLM64\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM64\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM64\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM64\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM64\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM64\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM64\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM64\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM64\Software\Microsoft\Shared Tools\MSConfig\startupreg\Internet Today Task
HKLM64\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847}
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version Impossible d'obtenir la version *
.
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaultenginename: SweetIM Search
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaulturl: hxxp://search.sweetim.com/search.asp?src=2&q=
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.selectedEngine: Google
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&q=
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.search.defaultenginename: Google
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.keyword.URL: chrome://browser-region/locale/region.properties
.
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaultenginename", "SweetIM Search");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.mode.debug", "false");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Google");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.theprizeday.com/today.php|google.fr");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history", "free,kadokado");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history.capacity", "10");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.simapp_id", "{01B126B4-085F-4DEA-8CF7-51496BB221AE}");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.version", "1.0.0.10");
.
* Internet Explorer Version 8.0.7600.16385 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://home.sweetim.com
Start Page Restore: hxxp://home.mykeysearch.com
Use Custom Search URL: 0
Use Search Asst: no
.
[HKLM64\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
============== SUSPECT(S) ==============
.
C:\Users\emmanuel\AppData\Local\Temp\HouseCall\bspatch.exe
C:\Users\emmanuel\AppData\Roaming\uTorrent\O&O DiskRecovery v4.1.1334 Tech Edition multi incl. Keygen.torrent
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\Cacheman7_keygen.exe
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\cachm700.exe
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\FFF.NFO
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r.zip
C:\Users\emmanuel\Documents\Downloads\Divx 7.2 serial by pa1ze2.rar
C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\FFF.NFO
C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\keygen.exe
.
========================================
.
C:\Users\emmanuel\AppData\Local\Temp: 570 Fichier(s), 248 Dossier(s)
C:\Windows\temp: 216 Fichier(s), 14 Dossier(s)
C:\Users\emmanuel\AppData\Roaming\Microsoft\Windows\Cookies: 107 Fichier(s), 2 Dossier(s)
Temporary Internet Files: 333 Fichier(s), 14 Dossier(s)
.
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 1 Fichier(s)
.
C:\Ad-Report-SCAN[1].txt - 12506 Octet(s)
.
Fin à: 20:29:47, 22/03/2010
.
============== E.O.F - SCAN[1] ==============
re
vire tes cracks pourris
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Nettoyer.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
[fixed]/!\ Pense à réactiver ton antivirus /!\
vire tes cracks pourris

/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
[fixed]/!\ Pense à réactiver ton antivirus /!\
terrien34
22 Mars 2010 20:55:04
re
il m'a demande de redemarrer pour finaliser le nettoyage.j'attends que tu me dise si je le fait tout de suite ou j'attends un peu voila le rapport
.
======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 22/03/10 à 19:30
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:46:40 le 22/03/2010 | Mode normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows 7™ Ultimate - X64
Nom du PC: EMMANUEL-PC | Utilisateur actuel: emmanuel (Administrateur)
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
C:\Program Files (x86)\Automated Content Enhancer
C:\Program Files (x86)\BrowserZinc
C:\Program Files (x86)\Content Management Wizard
C:\Program Files (x86)\Customized Platform Advancer
C:\Program Files (x86)\Internet Today
C:\Program Files (x86)\SweetIM
C:\Program Files (x86)\Textual Content Provider
C:\Program Files (x86)\Web Search Operator
C:\ProgramData\SweetIM
C:\Users\emmanuel\AppData\Local\Customized Platform Advancer
C:\Users\emmanuel\AppData\Local\Internet Today
C:\Users\emmanuel\AppData\LocalLow\Automated Content Enhancer
C:\Users\emmanuel\AppData\LocalLow\SweetIM
C:\Users\emmanuel\AppData\LocalLow\Textual Content Provider
C:\Users\emmanuel\AppData\LocalLow\Web Search Operator
C:\Users\emmanuel\AppData\Roaming\DesktopIcon
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\searchplugins\sweetim.xml
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\SweetIMToolbarData
(!) -- Fichiers temporaires supprimés.
.
HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\32 Vegas Casino
HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\AppDataLow\Software\Automated Content Enhancer
HKCU\Software\AppDataLow\Software\CMW
HKCU\Software\AppDataLow\Software\Customized Platform Advancer
HKCU\Software\AppDataLow\Software\Media Access Startup
HKCU\Software\AppDataLow\Software\Web Search Operator
HKCU\Software\Automated Content Enhancer
HKCU\Software\Customized Platform Advancer
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\SweetIM
HKLM64\Software\Classes\ExplorerBar.CMW
HKLM64\Software\Classes\ExplorerBar.CMW.1
HKLM64\Software\Classes\ExplorerBar.FunExplorer
HKLM64\Software\Classes\ExplorerBar.FunExplorer.1
HKLM64\Software\Classes\ExplorerBar.FunRedirector
HKLM64\Software\Classes\ExplorerBar.FunRedirector.1
HKLM64\Software\Classes\ExplorerBar.tcp
HKLM64\Software\Classes\ExplorerBar.tcp.1
HKLM64\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
HKLM64\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
HKLM64\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
HKLM64\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM64\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
HKLM64\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
HKLM64\Software\Classes\MediaPlayer.GraphicsUtils
HKLM64\Software\Classes\MediaPlayer.GraphicsUtils.1
HKLM64\Software\Classes\MgMediaPlayer.GifAnimator
HKLM64\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM64\Software\Classes\SWEETIE.IEToolbar
HKLM64\Software\Classes\SWEETIE.IEToolbar.1
HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM64\Software\Classes\Toolbar3.SWEETIE
HKLM64\Software\Classes\Toolbar3.SWEETIE.1
HKLM64\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM64\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM64\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM64\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM64\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM64\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM64\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM64\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM64\Software\Microsoft\Shared Tools\MSConfig\startupreg\Internet Today Task
HKLM64\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847}
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version Impossible d'obtenir la version *
.
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaultenginename: SweetIM Search
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaulturl: hxxp://search.sweetim.com/search.asp?src=2&q=
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.selectedEngine: Google
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&q=
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.search.defaultenginename: Google
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.keyword.URL: chrome://browser-region/locale/region.properties
.
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaultenginename", "SweetIM Search");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.mode.debug", "false");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Google");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.theprizeday.com/today.php|google.fr");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history", "free,kadokado");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history.capacity", "10");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.simapp_id", "{01B126B4-085F-4DEA-8CF7-51496BB221AE}");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.version", "1.0.0.10");
.
* Internet Explorer Version 8.0.7600.16385 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 0
Use Search Asst: no
.
[HKLM64\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
============== SUSPECT(S) ==============
.
C:\Users\emmanuel\AppData\Roaming\uTorrent\O&O DiskRecovery v4.1.1334 Tech Edition multi incl. Keygen.torrent
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\Cacheman7_keygen.exe
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\cachm700.exe
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\FFF.NFO
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r.zip
C:\Users\emmanuel\Documents\Downloads\Divx 7.2 serial by pa1ze2.rar
C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\FFF.NFO
C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\keygen.exe
.
========================================
.
C:\Users\emmanuel\AppData\Local\Temp: 7 Fichier(s), 248 Dossier(s)
C:\Windows\temp: 11 Fichier(s), 14 Dossier(s)
C:\Users\emmanuel\AppData\Roaming\Microsoft\Windows\Cookies: 2 Fichier(s), 2 Dossier(s)
Temporary Internet Files: 9 Fichier(s), 14 Dossier(s)
.
C:\Ad-Remover\Quarantine: 786 Fichier(s)
C:\Ad-Remover\Backup: 15 Fichier(s)
.
C:\Ad-Report-CLEAN[1].txt - 12672 Octet(s)
C:\Ad-Report-SCAN[1].txt - 12631 Octet(s)
.
Fin à: 20:49:03, 22/03/2010
.
============== E.O.F - CLEAN[1] ==============
il m'a demande de redemarrer pour finaliser le nettoyage.j'attends que tu me dise si je le fait tout de suite ou j'attends un peu voila le rapport
.
======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 22/03/10 à 19:30
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:46:40 le 22/03/2010 | Mode normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows 7™ Ultimate - X64
Nom du PC: EMMANUEL-PC | Utilisateur actuel: emmanuel (Administrateur)
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
C:\Program Files (x86)\Automated Content Enhancer
C:\Program Files (x86)\BrowserZinc
C:\Program Files (x86)\Content Management Wizard
C:\Program Files (x86)\Customized Platform Advancer
C:\Program Files (x86)\Internet Today
C:\Program Files (x86)\SweetIM
C:\Program Files (x86)\Textual Content Provider
C:\Program Files (x86)\Web Search Operator
C:\ProgramData\SweetIM
C:\Users\emmanuel\AppData\Local\Customized Platform Advancer
C:\Users\emmanuel\AppData\Local\Internet Today
C:\Users\emmanuel\AppData\LocalLow\Automated Content Enhancer
C:\Users\emmanuel\AppData\LocalLow\SweetIM
C:\Users\emmanuel\AppData\LocalLow\Textual Content Provider
C:\Users\emmanuel\AppData\LocalLow\Web Search Operator
C:\Users\emmanuel\AppData\Roaming\DesktopIcon
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\searchplugins\sweetim.xml
C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\SweetIMToolbarData
(!) -- Fichiers temporaires supprimés.
.
HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\32 Vegas Casino
HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\AppDataLow\Software\Automated Content Enhancer
HKCU\Software\AppDataLow\Software\CMW
HKCU\Software\AppDataLow\Software\Customized Platform Advancer
HKCU\Software\AppDataLow\Software\Media Access Startup
HKCU\Software\AppDataLow\Software\Web Search Operator
HKCU\Software\Automated Content Enhancer
HKCU\Software\Customized Platform Advancer
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\SweetIM
HKLM64\Software\Classes\ExplorerBar.CMW
HKLM64\Software\Classes\ExplorerBar.CMW.1
HKLM64\Software\Classes\ExplorerBar.FunExplorer
HKLM64\Software\Classes\ExplorerBar.FunExplorer.1
HKLM64\Software\Classes\ExplorerBar.FunRedirector
HKLM64\Software\Classes\ExplorerBar.FunRedirector.1
HKLM64\Software\Classes\ExplorerBar.tcp
HKLM64\Software\Classes\ExplorerBar.tcp.1
HKLM64\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
HKLM64\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
HKLM64\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
HKLM64\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM64\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
HKLM64\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
HKLM64\Software\Classes\MediaPlayer.GraphicsUtils
HKLM64\Software\Classes\MediaPlayer.GraphicsUtils.1
HKLM64\Software\Classes\MgMediaPlayer.GifAnimator
HKLM64\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM64\Software\Classes\SWEETIE.IEToolbar
HKLM64\Software\Classes\SWEETIE.IEToolbar.1
HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM64\Software\Classes\Toolbar3.SWEETIE
HKLM64\Software\Classes\Toolbar3.SWEETIE.1
HKLM64\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM64\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM64\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM64\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM64\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM64\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM64\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM64\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM64\Software\Microsoft\Shared Tools\MSConfig\startupreg\Internet Today Task
HKLM64\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847}
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version Impossible d'obtenir la version *
.
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaultenginename: SweetIM Search
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaulturl: hxxp://search.sweetim.com/search.asp?src=2&q=
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.selectedEngine: Google
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&q=
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.search.defaultenginename: Google
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.keyword.URL: chrome://browser-region/locale/region.properties
.
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaultenginename", "SweetIM Search");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.mode.debug", "false");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Google");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.theprizeday.com/today.php|google.fr");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history", "free,kadokado");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history.capacity", "10");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.simapp_id", "{01B126B4-085F-4DEA-8CF7-51496BB221AE}");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.version", "1.0.0.10");
.
* Internet Explorer Version 8.0.7600.16385 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 0
Use Search Asst: no
.
[HKLM64\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
============== SUSPECT(S) ==============
.
C:\Users\emmanuel\AppData\Roaming\uTorrent\O&O DiskRecovery v4.1.1334 Tech Edition multi incl. Keygen.torrent
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\Cacheman7_keygen.exe
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\cachm700.exe
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\FFF.NFO
C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r.zip
C:\Users\emmanuel\Documents\Downloads\Divx 7.2 serial by pa1ze2.rar
C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\FFF.NFO
C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\keygen.exe
.
========================================
.
C:\Users\emmanuel\AppData\Local\Temp: 7 Fichier(s), 248 Dossier(s)
C:\Windows\temp: 11 Fichier(s), 14 Dossier(s)
C:\Users\emmanuel\AppData\Roaming\Microsoft\Windows\Cookies: 2 Fichier(s), 2 Dossier(s)
Temporary Internet Files: 9 Fichier(s), 14 Dossier(s)
.
C:\Ad-Remover\Quarantine: 786 Fichier(s)
C:\Ad-Remover\Backup: 15 Fichier(s)
.
C:\Ad-Report-CLEAN[1].txt - 12672 Octet(s)
C:\Ad-Report-SCAN[1].txt - 12631 Octet(s)
.
Fin à: 20:49:03, 22/03/2010
.
============== E.O.F - CLEAN[1] ==============
redémarre
puis:
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!
[#FF0000]Aide : Comment utiliser MBAM.
puis:
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Une fois l'installation et la mise à jour effectuées :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!
[#FF0000]Aide :
terrien34
22 Mars 2010 22:35:18
re
ca y est le scan est fini.je pense que le rapport t'interesse donc le voilà
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3901
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
22/03/2010 22:28:17
mbam-log-2010-03-22 (22-28-01).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 241312
Temps écoulé: 1 hour(s), 8 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 37
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{1e825264-1715-3526-9373-6a2338335fc1} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de6705cf-7e3c-30d0-9c85-7624ddadd0ea} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\BrowserZinc (Adware.BrowserZinc) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\D (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> No action taken.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1c (Trojan.Downloader) -> No action taken.
C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1e (Trojan.Downloader) -> No action taken.
C:\Users\emmanuel\Downloads\Setup.exe (Adware.Agent) -> No action taken.
C:\Windows\System32\jh86383.dll (Trojan.BHO) -> No action taken.
C:\Windows\SysWOW64\jh86383.dll (Trojan.BHO) -> No action taken.
C:\Users\emmanuel\AppData\Local\Temp\Lld.exe (Trojan.FakeAlert) -> No action taken.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
ca y est le scan est fini.je pense que le rapport t'interesse donc le voilà
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3901
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
22/03/2010 22:28:17
mbam-log-2010-03-22 (22-28-01).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 241312
Temps écoulé: 1 hour(s), 8 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 37
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{1e825264-1715-3526-9373-6a2338335fc1} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de6705cf-7e3c-30d0-9c85-7624ddadd0ea} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\BrowserZinc (Adware.BrowserZinc) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\D (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> No action taken.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1c (Trojan.Downloader) -> No action taken.
C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1e (Trojan.Downloader) -> No action taken.
C:\Users\emmanuel\Downloads\Setup.exe (Adware.Agent) -> No action taken.
C:\Windows\System32\jh86383.dll (Trojan.BHO) -> No action taken.
C:\Windows\SysWOW64\jh86383.dll (Trojan.BHO) -> No action taken.
C:\Users\emmanuel\AppData\Local\Temp\Lld.exe (Trojan.FakeAlert) -> No action taken.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
terrien34
23 Mars 2010 21:35:31
bonsoir,
excuse je me suis tromper de rapport
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3901
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
22/03/2010 22:28:41
mbam-log-2010-03-22 (22-28-41).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 241312
Temps écoulé: 1 hour(s), 8 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 37
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{1e825264-1715-3526-9373-6a2338335fc1} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de6705cf-7e3c-30d0-9c85-7624ddadd0ea} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\BrowserZinc (Adware.BrowserZinc) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1c (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1e (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\emmanuel\Downloads\Setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\jh86383.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\jh86383.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Users\emmanuel\AppData\Local\Temp\Lld.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
excuse je me suis tromper de rapport
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3901
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
22/03/2010 22:28:41
mbam-log-2010-03-22 (22-28-41).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 241312
Temps écoulé: 1 hour(s), 8 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 37
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{1e825264-1715-3526-9373-6a2338335fc1} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de6705cf-7e3c-30d0-9c85-7624ddadd0ea} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\BrowserZinc (Adware.BrowserZinc) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1c (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1e (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\emmanuel\Downloads\Setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\jh86383.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\jh86383.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Users\emmanuel\AppData\Local\Temp\Lld.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
terrien34
23 Mars 2010 22:04:42
re
ca a l'air d'aller beaucoup mieux en tout cas il n'y a plus toutes ces pages qui s'ouvraient lorsque j'allais sur un site j'ai quand meme l'impression que mac afee c'est une passoire,enfin voila le rapport dds
DDS (Ver_10-03-17.01) - NTFSX64
Run by emmanuel at 21:58:43,19 on 23/03/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3071.1926 [GMT 1:00]
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files (x86)\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\emmanuel\Desktop\dds.scr
C:\Windows\system32\conhost.exe
============== Pseudo HJT Report ===============
uWindow Title =
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = local
mSearchAssistant = hxxp://www.ask.com/web?q={searchTerms}&o=14482&l=dis
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
mURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
BHO: Google Plus: {01677b4b-0610-4814-94a0-5f570dd7a88f} - c:\progra~2\google~1\17GOOG~1.DLL
BHO: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~2\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files (x86)\real\realplayer\rpbrowserrecordplugin.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\mcafee\virusscan\scriptsn.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [<NO NAME>]
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"
mRun: [mcagent_exe] "c:\program files (x86)\mcafee.com\agent\mcagent.exe" /runkey
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files (x86)\google\gmail notifier\gnotify.exe
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [Google Quick Search Box] "c:\program files (x86)\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [SweetIM] c:\program files (x86)\sweetim\messenger\SweetIM.exe
mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: ????3?? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetUrl.htm
IE: ????3?????? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
Trusted Zone: kuaiche.com\software
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files (x86)\pixiepack codec pack\InstallerHelper.exe
{27B4851A-3207-45A2-B947-BE8AFE6163AB}
{7DB2D5A0-7241-4E79-B68D-6309F01C5231}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {0FC85F5D-6207-4515-A490-45A549D285C0} - No File
================= FIREFOX ===================
FF - ProfilePath - c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.fr
FF - component: c:\program files (x86)\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files (x86)\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files (x86)\google\google updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-12-19 308296]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/01 01:45:01];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-5-7 146928]
R2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-10-7 191000]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe [2009-12-23 110312]
R2 McProxy;McAfee Proxy Service;c:\progra~2\common~1\mcafee\mcproxy\mcproxy.exe [2009-12-19 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-12-19 155456]
R2 TeamViewer4;TeamViewer 4;c:\program files (x86)\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 185640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-12-17 1394504]
R2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\rapidsolution\tunebite 7\vcdwriter\64\VCDAudioService.exe [2009-12-10 148848]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x64.sys [2009-10-13 61440]
R3 lvpepf64;Volume Adapter;c:\windows\system32\drivers\lv302a64.sys [2009-12-20 15896]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\drivers\lvrs64.sys [2009-12-20 327576]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-19 102472]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB64.sys [2009-6-10 1627520]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\drivers\rsvcdwdr.sys [2009-12-10 29216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S2 gupdate;Service Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-12-19 133104]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-19 40904]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-19 49480]
S3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2009-10-6 25088]
S3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2009-10-6 18944]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-24 31800]
S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
S4 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe [2009-12-19 606736]
=============== Created Last 30 ================
2010-03-22 20:16:14 0 d-----w- c:\users\emmanuel\appdata\roaming\Malwarebytes
2010-03-22 20:16:09 0 d-----w- c:\programdata\Malwarebytes
2010-03-22 20:16:08 22104 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-22 20:16:08 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-03-22 19:27:05 0 d-----w- C:\Ad-Remover
2010-03-21 09:17:04 160768 ----a-w- c:\windows\Ldegub.exe
2010-03-20 22:27:06 160768 ----a-w- c:\windows\Ldegua.exe
2010-03-20 22:02:39 0 d-----w- c:\programdata\DivX
2010-03-19 18:31:17 0 d-----w- c:\program files (x86)\Zattoo4
2010-03-14 15:30:51 0 d-----w- c:\users\emmanuel\appdata\roaming\QuickScan
2010-03-13 21:21:06 315904 ----a-w- c:\windows\syswow64\Difx6382.rra
2010-03-08 17:59:18 94208 ----a-w- c:\windows\syswow64\dpl100.dll
2010-03-08 16:56:43 0 d-----w- c:\program files (x86)\Conduit
2010-03-08 16:56:42 0 d-----w- c:\program files (x86)\Radio_Bar_1
2010-03-02 18:16:04 353592 ----a-w- c:\windows\syswow64\DivXControlPanelApplet.cpl
==================== Find3M ====================
2010-03-22 22:05:11 798232 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-22 22:05:11 168096 ----a-w- c:\windows\system32\perfc00C.dat
2010-02-23 21:34:06 53248 ----a-w- c:\windows\syswow64\CSVer.dll
2010-02-19 19:27:36 720384 ----a-w- c:\windows\syswow64\DivX.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx0c.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx07.dll
2010-02-19 19:27:16 847872 ----a-w- c:\windows\syswow64\divx_xx0a.dll
2010-02-19 19:27:16 843776 ----a-w- c:\windows\syswow64\divx_xx16.dll
2010-02-19 19:27:16 839680 ----a-w- c:\windows\syswow64\divx_xx11.dll
2010-02-02 08:36:47 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-02 07:45:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-01-30 22:27:42 2183680 ----a-w- c:\windows\syswow64\libvlccore.dll
2010-01-30 22:27:42 114176 ----a-w- c:\windows\syswow64\libvlc.dll
2010-01-27 15:58:38 115312 ----a-w- c:\windows\system32\drivers\jraid.sys
2010-01-19 09:28:44 1976944 ----a-w- c:\windows\syswow64\xRaidSetup.exe
2010-01-19 09:28:22 158320 ----a-w- c:\windows\syswow64\xRaidAPI.dll
2010-01-19 09:05:57 424960 ----a-w- c:\windows\system32\secproc.dll
2010-01-19 09:05:57 422912 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-19 09:00:44 305152 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-19 09:00:43 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-19 09:00:37 356352 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-19 09:00:37 306688 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp_isv.dll
2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp.dll
2010-01-18 23:29:31 365568 ----a-w- c:\windows\syswow64\secproc_isv.dll
2010-01-18 23:29:30 369152 ----a-w- c:\windows\syswow64\secproc.dll
2010-01-18 23:28:33 324608 ----a-w- c:\windows\syswow64\RMActivate_isv.exe
2010-01-18 23:28:33 277504 ----a-w- c:\windows\syswow64\RMActivate_ssp_isv.exe
2010-01-18 23:28:30 320512 ----a-w- c:\windows\syswow64\RMActivate.exe
2010-01-18 23:28:30 280064 ----a-w- c:\windows\syswow64\RMActivate_ssp.exe
2010-01-11 22:19:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-01-11 22:19:00 14822504 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-11 22:19:00 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-11 22:19:00 1037416 ----a-w- c:\windows\system32\nvsvc64.dll
2010-01-11 07:12:38 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 21:58:58,14 ===============
ca a l'air d'aller beaucoup mieux en tout cas il n'y a plus toutes ces pages qui s'ouvraient lorsque j'allais sur un site j'ai quand meme l'impression que mac afee c'est une passoire,enfin voila le rapport dds
DDS (Ver_10-03-17.01) - NTFSX64
Run by emmanuel at 21:58:43,19 on 23/03/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3071.1926 [GMT 1:00]
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files (x86)\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\emmanuel\Desktop\dds.scr
C:\Windows\system32\conhost.exe
============== Pseudo HJT Report ===============
uWindow Title =
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = local
mSearchAssistant = hxxp://www.ask.com/web?q={searchTerms}&o=14482&l=dis
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
mURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
BHO: Google Plus: {01677b4b-0610-4814-94a0-5f570dd7a88f} - c:\progra~2\google~1\17GOOG~1.DLL
BHO: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~2\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files (x86)\real\realplayer\rpbrowserrecordplugin.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\mcafee\virusscan\scriptsn.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [<NO NAME>]
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"
mRun: [mcagent_exe] "c:\program files (x86)\mcafee.com\agent\mcagent.exe" /runkey
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files (x86)\google\gmail notifier\gnotify.exe
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [Google Quick Search Box] "c:\program files (x86)\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [SweetIM] c:\program files (x86)\sweetim\messenger\SweetIM.exe
mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: ????3?? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetUrl.htm
IE: ????3?????? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
Trusted Zone: kuaiche.com\software
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files (x86)\pixiepack codec pack\InstallerHelper.exe
{27B4851A-3207-45A2-B947-BE8AFE6163AB}
{7DB2D5A0-7241-4E79-B68D-6309F01C5231}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {0FC85F5D-6207-4515-A490-45A549D285C0} - No File
================= FIREFOX ===================
FF - ProfilePath - c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.fr
FF - component: c:\program files (x86)\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files (x86)\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files (x86)\google\google updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-12-19 308296]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/01 01:45:01];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-5-7 146928]
R2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-10-7 191000]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe [2009-12-23 110312]
R2 McProxy;McAfee Proxy Service;c:\progra~2\common~1\mcafee\mcproxy\mcproxy.exe [2009-12-19 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-12-19 155456]
R2 TeamViewer4;TeamViewer 4;c:\program files (x86)\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 185640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-12-17 1394504]
R2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\rapidsolution\tunebite 7\vcdwriter\64\VCDAudioService.exe [2009-12-10 148848]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x64.sys [2009-10-13 61440]
R3 lvpepf64;Volume Adapter;c:\windows\system32\drivers\lv302a64.sys [2009-12-20 15896]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\drivers\lvrs64.sys [2009-12-20 327576]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-19 102472]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB64.sys [2009-6-10 1627520]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\drivers\rsvcdwdr.sys [2009-12-10 29216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S2 gupdate;Service Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-12-19 133104]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-19 40904]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-19 49480]
S3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2009-10-6 25088]
S3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2009-10-6 18944]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-24 31800]
S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
S4 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe [2009-12-19 606736]
=============== Created Last 30 ================
2010-03-22 20:16:14 0 d-----w- c:\users\emmanuel\appdata\roaming\Malwarebytes
2010-03-22 20:16:09 0 d-----w- c:\programdata\Malwarebytes
2010-03-22 20:16:08 22104 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-22 20:16:08 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-03-22 19:27:05 0 d-----w- C:\Ad-Remover
2010-03-21 09:17:04 160768 ----a-w- c:\windows\Ldegub.exe
2010-03-20 22:27:06 160768 ----a-w- c:\windows\Ldegua.exe
2010-03-20 22:02:39 0 d-----w- c:\programdata\DivX
2010-03-19 18:31:17 0 d-----w- c:\program files (x86)\Zattoo4
2010-03-14 15:30:51 0 d-----w- c:\users\emmanuel\appdata\roaming\QuickScan
2010-03-13 21:21:06 315904 ----a-w- c:\windows\syswow64\Difx6382.rra
2010-03-08 17:59:18 94208 ----a-w- c:\windows\syswow64\dpl100.dll
2010-03-08 16:56:43 0 d-----w- c:\program files (x86)\Conduit
2010-03-08 16:56:42 0 d-----w- c:\program files (x86)\Radio_Bar_1
2010-03-02 18:16:04 353592 ----a-w- c:\windows\syswow64\DivXControlPanelApplet.cpl
==================== Find3M ====================
2010-03-22 22:05:11 798232 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-22 22:05:11 168096 ----a-w- c:\windows\system32\perfc00C.dat
2010-02-23 21:34:06 53248 ----a-w- c:\windows\syswow64\CSVer.dll
2010-02-19 19:27:36 720384 ----a-w- c:\windows\syswow64\DivX.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx0c.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx07.dll
2010-02-19 19:27:16 847872 ----a-w- c:\windows\syswow64\divx_xx0a.dll
2010-02-19 19:27:16 843776 ----a-w- c:\windows\syswow64\divx_xx16.dll
2010-02-19 19:27:16 839680 ----a-w- c:\windows\syswow64\divx_xx11.dll
2010-02-02 08:36:47 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-02 07:45:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-01-30 22:27:42 2183680 ----a-w- c:\windows\syswow64\libvlccore.dll
2010-01-30 22:27:42 114176 ----a-w- c:\windows\syswow64\libvlc.dll
2010-01-27 15:58:38 115312 ----a-w- c:\windows\system32\drivers\jraid.sys
2010-01-19 09:28:44 1976944 ----a-w- c:\windows\syswow64\xRaidSetup.exe
2010-01-19 09:28:22 158320 ----a-w- c:\windows\syswow64\xRaidAPI.dll
2010-01-19 09:05:57 424960 ----a-w- c:\windows\system32\secproc.dll
2010-01-19 09:05:57 422912 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-19 09:00:44 305152 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-19 09:00:43 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-19 09:00:37 356352 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-19 09:00:37 306688 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp_isv.dll
2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp.dll
2010-01-18 23:29:31 365568 ----a-w- c:\windows\syswow64\secproc_isv.dll
2010-01-18 23:29:30 369152 ----a-w- c:\windows\syswow64\secproc.dll
2010-01-18 23:28:33 324608 ----a-w- c:\windows\syswow64\RMActivate_isv.exe
2010-01-18 23:28:33 277504 ----a-w- c:\windows\syswow64\RMActivate_ssp_isv.exe
2010-01-18 23:28:30 320512 ----a-w- c:\windows\syswow64\RMActivate.exe
2010-01-18 23:28:30 280064 ----a-w- c:\windows\syswow64\RMActivate_ssp.exe
2010-01-11 22:19:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-01-11 22:19:00 14822504 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-11 22:19:00 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-11 22:19:00 1037416 ----a-w- c:\windows\system32\nvsvc64.dll
2010-01-11 07:12:38 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 21:58:58,14 ===============
re
il reste des bricoles...
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
il reste des bricoles...
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
terrien34
23 Mars 2010 22:19:30
re
voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:17:35, on 23/03/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14482&l=dis
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
O2 - BHO: Google Plus - {01677B4B-0610-4814-94A0-5F570DD7A88F} - C:\PROGRA~2\GOOGLE~1\17GOOG~1.DLL
O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.vexcast.com/download/vexcast.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Virtual CDAudio Service - RapidSolution Software AG - C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12327 bytes
voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:17:35, on 23/03/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14482&l=dis
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
O2 - BHO: Google Plus - {01677B4B-0610-4814-94A0-5F570DD7A88F} - C:\PROGRA~2\GOOGLE~1\17GOOG~1.DLL
O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.vexcast.com/download/vexcast.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Virtual CDAudio Service - RapidSolution Software AG - C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12327 bytes
re
tu vas tout finir manuellement
désinstalle SweetIM via ajouts/suppressions de programmes si toujours présent (je suis presque sûr qu'il n'est plus là)
~Lance Hijackthis comme suit:
clic-droit sur Hijackthis.exe et choisir "Exécuter en tant qu'administrateur" puis:
Do a system scan only.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
Clique sur Fix checked (en bas à gauche)
+++++++++++++++++++++++
Supprime tous les programmes installés pour la désinfection.
Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.
![]()
Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.
Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.
~Edite ton premier message et marque [résolu] dans le titre.
Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.
tu vas tout finir manuellement

désinstalle SweetIM via ajouts/suppressions de programmes si toujours présent (je suis presque sûr qu'il n'est plus là)
~Lance Hijackthis comme suit:
clic-droit sur Hijackthis.exe et choisir "Exécuter en tant qu'administrateur" puis:
Do a system scan only.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
Clique sur Fix checked (en bas à gauche)
+++++++++++++++++++++++
Supprime tous les programmes installés pour la désinfection.
Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.

Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.
Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.
~Edite ton premier message et marque [résolu] dans le titre.
Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

terrien34
24 Mars 2010 07:13:28
re
ça doit être l'UAC, comme sur vista
il faut que tu désactives l'UAC, tu fais les fix puis tu réactives l'UAC
tuto:
http://www.commentcamarche.net/faq/17943-desactiver-con...
ça doit être l'UAC, comme sur vista
il faut que tu désactives l'UAC, tu fais les fix puis tu réactives l'UAC
tuto:
http://www.commentcamarche.net/faq/17943-desactiver-con...
terrien34
24 Mars 2010 19:57:58
terrien34
25 Mars 2010 22:23:28
Contenus similaires
- Résolu[Résolu] Ouverture de pages de pubs intempestives Forum
- RésoluProblème fenêtres pop-up intempestives (+ HijackThis) [résolu] Forum
- RésoluVirus/Publicité intempestive sur navigateurs (chrome/firefox) Forum
- Probleme de fenetre de publicité intempestives Forum
- Publicité Intempestives autant sous Firefox que sous IE... Forum
- [RESOLU] Publicités intempestives avec AVG pc tune up qui s'ouvrent. Forum
- Voir plus