Se connecter / S'enregistrer
Votre question

Nouveau virus

Tags :
  • software
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Juillet 2009 19:45:03

bonjour, je crois que j'ai des virus sur cet ordinateur, et même, je crois que j'ai encore plus de problèmes que je ne le pense... merci d'avance de m'aider! T.T

Mon HijackThis ;) 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:44:49, on 20/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
D:\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\documents and settings\anne\local settings\application data\wcqksqg.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Wisdom-soft toolbar - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
R3 - URLSearchHook: Dailymotion Toolbar - {db8954f5-f2af-4701-b43c-64ab2ea5ca61} - C:\Program Files\Dailymotion\tbDail.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Wisdom-soft toolbar - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Dailymotion Toolbar - {db8954f5-f2af-4701-b43c-64ab2ea5ca61} - C:\Program Files\Dailymotion\tbDail.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Wisdom-soft toolbar - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll
O3 - Toolbar: Dailymotion Toolbar - {db8954f5-f2af-4701-b43c-64ab2ea5ca61} - C:\Program Files\Dailymotion\tbDail.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Regscan] C:\WINDOWS\system32\regscan.exe
O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [wcqksqg] "c:\documents and settings\anne\local settings\application data\wcqksqg.exe" wcqksqg
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: Append to existing PDF - res://D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 13763 bytes

Autres pages sur : nouveau virus

a c 267 8 Sécurité
20 Juillet 2009 19:47:13

Bonjour,

Tu as plusieurs infections.

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
  • Double-clique sur le raccourci d'Ad-Remover situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option S.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-SCAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    21 Juillet 2009 20:23:46

