Il y a actuellement 144 visiteurs
Mardi 19 Mars 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

Rapport Hijackthis a Verifier

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

Rapport Hijackthis a Verifier

Message le 06 Juil 2009 18:43

Bonjour , suite a un taux relativement bas de telechargement et apres avoir suivi a la lettre le tutorial sur le nettoyage du pc et apres avoir fait une analyse hijacktis je poste le log , pour verifier si il n'y a rien qui cloche :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:29:14, on 06/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:hpsupporthpsysdrv.exe
C:Program Files (x86)Javajre6injusched.exe
C:Program Files (x86)HPHP Software UpdatehpwuSchd2.exe
C:Program Files (x86)OrangeHSSSystraySystrayApp.exe
C:Program Files (x86)iTunesiTunesHelper.exe
C:Program Files (x86)AviraAntiVir Desktopavgnt.exe
C:Program Files (x86)Kiwee Toolbar2.8.167kwtbaim.exe
C:PROGRA~2COMMON~1France TelecomShared ModulesAlertModuleAlertModule.exe
C:Program Files (x86)Internet Download ManagerIEMonitor.exe
C:hpkbdkbd.exe
C:WindowsSysWOW64conime.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:Program Files (x86)Internet Download ManagerIDMan.exe
C:UsersJoeyDesktoplangHiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.cherche.us
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.cherche.us
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.cherche.us
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.cherche.us
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.cherche.us
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://www.cherche.us
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64lank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:Program Files (x86)AGIcommonagcutils.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllshoCATCH.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:Program Files (x86)AskBarDisarinaskBar.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:Program Files (x86)PHPNukeFR bPHP1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:Program Files (x86)Kiwee Toolbar2.8.167KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program Files (x86)AOLAOL Toolbar 5.0aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:Program Files (x86)Free Download Manageriefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6injp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:Program Files (x86)free-downloads.net bfree.dll
O2 - BHO: ExcellentAdDisplay - {F31C8969-83E7-A513-2E11-CB6D1837C2CB} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program Files (x86)AOLAOL Toolbar 5.0aoltb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:Program Files (x86)AskBarDisarinaskBar.dll
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:Program Files (x86)PHPNukeFR bPHP1.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:Program Files (x86)free-downloads.net bfree.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:Program Files (x86)Kiwee Toolbar2.8.167KiweeIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program Files (x86)Windows LiveToolbarwltcore.dll
O4 - HKLM..Run: [hpsysdrv] c:hpsupporthpsysdrv.exe
O4 - HKLM..Run: [KBD] C:HPKBDKbdStub.EXE
O4 - HKLM..Run: [HP Health Check Scheduler] c:Program Files (x86)Hewlett-PackardHP Health CheckHPHC_Scheduler.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program Files (x86)Javajre6injusched.exe"
O4 - HKLM..Run: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [SystrayORAHSS] "C:Program Files (x86)OrangeHSSSystraySystrayApp.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"
O4 - HKLM..Run: [avgnt] "C:Program Files (x86)AviraAntiVir Desktopavgnt.exe" /min
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [KiweeHook] "C:Program Files (x86)Kiwee Toolbar2.8.167kwtbaim.exe"
O4 - HKLM..Run: [DT HPW] "C:Program Files (x86)Portrait DisplaysHP My DisplayDTHtml.exe" -startup_folder
O4 - HKLM..RunOnce: [SpybotDeletingA3948] command.com /c del "C:PROGRA~2MYWEBS~1ar1.binmwsoemon.exe_old"
O4 - HKLM..RunOnce: [SpybotDeletingC7680] cmd.exe /c del "C:PROGRA~2MYWEBS~1ar1.binmwsoemon.exe_old"
O4 - HKLM..RunOnce: [SpybotDeletingA2785] command.com /c del "C:PROGRA~2MYWEBS~1ar1.binm3SrchMn.exe_old"
O4 - HKLM..RunOnce: [SpybotDeletingC857] cmd.exe /c del "C:PROGRA~2MYWEBS~1ar1.binm3SrchMn.exe_old"
O4 - HKLM..RunOnce: [SpybotDeletingA5927] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSOESTB.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingC2695] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSOESTB.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingA416] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3SRCHMN.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingC5675] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3SRCHMN.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingA1682] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSBAR.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingC2301] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSBAR.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingA2741] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3DTACTL.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC2399] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3DTACTL.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA8674] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3OUTLCN.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC7699] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3OUTLCN.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA9452] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3HTML.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC7208] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3HTML.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA1112] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3SKIN.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC4122] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3SKIN.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA2165] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3SCRCTR.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC5800] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3SCRCTR.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA5627] command.com /c del "C:Program Files (x86)MyWebSearcharAvatarCOMMON.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC8063] cmd.exe /c del "C:Program Files (x86)MyWebSearcharAvatarCOMMON.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA7318] command.com /c del "C:Program Files (x86)MyWebSearcharGameCHECKERS.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC6572] cmd.exe /c del "C:Program Files (x86)MyWebSearcharGameCHECKERS.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA3710] command.com /c del "C:Program Files (x86)MyWebSearcharGameCHESS.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC9859] cmd.exe /c del "C:Program Files (x86)MyWebSearcharGameCHESS.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA8692] command.com /c del "C:Program Files (x86)MyWebSearcharGameREVERSI.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC793] cmd.exe /c del "C:Program Files (x86)MyWebSearcharGameREVERSI.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA3373] command.com /c del "C:Program Files (x86)MyWebSearcharMessageCOMMON.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC3372] cmd.exe /c del "C:Program Files (x86)MyWebSearcharMessageCOMMON.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA6045] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierCOMMON.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC5736] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierCOMMON.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA6373] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierDOG.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC2007] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierDOG.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA4845] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierFISH.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC3825] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierFISH.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA8641] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierKUNGFU.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC8881] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierKUNGFU.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA7900] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierLIFEGARD.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC3450] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierLIFEGARD.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA792] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierMAID.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC7860] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierMAID.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA8621] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierMAILBOX.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC9118] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierMAILBOX.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA2949] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierOPERA.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC6466] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierOPERA.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA8761] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierROBOT.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC6521] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierROBOT.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA1543] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierSEDUCT.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC5175] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierSEDUCT.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA4977] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierSURFER.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingC3290] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierSURFER.F3S"
O4 - HKLM..RunOnce: [SpybotDeletingA7815] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3WALLPP.DAT"
O4 - HKLM..RunOnce: [SpybotDeletingC4741] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3WALLPP.DAT"
O4 - HKLM..RunOnce: [SpybotDeletingA351] command.com /c del "C:Program Files (x86)MyWebSearcharSettingss_pid.dat"
O4 - HKLM..RunOnce: [SpybotDeletingC5134] cmd.exe /c del "C:Program Files (x86)MyWebSearcharSettingss_pid.dat"
O4 - HKLM..RunOnce: [SpybotDeletingA4667] command.com /c del "C:Program Files (x86)MyWebSearchariconsCM.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingC7546] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsCM.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingA9682] command.com /c del "C:Program Files (x86)MyWebSearchariconsMFC.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingC1208] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsMFC.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingA3235] command.com /c del "C:Program Files (x86)MyWebSearchariconsPSS.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingC6789] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsPSS.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingA9181] command.com /c del "C:Program Files (x86)MyWebSearchariconsSMILEY.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingC6717] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsSMILEY.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingA6349] command.com /c del "C:Program Files (x86)MyWebSearchariconsWB.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingC6499] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsWB.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingA9099] command.com /c del "C:Program Files (x86)MyWebSearchariconsWINKY.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingC4889] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsWINKY.ICO"
O4 - HKLM..RunOnce: [SpybotDeletingA5504] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3FFXTBR.JAR"
O4 - HKLM..RunOnce: [SpybotDeletingC3111] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3FFXTBR.JAR"
O4 - HKLM..RunOnce: [SpybotDeletingA5882] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3NTSTBR.JAR"
O4 - HKLM..RunOnce: [SpybotDeletingC4042] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3NTSTBR.JAR"
O4 - HKLM..RunOnce: [SpybotDeletingA7115] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3HKSTUB.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingC9524] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3HKSTUB.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingA7480] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3REGHK.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC3064] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3REGHK.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA3176] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3HIGHIN.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingC9765] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3HIGHIN.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingA1325] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3IDLE.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC1424] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3IDLE.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA2452] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3IMPIPE.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingC4728] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3IMPIPE.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingA7598] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3MEDINT.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingC6483] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3MEDINT.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingA1383] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3MSG.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC9769] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3MSG.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA2918] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3PLUGIN.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingC2175] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3PLUGIN.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingA2407] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3SKPLAY.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingC9007] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3SKPLAY.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingA9776] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3SLSRCH.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingC2324] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3SLSRCH.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingA5194] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSOEMON.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingC426] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSOEMON.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingA9562] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSOEPLG.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC304] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSOEPLG.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA3595] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSSRCAS.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC8679] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSSRCAS.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA9357] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSSVC.EXE_old"
O4 - HKLM..RunOnce: [SpybotDeletingC7386] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSSVC.EXE_old"
O4 - HKLM..RunOnce: [SpybotDeletingA6496] command.com /c del "C:Program Files (x86)MyWebSearchar1.binNPMYWEBS.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC4969] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binNPMYWEBS.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA8243] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3CJPEG.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC5249] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3CJPEG.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA6698] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3HISTSW.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC6692] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3HISTSW.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA1078] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3HTMLMU.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingC201] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3HTMLMU.DLL_old"
O4 - HKLM..RunOnce: [SpybotDeletingA4855] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3HTTPCT.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC4838] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3HTTPCT.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA5834] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3POPSWT.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC6443] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3POPSWT.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA7174] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3PSSAVR.SCR"
O4 - HKLM..RunOnce: [SpybotDeletingC6606] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3PSSAVR.SCR"
O4 - HKLM..RunOnce: [SpybotDeletingA8778] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3REPROX.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC4280] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3REPROX.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA5148] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3RESTUB.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC7524] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3RESTUB.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingA1530] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3SCHMON.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingC9101] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3SCHMON.EXE"
O4 - HKLM..RunOnce: [SpybotDeletingA3978] command.com /c del "C:Program Files (x86)Mozilla FirefoxpluginsNPMyWebS.dll_old"
O4 - HKLM..RunOnce: [SpybotDeletingC8799] cmd.exe /c del "C:Program Files (x86)Mozilla FirefoxpluginsNPMyWebS.dll_old"
O4 - HKLM..RunOnce: [SpybotDeletingA7490] command.com /c del "C:PROGRA~2MYWEBS~1ar1.binM3PLUGIN.DLL"
O4 - HKLM..RunOnce: [SpybotDeletingC2316] cmd.exe /c del "C:PROGRA~2MYWEBS~1ar1.binM3PLUGIN.DLL"
O4 - HKLM..RunOnce: [SpybotSnD] "C:Program Files (x86)Spybot - Search & DestroySpybotSD.exe" /autocheck
O4 - HKCU..Run: [HPADVISOR] C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe autorun=AUTORUN
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [VoipDiscount] "C:Program Files (x86)VoipDiscount.comVoipDiscountVoipDiscount.exe" -nosplash -minimized
O4 - HKCU..Run: [IDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot
O4 - HKCU..RunOnce: [SpybotDeletingB4247] command.com /c del "C:PROGRA~2MYWEBS~1ar1.binmwsoemon.exe_old"
O4 - HKCU..RunOnce: [SpybotDeletingD4109] cmd.exe /c del "C:PROGRA~2MYWEBS~1ar1.binmwsoemon.exe_old"
O4 - HKCU..RunOnce: [SpybotDeletingB3957] command.com /c del "C:PROGRA~2MYWEBS~1ar1.binm3SrchMn.exe_old"
O4 - HKCU..RunOnce: [SpybotDeletingD8145] cmd.exe /c del "C:PROGRA~2MYWEBS~1ar1.binm3SrchMn.exe_old"
O4 - HKCU..RunOnce: [SpybotDeletingB5880] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSOESTB.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingD1684] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSOESTB.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingB446] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3SRCHMN.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingD5135] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3SRCHMN.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingB8392] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSBAR.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingD6800] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSBAR.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingB7749] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3DTACTL.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD6331] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3DTACTL.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB4521] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3OUTLCN.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD7112] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3OUTLCN.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB7484] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3HTML.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD7208] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3HTML.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB864] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3SKIN.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD4967] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3SKIN.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB8279] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3SCRCTR.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD3188] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3SCRCTR.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB3472] command.com /c del "C:Program Files (x86)MyWebSearcharAvatarCOMMON.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD5338] cmd.exe /c del "C:Program Files (x86)MyWebSearcharAvatarCOMMON.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB111] command.com /c del "C:Program Files (x86)MyWebSearcharGameCHECKERS.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD1403] cmd.exe /c del "C:Program Files (x86)MyWebSearcharGameCHECKERS.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB8741] command.com /c del "C:Program Files (x86)MyWebSearcharGameCHESS.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD4909] cmd.exe /c del "C:Program Files (x86)MyWebSearcharGameCHESS.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB2502] command.com /c del "C:Program Files (x86)MyWebSearcharGameREVERSI.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD7225] cmd.exe /c del "C:Program Files (x86)MyWebSearcharGameREVERSI.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB5360] command.com /c del "C:Program Files (x86)MyWebSearcharMessageCOMMON.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD6598] cmd.exe /c del "C:Program Files (x86)MyWebSearcharMessageCOMMON.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB5821] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierCOMMON.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD6498] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierCOMMON.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB5331] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierDOG.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD5813] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierDOG.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB3593] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierFISH.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD5034] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierFISH.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB8525] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierKUNGFU.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD401] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierKUNGFU.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB7742] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierLIFEGARD.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD5101] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierLIFEGARD.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB1781] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierMAID.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD9812] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierMAID.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB6284] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierMAILBOX.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD9476] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierMAILBOX.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB9536] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierOPERA.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD9410] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierOPERA.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB4020] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierROBOT.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD7845] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierROBOT.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB5627] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierSEDUCT.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD7404] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierSEDUCT.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB1622] command.com /c del "C:Program Files (x86)MyWebSearcharNotifierSURFER.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingD3729] cmd.exe /c del "C:Program Files (x86)MyWebSearcharNotifierSURFER.F3S"
O4 - HKCU..RunOnce: [SpybotDeletingB2000] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3WALLPP.DAT"
O4 - HKCU..RunOnce: [SpybotDeletingD9389] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3WALLPP.DAT"
O4 - HKCU..RunOnce: [SpybotDeletingB3313] command.com /c del "C:Program Files (x86)MyWebSearcharSettingss_pid.dat"
O4 - HKCU..RunOnce: [SpybotDeletingD3798] cmd.exe /c del "C:Program Files (x86)MyWebSearcharSettingss_pid.dat"
O4 - HKCU..RunOnce: [SpybotDeletingB1005] command.com /c del "C:Program Files (x86)MyWebSearchariconsCM.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingD2575] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsCM.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingB8776] command.com /c del "C:Program Files (x86)MyWebSearchariconsMFC.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingD4075] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsMFC.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingB6533] command.com /c del "C:Program Files (x86)MyWebSearchariconsPSS.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingD5156] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsPSS.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingB6201] command.com /c del "C:Program Files (x86)MyWebSearchariconsSMILEY.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingD2277] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsSMILEY.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingB644] command.com /c del "C:Program Files (x86)MyWebSearchariconsWB.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingD1754] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsWB.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingB3383] command.com /c del "C:Program Files (x86)MyWebSearchariconsWINKY.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingD8488] cmd.exe /c del "C:Program Files (x86)MyWebSearchariconsWINKY.ICO"
O4 - HKCU..RunOnce: [SpybotDeletingB7573] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3FFXTBR.JAR"
O4 - HKCU..RunOnce: [SpybotDeletingD3152] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3FFXTBR.JAR"
O4 - HKCU..RunOnce: [SpybotDeletingB8474] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3NTSTBR.JAR"
O4 - HKCU..RunOnce: [SpybotDeletingD1683] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3NTSTBR.JAR"
O4 - HKCU..RunOnce: [SpybotDeletingB8109] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3HKSTUB.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingD7958] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3HKSTUB.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingB3118] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3REGHK.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD6104] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3REGHK.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB4990] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3HIGHIN.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingD3138] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3HIGHIN.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingB8964] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3IDLE.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD1119] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3IDLE.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB6603] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3IMPIPE.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingD1089] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3IMPIPE.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingB8905] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3MEDINT.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingD546] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3MEDINT.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingB9671] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3MSG.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD573] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3MSG.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB1601] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3PLUGIN.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingD1224] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3PLUGIN.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingB285] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3SKPLAY.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingD6035] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3SKPLAY.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingB4472] command.com /c del "C:Program Files (x86)MyWebSearchar1.binM3SLSRCH.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingD5449] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binM3SLSRCH.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingB5375] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSOEMON.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingD6511] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSOEMON.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingB3158] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSOEPLG.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD6899] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSOEPLG.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB8501] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSSRCAS.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD5998] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSSRCAS.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB9585] command.com /c del "C:Program Files (x86)MyWebSearchar1.binMWSSVC.EXE_old"
O4 - HKCU..RunOnce: [SpybotDeletingD3024] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binMWSSVC.EXE_old"
O4 - HKCU..RunOnce: [SpybotDeletingB6571] command.com /c del "C:Program Files (x86)MyWebSearchar1.binNPMYWEBS.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD2693] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binNPMYWEBS.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB3931] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3CJPEG.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD3194] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3CJPEG.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB5253] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3HISTSW.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD7553] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3HISTSW.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB8147] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3HTMLMU.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingD8138] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3HTMLMU.DLL_old"
O4 - HKCU..RunOnce: [SpybotDeletingB4597] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3HTTPCT.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD6165] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3HTTPCT.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB212] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3POPSWT.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD1503] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3POPSWT.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB40] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3PSSAVR.SCR"
O4 - HKCU..RunOnce: [SpybotDeletingD6789] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3PSSAVR.SCR"
O4 - HKCU..RunOnce: [SpybotDeletingB1160] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3REPROX.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD8338] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3REPROX.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB3133] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3RESTUB.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD5320] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3RESTUB.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingB2433] command.com /c del "C:Program Files (x86)MyWebSearchar1.binF3SCHMON.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingD9224] cmd.exe /c del "C:Program Files (x86)MyWebSearchar1.binF3SCHMON.EXE"
O4 - HKCU..RunOnce: [SpybotDeletingB3356] command.com /c del "C:Program Files (x86)Mozilla FirefoxpluginsNPMyWebS.dll_old"
O4 - HKCU..RunOnce: [SpybotDeletingD8982] cmd.exe /c del "C:Program Files (x86)Mozilla FirefoxpluginsNPMyWebS.dll_old"
O4 - HKCU..RunOnce: [SpybotDeletingB5378] command.com /c del "C:PROGRA~2MYWEBS~1ar1.binM3PLUGIN.DLL"
O4 - HKCU..RunOnce: [SpybotDeletingD9158] cmd.exe /c del "C:PROGRA~2MYWEBS~1ar1.binM3PLUGIN.DLL"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program Files (x86)Common FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 - Extra context menu item: &Download All by FlashGet - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllsBhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllsBholink.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - C:ProgramDataAOLieToolbar esourcesfr-FRlocalsearch.html
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdllink.htm
O8 - Extra context menu item: Télécharger avec IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlfvideo.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:Program Files (x86)Internet Download ManagerIEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~2Office12REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program Files (x86)Common FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:Program Files (x86)AGIcommonwin32PythonService.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:Program Files (x86)AviraAntiVir Desktopsched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:Program Files (x86)AviraAntiVir Desktopavguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:Program Files (x86)Common FilesBOONTY SharedServiceBoonty.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:Program FilescFosSpeedspd.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:Program Files (x86)Common FilesPortrait DisplaysSharedDTSRVC.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:PROGRA~2COMMON~1France TelecomShared ModulesFTRTSVCFTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)HP GamesMy HP Game ConsoleGameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program Files (x86)iPodiniPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program Files (x86)Common FilesLightScribeLSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe
O23 - Service: @%SystemRoot%System32
etlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:Windowssystem32
vvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:Program Files (x86)Spybot - Search & DestroySDWinSec.exe
O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:Program Files (x86)StardockObject DesktopWindowBlindsvistasrv.exe
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

--
End of file - 44532 bytes


Merci pour votre Aide.
Fatality
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 06 Juil 2009 18:28
 


Message le 07 Juil 2009 12:31

Bonjour.


1_ Spybot a fait du ménage mais tu dois faire redémarrer la machine pour que ce nettoyage soit effectif.


2_ Via HiJackThis, tu supprimes les lignes:

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:Program Files (x86)AskBarDisarinaskBar.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:Program Files (x86)PHPNukeFR bPHP1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: ExcellentAdDisplay - {F31C8969-83E7-A513-2E11-CB6D1837C2CB} - (no file)
Inconnu
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:Program Files (x86)AskBarDisarinaskBar.dll
O4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [KiweeHook] "C:Program Files (x86)Kiwee Toolbar2.8.167kwtbaim.exe"
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: @%SystemRoot%System32
etlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:Windowssystem32
vvsvc.exe (file missing)
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)


Pas de traces d'infections majeures. Je te conseille de faire un tri dans les barres d'outils.


3_ De plus, tu as des barres d'outils vérolées.

Tu vas télécharger Toolbar S&D.

Tu double cliques ensuite sur l'icône Toolbar S&D pour lancer l'application.

Tu tapes sur la touche [F] pour sélectionner la langue française.

Tu appuies ensuite sur la touche [1] puis sur la touche [Entrée] pour lancer l'analyse.

Quand tu verras indiqué:

Code: Tout sélectionner
Fin du rapport à --:--:--,--


L'analyse sera finie.

Normalement, le rapport d'analyse s'ouvrira dans le Bloc-notes, tu nous copies-colles l'intégralité du fichier.

Tu relances ensuite Toolbar S&D puis tu sélectionnes l'option [2] pour lancer le nettoyage.

Tu nous copies-colles ensuite l'intégralité du rapport de nettoyage.


4_ Pour s'assurer qu'il n'y ait rien d'autre, tu télécharges Malwarebytes' Anti-Malware, tu l'installes puis tu procèdes à sa mise à jour.

Tu lances l'application en double-cliquant sur l'icône Malwarebytes' Anti Malware.

Tu cliques ensuite sur Exécuter un examen complet puis tu lances l'analyse en cliquant sur Rechercher.

_ Si l'utilitaire ne trouve rien de néfaste, cliques sur Ok. Le Bloc-notes va s'ouvrir avec le rapport d'analyse, celui-ci n'est pas intéressant car la machine est propre.
Tu peux fermer le Bloc-notes.

_ Si l'utilitaire trouve des éléments suspects, tu cliques sur Afficher les résultats puis sur Supprimer la sélection.
Tu enregistres le rapport d'analyse que tu nous copies-colles dans ton prochain message.

Il est possible que le programme te demande de redémarrer pour effectuer des suppressions supplémentaires, tu acceptes le redémarrage volontaire en cliquant sur Ok.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 07 Juil 2009 12:32

Ok merci de ton aide je vais faire sa de suite.
Fatality
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 06 Juil 2009 18:28
 

Message le 07 Juil 2009 12:45

Voici le log Hijackthis apres avoir supprimer les ligne demandé :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:45:56, on 07/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:hpsupporthpsysdrv.exe
C:Program Files (x86)Javajre6injusched.exe
C:Program Files (x86)HPHP Software UpdatehpwuSchd2.exe
C:Program Files (x86)OrangeHSSSystraySystrayApp.exe
C:Program Files (x86)AviraAntiVir Desktopavgnt.exe
C:PROGRA~2COMMON~1France TelecomShared ModulesAlertModuleAlertModule.exe
C:Program Files (x86)Internet Download ManagerIDMan.exe
C:Program Files (x86)Internet Download ManagerIEMonitor.exe
C:hpkbdkbd.exe
C:Program Files (x86)eb-Utilityeb-Utility.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:UsersJoeyDesktoplangHiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.cherche.us
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.cherche.us
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.cherche.us
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.cherche.us
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.cherche.us
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://www.cherche.us
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64lank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:Program Files (x86)AGIcommonagcutils.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllshoCATCH.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:Program Files (x86)AskBarDisarinaskBar.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:Program Files (x86)PHPNukeFR bPHP1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:Program Files (x86)Kiwee Toolbar2.8.167KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program Files (x86)AOLAOL Toolbar 5.0aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:Program Files (x86)Free Download Manageriefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6injp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:Program Files (x86)free-downloads.net bfree.dll
O2 - BHO: ExcellentAdDisplay - {F31C8969-83E7-A513-2E11-CB6D1837C2CB} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program Files (x86)AOLAOL Toolbar 5.0aoltb.dll
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:Program Files (x86)PHPNukeFR bPHP1.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:Program Files (x86)free-downloads.net bfree.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:Program Files (x86)Kiwee Toolbar2.8.167KiweeIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program Files (x86)Windows LiveToolbarwltcore.dll
O4 - HKLM..Run: [hpsysdrv] c:hpsupporthpsysdrv.exe
O4 - HKLM..Run: [KBD] C:HPKBDKbdStub.EXE
O4 - HKLM..Run: [HP Health Check Scheduler] c:Program Files (x86)Hewlett-PackardHP Health CheckHPHC_Scheduler.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program Files (x86)Javajre6injusched.exe"
O4 - HKLM..Run: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [SystrayORAHSS] "C:Program Files (x86)OrangeHSSSystraySystrayApp.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"
O4 - HKLM..Run: [avgnt] "C:Program Files (x86)AviraAntiVir Desktopavgnt.exe" /min
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [KiweeHook] "C:Program Files (x86)Kiwee Toolbar2.8.167kwtbaim.exe"
O4 - HKLM..Run: [DT HPW] "C:Program Files (x86)Portrait DisplaysHP My DisplayDTHtml.exe" -startup_folder
O4 - HKLM..RunOnce: [Malwarebytes' Anti-Malware] "C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe" /install /silent
O4 - HKCU..Run: [HPADVISOR] C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe autorun=AUTORUN
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [VoipDiscount] "C:Program Files (x86)VoipDiscount.comVoipDiscountVoipDiscount.exe" -nosplash -minimized
O4 - HKCU..Run: [IDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program Files (x86)Common FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 - Extra context menu item: &Download All by FlashGet - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllsBhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllsBholink.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - C:ProgramDataAOLieToolbar esourcesfr-FRlocalsearch.html
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdllink.htm
O8 - Extra context menu item: Télécharger avec IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlfvideo.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:Program Files (x86)Internet Download ManagerIEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~2Office12REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program Files (x86)Common FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:Program Files (x86)AGIcommonwin32PythonService.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:Program Files (x86)AviraAntiVir Desktopsched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:Program Files (x86)AviraAntiVir Desktopavguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:Program Files (x86)Common FilesBOONTY SharedServiceBoonty.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:Program FilescFosSpeedspd.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:Program Files (x86)Common FilesPortrait DisplaysSharedDTSRVC.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:PROGRA~2COMMON~1France TelecomShared ModulesFTRTSVCFTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)HP GamesMy HP Game ConsoleGameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program Files (x86)iPodiniPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program Files (x86)Common FilesLightScribeLSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe
O23 - Service: @%SystemRoot%System32
etlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:Windowssystem32
vvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:Program Files (x86)Spybot - Search & DestroySDWinSec.exe
O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:Program Files (x86)StardockObject DesktopWindowBlindsvistasrv.exe
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

--
End of file - 14302 bytes

Sinon pour ToolbarSD je lance la recherche et puis la fenetre disparait donc je vais attendre pour voir.
Fatality
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 06 Juil 2009 18:28
 

Message le 07 Juil 2009 13:39

Passe à Mbam alors.

Quand il a fait le nettoyage, tu passes Toolbar S&D en option 2.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 07 Juil 2009 13:40

Ok sa marche.
Fatality
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 06 Juil 2009 18:28
 

Message le 07 Juil 2009 14:43

Voici le log de Malwarebytes :

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2384
Windows 6.0.6001 Service Pack 1

07/07/2009 15:45:11
Log

Type de recherche: Examen complet (C:|D:|)
Eléments examinés: 538899
Temps écoulé: 1 hour(s), 46 minute(s), 59 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 22
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOTAppID{418d86be-7386-4f1a-83e0-53604adbda74} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{f31c8969-83e7-a513-2e11-cb6d1837c2cb} (Adware.ExcellentAdDisplay) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{f31c8969-83e7-a513-2e11-cb6d1837c2cb} (Adware.ExcellentAdDisplay) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallExcellentAdDisplay (Adware.ExcellentAdDisplay) -> No action taken.
HKEY_CURRENT_USERSOFTWAREExcellentAdDisplay (Adware.ExcellentAdDisplay) -> No action taken.
HKEY_CLASSES_ROOTAppIDExcellentAdDisplay.dll (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerLow RightsRunDll32Policyf3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMultimediaWMPlayerSchemesf3pss (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USERSOFTWAREfcn (Rogue.Residue) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT egfileshellopencommand(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorerNoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
C:Program Files (x86)MyWebSearch (Adware.MyWebSearch) -> No action taken.
c:program files (x86)mywebsearchar (Adware.MyWebSearch) -> No action taken.
c:program files (x86)mywebsearchar1.bin (Adware.MyWebSearch) -> No action taken.
c:UsersCindyAppDataRoamingMicrosoftWindowsStart MenuProgramsPlayMP3z (Adware.PlayMP3Z) -> No action taken.
C:Program Files (x86)ExcellentAdDisplay (Adware.ExcellentAdDisplay) -> No action taken.

Fichier(s) infecté(s):
c:UsersJoeylocal settingsapplication dataaimga_navps.dat (Adware.Navipromo.H) -> No action taken.
c:UsersJoeylocal settingsapplication dataaimga_nav.dat (Adware.Navipromo.H) -> No action taken.
c:UsersJoeylocal settingsapplication dataaimga.dat (Adware.Navipromo.H) -> No action taken.
c:program files (x86)windows livemessenger iched20.dll (Adware.MyWebSearch) -> No action taken.
c:UsersCindydownloadswinkySetup2.3.50.45.ZJfox000.exe (Adware.MyWeb) -> No action taken.
c:UsersCindyAppDataRoamingmicrosoftWindowsstart menuProgramsPlayMP3zRun PlayMP3z.pif (Adware.PlayMP3Z) -> No action taken.
c:program files (x86)excellentaddisplayuninstall.exe (Adware.ExcellentAdDisplay) -> No action taken.
C:install.exe (Trojan.Agent) -> No action taken.
Fatality
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 06 Juil 2009 18:28
 

Message le 07 Juil 2009 15:01

Relance Mbam jusqu'à ce qu'il ne trouve plus rien.

Ensuite, toujours Toolbar S&D à passer en option 2 s'il trouve à redire.

Ce sera clean après.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 07 Juil 2009 15:06

j'ai relancé Mbam mais Toolbar ne marche toujour pas :evil:
Fatality
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 06 Juil 2009 18:28
 

Message le 07 Juil 2009 15:51

Alors laisse-le tomber.

Quand Mbam ne trouve plus rien, tu fais un dernier scan HiJackThis.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 07 Juil 2009 16:09

Plus d'infection trouver par Mbam et voici le log Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:11:32, on 07/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program Files (x86)Internet Download ManagerIDMan.exe
C:hpsupporthpsysdrv.exe
C:Program Files (x86)Javajre6injusched.exe
C:Program Files (x86)HPHP Software UpdatehpwuSchd2.exe
C:Program Files (x86)iTunesiTunesHelper.exe
C:Program Files (x86)AviraAntiVir Desktopavgnt.exe
C:Program Files (x86)Kiwee Toolbar2.8.167kwtbaim.exe
C:PROGRA~2COMMON~1France TelecomShared ModulesAlertModuleAlertModule.exe
C:Program Files (x86)Internet Download ManagerIEMonitor.exe
C:WindowsSysWOW64conime.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:hpkbdkbd.exe
C:UsersJoeyDesktopCryptLoad_1.1.6CryptLoad.exe
C:UsersJoeyDesktoplangHiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.cherche.us
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.cherche.us
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.cherche.us
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.cherche.us
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.cherche.us
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://www.cherche.us
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64lank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:Program Files (x86)AGIcommonagcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllshoCATCH.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:Program Files (x86)AskBarDisarinaskBar.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:Program Files (x86)PHPNukeFR bPHP1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:Program Files (x86)Kiwee Toolbar2.8.167KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program Files (x86)AOLAOL Toolbar 5.0aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:Program Files (x86)Free Download Manageriefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6injp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:Program Files (x86)free-downloads.net bfree.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program Files (x86)AOLAOL Toolbar 5.0aoltb.dll
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:Program Files (x86)PHPNukeFR bPHP1.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:Program Files (x86)free-downloads.net bfree.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:Program Files (x86)Kiwee Toolbar2.8.167KiweeIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program Files (x86)Windows LiveToolbarwltcore.dll
O4 - HKLM..Run: [hpsysdrv] c:hpsupporthpsysdrv.exe
O4 - HKLM..Run: [KBD] C:HPKBDKbdStub.EXE
O4 - HKLM..Run: [HP Health Check Scheduler] c:Program Files (x86)Hewlett-PackardHP Health CheckHPHC_Scheduler.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program Files (x86)Javajre6injusched.exe"
O4 - HKLM..Run: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [SystrayORAHSS] "C:Program Files (x86)OrangeHSSSystraySystrayApp.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"
O4 - HKLM..Run: [avgnt] "C:Program Files (x86)AviraAntiVir Desktopavgnt.exe" /min
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [KiweeHook] "C:Program Files (x86)Kiwee Toolbar2.8.167kwtbaim.exe"
O4 - HKLM..Run: [DT HPW] "C:Program Files (x86)Portrait DisplaysHP My DisplayDTHtml.exe" -startup_folder
O4 - HKCU..Run: [HPADVISOR] C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe autorun=AUTORUN
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [VoipDiscount] "C:Program Files (x86)VoipDiscount.comVoipDiscountVoipDiscount.exe" -nosplash -minimized
O4 - HKCU..Run: [IDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program Files (x86)Common FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 - Extra context menu item: &Download All by FlashGet - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllsBhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:Program Files (x86)FlashGet NetworkFlashGet universalComDllsBholink.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - C:ProgramDataAOLieToolbar esourcesfr-FRlocalsearch.html
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdllink.htm
O8 - Extra context menu item: Télécharger avec IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:Program Files (x86)Free Download Managerdlfvideo.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:Program Files (x86)Internet Download ManagerIEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~2Office12REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program Files (x86)Common FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:Program Files (x86)AGIcommonwin32PythonService.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:Program Files (x86)AviraAntiVir Desktopsched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:Program Files (x86)AviraAntiVir Desktopavguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:Program Files (x86)Common FilesBOONTY SharedServiceBoonty.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:Program FilescFosSpeedspd.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:Program Files (x86)Common FilesPortrait DisplaysSharedDTSRVC.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:PROGRA~2COMMON~1France TelecomShared ModulesFTRTSVCFTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)HP GamesMy HP Game ConsoleGameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program Files (x86)iPodiniPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program Files (x86)Common FilesLightScribeLSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe
O23 - Service: @%SystemRoot%System32
etlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:Windowssystem32
vvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:Program Files (x86)Spybot - Search & DestroySDWinSec.exe
O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:Program Files (x86)StardockObject DesktopWindowBlindsvistasrv.exe
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

--
End of file - 14124 bytes
Fatality
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 06 Juil 2009 18:28
 

Message le 07 Juil 2009 16:34

Ce n'est pas encore bon.

Désinstalle la barre d'outils Kiwee (Kiwee Toolbar) et supprime tout ce que tu as de Toolbar S&D.

Tu le télécharges ensuite à nouveau, il reste la barre d'outils AskBar au moins à supprimer.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 08 Juil 2009 11:57

Que donne Toolbar S&D?

On va de toute façon désactiver l'UAC.

Pour cela, il faut cliquer sur Démarrer puis Panneau de configuration.

Tu cliques ensuite sur Comptes d'utilisateurs puis sur Activer ou désactiver le contrôle des comptes d'utilisateurs.

Une fenêtre de confirmation s'ouvrira, décoches la ligne Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur puis cliques sur Ok.

Le redémarrage demandé sera nécessaire pour que l'UAC soit inactive.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Message le 08 Juil 2009 12:38

Toolbar ne marche toujours pas j'ai desactivé UAC pareil.^^
Fatality
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 06 Juil 2009 18:28
 

Message le 09 Juil 2009 11:36

Bonjour.

On va procéder autrement.

Tu redémarres en Mode sans échec.

Tu vas trouver les dossiers:

    C:Program Files (x86)AskBarDis
    C:Program Files (x86)Kiwee Toolbar


Tu supprimes tout.

Fais aussi une analyse Mbam pour voir s'il trouve quelque chose, en Mode normal.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 

Suivante


Sujets similaires

Message analyse rapport RogueKiller
Bonjour,Mon pc est trop long aujourd'hui. le scan par RogueKiller fait apparaitre 2 virus ou genre malicieux.quelq"un pourra m'expliquer de quoi il s'agit exactement?merci d'avance
Réponses: 1

Message Chercher écran avec bon rapport qualité-prix
Bonjour,Je cherche un écran pour un usage polyvalent, (Jeux vidéo, modélisation niveau amateur sur Blender, bureautique, navigation Internet,)Petite précision, ayant ma TV à porter de câble HDMI, les films et les jeux vidéo jouable a la manette je les joue sur la TV, l'écran servira donc pour les je ...
Réponses: 1

Message [Réglé] Rapport desinfection suite analyse FRST64
FRST.txtAddition.txtShortcut.txtBonjour, suite a mon message posté il y a quelques jours concernant un ordinateur tres lent, je vous poste aujourd'hui le résultat.Merci pour vos réponsesMF
Réponses: 4

Message demande aide rapport FRST
Bonsoir,Où et comment puis-je poster mes fichiers .txt rapport FRST car mon pc (Vaio Tap 20 sous Win 8.1) estsouvent très très lent...Merci becoup
Réponses: 1

Message Quel était votre premier Linux par rapport à votre actuel ?
Je sais qu'à un moment donné, nous sommes tous entrés dans Linux, mais quel est le premier Linux que vous avez utilisé ? Le premier que vous avez essayé parmi les autres était parfait. Quel(s) est(s) utilisez-vous actuellement ? Mon premier était Ubuntu 7. J'ai envoyé chercher le CD après avoir été ...
Réponses: 1

Message verifier wifi
Bonjour,Est-il possible de vérifier si mon j3 Samsung dialogue bien en wifi avec ma live box play.Cdt
Réponses: 21

Message PC déjà monté : votre avis sur son rapport qualité / prix ?
Bonjour à tous,J'ai un PC portable i5 avec 8Go RAM qui n'est plus adapté à mes besoins aujourd'hui car je dois exploiter de gros fichiers excel aux multiples calculs. C'est en recherchant quelle config serait la plus adaptée à ce besoin précis que j'ai découvert ce forum avec ce post de 2017.Ce post ...
Réponses: 2


Qui est en ligne

Utilisateurs parcourant ce forum: Google Adsense [Bot] et 15 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.