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
    .
    Mit à jour par C_XX le 24/06/2009 à 7:10 PM
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 20:01:50, 21/07/2009 | Mode Normal | Option: SCAN
    Exécuté de: C:\Program Files\Ad-remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
    Nom du PC: ANNE-PORTABLE | Utilisateur actuel: Anne
    .
    Administrateur: Administrateur
    Administrateur: Anne
    N'est pas administrateur: HelpAssistant *Desactive*
    N'est pas administrateur: Invité *Desactive*
    N'est pas administrateur: SUPPORT_388945a0 *Desactive*
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .
    Service: "MyWebSearchService"
    .
    HKCR\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
    HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
    HKCR\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3}
    HKCR\FunWebProducts.DataControl
    HKCR\FunWebProducts.DataControl
    HKCR\FunWebProducts.DataControl.1
    HKCR\FunWebProducts.DataControl.1
    HKCR\FunWebProducts.HistoryKillerScheduler
    HKCR\FunWebProducts.HistoryKillerScheduler
    HKCR\FunWebProducts.HistoryKillerScheduler.1
    HKCR\FunWebProducts.HistoryKillerScheduler.1
    HKCR\FunWebProducts.HistorySwatterControlBar
    HKCR\FunWebProducts.HistorySwatterControlBar
    HKCR\FunWebProducts.HistorySwatterControlBar.1
    HKCR\FunWebProducts.HistorySwatterControlBar.1
    HKCR\FunWebProducts.HTMLMenu
    HKCR\FunWebProducts.HTMLMenu
    HKCR\FunWebProducts.HTMLMenu.1
    HKCR\FunWebProducts.HTMLMenu.1
    HKCR\FunWebProducts.HTMLMenu.2
    HKCR\FunWebProducts.HTMLMenu.2
    HKCR\FunWebProducts.IECookiesManager
    HKCR\FunWebProducts.IECookiesManager
    HKCR\FunWebProducts.IECookiesManager.1
    HKCR\FunWebProducts.IECookiesManager.1
    HKCR\FunWebProducts.KillerObjManager
    HKCR\FunWebProducts.KillerObjManager
    HKCR\FunWebProducts.KillerObjManager.1
    HKCR\FunWebProducts.KillerObjManager.1
    HKCR\FunWebProducts.PopSwatterBarButton
    HKCR\FunWebProducts.PopSwatterBarButton
    HKCR\FunWebProducts.PopSwatterBarButton.1
    HKCR\FunWebProducts.PopSwatterBarButton.1
    HKCR\FunWebProducts.PopSwatterSettingsControl
    HKCR\FunWebProducts.PopSwatterSettingsControl
    HKCR\FunWebProducts.PopSwatterSettingsControl.1
    HKCR\FunWebProducts.PopSwatterSettingsControl.1
    HKCR\Interface\{1093995a-ba37-41d2-836e-091067c4ad17}
    HKCR\Interface\{120927bf-1700-43bc-810f-fab92549b390}
    HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
    HKCR\Interface\{1f52a5fa-a705-4415-b975-88503b291728}
    HKCR\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a}
    HKCR\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}
    HKCR\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}
    HKCR\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}
    HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
    HKCR\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}
    HKCR\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}
    HKCR\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8}
    HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244f69}
    HKCR\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}
    HKCR\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}
    HKCR\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}
    HKCR\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1}
    HKCR\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}
    HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}
    HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}
    HKCR\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}
    HKCR\MyWebSearch.ChatSessionPlugin
    HKCR\MyWebSearch.ChatSessionPlugin.1
    HKCR\MyWebSearch.HTMLPanel
    HKCR\MyWebSearch.HTMLPanel.1
    HKCR\MyWebSearch.OutlookAddin
    HKCR\MyWebSearch.OutlookAddin.1
    HKCR\MyWebSearch.PseudoTransparentPlugin
    HKCR\MyWebSearch.PseudoTransparentPlugin.1
    HKCR\MyWebSearchToolBar.SettingsPlugin
    HKCR\MyWebSearchToolBar.SettingsPlugin.1
    HKCR\MyWebSearchToolBar.ToolbarPlugin
    HKCR\MyWebSearchToolBar.ToolbarPlugin.1
    HKCR\screensavercontrol.screensaverinstaller
    HKCR\screensavercontrol.screensaverinstaller
    HKCR\screensavercontrol.screensaverinstaller.1
    HKCR\screensavercontrol.screensaverinstaller.1
    HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
    HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
    HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
    HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
    HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
    HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
    HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
    HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
    HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
    HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
    HKCU\Software\Fun Web Products
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
    HKCU\Software\MyWebSearch
    HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
    HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
    HKLM\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
    HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
    HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
    HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
    HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
    HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
    HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
    HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
    HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
    HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
    HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
    HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
    HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
    HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
    HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
    HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
    HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
    HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
    HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
    HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
    HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
    HKLM\Software\Classes\FunWebProducts.DataControl
    HKLM\Software\Classes\FunWebProducts.DataControl.1
    HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler
    HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1
    HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar
    HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1
    HKLM\Software\Classes\FunWebProducts.HTMLMenu
    HKLM\Software\Classes\FunWebProducts.HTMLMenu.1
    HKLM\Software\Classes\FunWebProducts.HTMLMenu.2
    HKLM\Software\Classes\FunWebProducts.IECookiesManager
    HKLM\Software\Classes\FunWebProducts.IECookiesManager.1
    HKLM\Software\Classes\FunWebProducts.KillerObjManager
    HKLM\Software\Classes\FunWebProducts.KillerObjManager.1
    HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton
    HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1
    HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl
    HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1
    HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
    HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
    HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
    HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
    HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
    HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
    HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
    HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
    HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
    HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
    HKLM\Software\Classes\screensavercontrol.screensaverinstaller
    HKLM\Software\Classes\screensavercontrol.screensaverinstaller.1
    HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
    HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
    HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
    HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
    HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
    HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
    HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
    HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
    HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
    HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
    HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
    HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
    HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
    HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
    HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
    HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
    HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
    HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
    HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
    HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
    HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
    HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
    HKLM\Software\FocusInteractive
    HKLM\Software\Fun Web Products
    HKLM\Software\FunWebProducts
    HKLM\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
    HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
    HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
    HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
    HKLM\Software\MyWebSearch
    HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
    HKLM\SYSTEM\ControlSet002\Services\MyWebSearchService
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
    HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService
    HKU\S-1-5-21-220523388-1972579041-725345543-1003\Software\Microsoft\Internet Explorer\Searchscopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\\FunWebProducts
    HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources\\F3PopularScreenSavers
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Plugin
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44CF-8957-5838F569A31D}
    .
    C:\Program Files\FunWebProducts
    C:\Program Files\MyWebSearch
    C:\WINDOWS\System32\f3PSSavr.scr
    C:\Program Files\Internet Explorer\msimg32.dll
    C:\WINDOWS\Prefetch\MWSOEMON.EXE-0250F76E.pf
    C:\WINDOWS\Prefetch\MWSSVC.EXE-2CC2B7A9.pf
    C:\DOCUME~1\Anne\Cookies\anne@search.conduit[2].txt
    C:\DOCUME~1\Anne\Cookies\anne@mywebsearch[2].txt
    .
    ============== Scan additionnel ==============
    .

    * Mozilla FireFox Version 3.5.1 *

    Nom du profil: uv3h3peb.default (Anne)
    .
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.1");
    .
    .

    * Internet Explorer Version 6.0.2900.2180 *

    [HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Search bar: hxxp://www.google.com/ie
    Search Page: hxxp://www.google.com
    Start Page: hxxp://www.google.fr/

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.google.com/ie
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]


    ============== Suspect (Cracks, Serials ... ) ==============

    .
    .
    ===================================
    .
    15879 Octet(s) - C:\Ad-Report-SCAN.log
    .
    10510 Fichier(s) - C:\DOCUME~1\Anne\LOCALS~1\Temp
    98 Fichier(s) - C:\WINDOWS\Temp
    .
    0 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
    0 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
    .
    Fin à: 20:19:54 | 21/07/2009
    .
    ============== E.O.F ==============
    .
    a c 267 8 Sécurité
    21 Juillet 2009 20:27:45

    Tu peux faire l'option L et poster le rapport.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS