AccueilCalendrierFAQRechercherMembresGroupesS'enregistrerConnexion
Statistiques Antivir
Rechercher
 
 

Résultats par :
 
Rechercher Recherche avancée
Derniers sujets
» Infection + PC très lent
Sam 14 Déc - 22:03:56 par Fred_R

» J'ai quelque chose qui est en train de bouffer mon pc
Dim 5 Mai - 19:12:45 par Marco2404

» systeme de plugin a l'adress 0*e4783995 a recu l'erreur critique
Lun 20 Juin - 15:58:24 par rositaa

» Démarrage bloquer
Sam 30 Jan - 19:55:46 par Nemesis31

» scan Security tool virus
Sam 30 Jan - 19:54:57 par Nemesis31

» coupure du PC
Mer 9 Déc - 22:40:37 par Nemesis31

» Mon Pc Ram Comme Un Fou :@
Mar 3 Nov - 0:18:46 par shion-ares

» coupure d'internet tout les 5 minutes plus d'executer sous xp
Jeu 10 Sep - 0:28:07 par gollum

» soupson d'infection
Jeu 3 Sep - 13:42:30 par Nemesis31

Navigation
 Accueil
 Membres
 Profil
 FAQ
 Rechercher
Connexion
Nom d'utilisateur:
Mot de passe:
Connexion automatique: 
:: Récupérer mon mot de passe
Partenaires
Forum gratuit



Tchat Blablaland


Meilleurs posteurs
geoffrey5
 
shion-ares
 
plopus
 
didier68
 
Anthony5151
 
Juliensl
 
bluestyle
 
ginga
 
Nemesis31
 
gobiel
 
La boutique du forum
vous avez la possibilité d'acheter des articles propres au forum
Sondage

Partagez | 
 

 Problème de lookanddiscover

Voir le sujet précédent Voir le sujet suivant Aller en bas 
AuteurMessage
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Problème de lookanddiscover   Mer 28 Jan - 23:17:09

Merci de t'occuper de moi Smile
voici le rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16:34, on 28/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\jureg.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\system32\schtasks.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
C:\Windows\System32\mobsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\baptiste\Desktop\rapports\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8151 bytes
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
bluestyle
Contributeur
Contributeur


Masculin
Nombre de messages : 158
Age : 46
Localisation : canada
Système d\'exploitation * : Windows
Date d'inscription : 23/11/2008

MessageSujet: Re: Problème de lookanddiscover   Mer 28 Jan - 23:57:13

k3nphr3n,


Utilisateur de Vista.
Désactiver l' UAC (réactivez l’UAC après la désinfection)
_____________________________________________________________________________________________

IMPORTANT Avant toutes suppressions de lignes avec HijackThis.
Vous devez créer un répertoire personnalisé pour HijackThis.exe.
Dans le but de garder dans un sous répertoire un historique (restaurable) des lignes supprimées.
• Genre C:\Program Files\HijackThis\HijackThis.exe
• Ensuite par un clic droit sur HijackThis.exe sélectionnez Créer un raccourci.
• Placez ce raccourci sur votre bureau.

Si vous aviez des difficultés avec la création de répertoires/raccourci.
• Supprimez votre HijackThis.exe
• Téléchargez ce version de HijackThis.
• Installez HJTInstall.exe
>> Un répertoire et raccourci(sur votre bureau) seront créés
_____________________________________________________________________________________________


Relancer HijackThis,
• Appuyer sur [Do a system scan only],
• Cocher toutes les lignes suivantes et
>>> Fermer les navigateurs, logiciels.. <<<
• Appuyer sur [Fix Checked] pour les supprimer.
( = infection, = optimisation)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

>>>>>> • Redémarrer votre PC • <<<<<<<<
_____________________________________________________________________________________________

Procédure de recherche Ad-Remover,

Désactiver l'antivirus.

Téléchargez Ad-remover (sur votre bureau) : http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
Citation :
VISTA : installation et lancement par Clic droit et
• "Exécuter ce programme en tant qu'administrateur"
• Installez Ad-remover ,
• Lancez Ad-remover à partir de l’icône sur votre bureau,
• Au menu principal choisissez l'option "A" pour un Scan,
Afficher le rapport qui apparait sur votre prochain post ( C:\Ad-report.log ).

Réactiver l'antivirus.
_____________________________________________________________________________________________

Outil de détection/suppression de Kaspersky, màj et téléchargeable quotidiennement.
Téléchargement : Kaspersky Virus Removal Tool (30Mo).
• Lancez l’installation,
• Ne Cochez que (C: ) ainsi que System memory, Startup objets et Disk Boot Sectors ou tous,
• Appuyez sur [Scan] pour lancer la détection/suppression.



>> Une 2ième fenêtre va s'ouvrir.
>> la recherche va commencer " -30min.".

• Vérifiez "après le scan", s'il y avaient des infections d'afficher dans l'onglet Detect.

Lorsque le scan sera complété,
• Appuyez sur [Rapport] (en bas).
• Sauvegardez le rapport de Kaspersky sur votre bureau.

Peut-être aurez vous à valider les "Actions" de suppressions, si Kaspersky ne les fait pas automatiquement ?!

_____________________________________________________________________________________________

Nettoyage des fichiers temporaires, Cookies..
CCleaner version Slim (sans la Yahoo ToolBar) : Téléchargement - & - Tutoriel .
• Installer et lancer CCleaner,
• Décochez la mise à jour automatique,
• Appuyer sur [Analyse] et [Lancer le Nettoyage].

Utiliser CCleaner après chaque session sur le net,
installation de logiciels et/ou avant de fermer le PC.

_____________________________________________________________________________________________

Afficher un autre rapport HijackThis sur votre prochain post.
.
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Jeu 29 Jan - 22:10:15

Bonsoir, j'ai fait ce que tu m'as conseillé de faire :

voici pour ad-remover :


------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

Updated by C_XX on 17/01/2009 at 12:00

Start at: 22:45:34 | Wed 28/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
Boot mode: Normal
Option: SCAN | Executed from: C:\\\\Program Files\\\\Ad-remover\\\\Ad-remover.bat
Pc: PC-DE-SANAA | User: baptiste ( Current user is an administrator)
Drive(s):
- C:\\\\ (File System: NTFS)
- D:\\\\ (File System: NTFS)
- E:\\\\ (File System: CDFS)
System Drive: C:\\\\
Windows Directory: C:\\\\Windows\\\\
System Directory: C:\\\\Windows\\\\System32\\\\

--- Running Processes: 57

+--------------------| Boonty/Boonty Games Elements Found :

.
HKCR\\\\boontybox
HKLM\\\\Software\\\\Classes\\\\boontybox
.
C:\\\\Program Files\\\\BoontyGames

+--------------------| Eorezo Elements Found :

.
HKCR\\\\EoRezoBHO.EoBho
HKCR\\\\EoRezoBHO.EoBho.1
HKCR\\\\Interface\\\\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\\\\Typelib\\\\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\\\\SOFTWARE\\\\EoRezo
HKCU\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Ext\\\\Stats\\\\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\\\\SOFTWARE\\\\EoRezo
HKLM\\\\SOFTWARE\\\\Classes\\\\AppID\\\\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\\\\SOFTWARE\\\\Classes\\\\AppID\\\\EoRezoBHO.DLL
HKLM\\\\SOFTWARE\\\\Classes\\\\TypeLib\\\\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
.
C:\\\\Program Files\\\\EoRezo
C:\\\\Program Files\\\\EoRezo\\\\ConfMedia.cyp
C:\\\\Program Files\\\\EoRezo\\\\EoAdv
C:\\\\Program Files\\\\EoRezo\\\\EoEngine.exe
C:\\\\Program Files\\\\EoRezo\\\\eoEngine.url
C:\\\\Program Files\\\\EoRezo\\\\EoMultiLanguage.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoComm.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoImg_17.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoImg_19.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoImg_20.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoImg_21.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoImg_22.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoImg_23.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_16.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_17.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_18.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_20.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_21.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_26.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_27.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_28.dll
C:\\\\Program Files\\\\EoRezo\\\\EoRezoTools_29.dll
C:\\\\Program Files\\\\EoRezo\\\\FreeImage.dll
C:\\\\Program Files\\\\EoRezo\\\\Host.cyp
C:\\\\Program Files\\\\EoRezo\\\\lang
C:\\\\Program Files\\\\EoRezo\\\\MngInstaller.dll
C:\\\\Program Files\\\\EoRezo\\\\unins000.dat
C:\\\\Program Files\\\\EoRezo\\\\unins000.exe
C:\\\\Program Files\\\\EoRezo\\\\user.cyp
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\atl90.dll
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\EoAdv.dll
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\eoAdv.url
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\EoRezoBHO.dll
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\mfc90.dll
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\Microsoft.VC90.ATL.manifest
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\Microsoft.VC90.CRT.manifest
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\Microsoft.VC90.MFC.manifest
C:\\\\Program Files\\\\EoRezo\\\\EoAdv\\\\msvcr90.dll
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\ihm_eoclock.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\ihm_eoengine.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\ihm_eonet.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\ihm_eorezotools.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\ihm_eosudoku.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\ihm_eoweather.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\lang_en.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\lang_es.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\lang_fr.xml
C:\\\\Program Files\\\\EoRezo\\\\lang\\\\lang_it.xml
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\cache
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\cmhost.cyp
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\ConfMedia.cyp
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\ConfMedia.cyp.old
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\db
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\eoDesktop
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\eoStats
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\EoTraduction.cfg
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\host.cyp
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\user.cyp
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\db\\\\cat.cyp
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\eoDesktop\\\\config.xml
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\eoDesktop\\\\eoDesktop.html
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\eoDesktop\\\\userConfig.xml
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\EoRezo\\\\eoStats\\\\eoStats.txt

+--------------------| Everest Casino/Everest Poker Elements Found :

.
.

+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :

.
.

+--------------------| It's TV Elements Found :

HKCU\\\\SOFTWARE\\\\ItsLabel
.
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\ItsLabel
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\ItsLabel\\\\ItsTV
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\ItsLabel\\\\ItsTV\\\\itsTV.xml

+--------------------| Sweetim Elements Found :

.
HKCR\\\\CLSID\\\\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKCR\\\\Installer\\\\UpgradeCodes\\\\789034A89BAC50E4782F0A7BDBF75632
HKCR\\\\TypeLib\\\\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKCR\\\\Typelib\\\\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\\\\MgMediaPlayer.GifAnimator
HKCR\\\\MgMediaPlayer.GifAnimator.1
HKCU\\\\SOFTWARE\\\\SWEETIE
HKCU\\\\SOFTWARE\\\\Microsoft\\\\Installer\\\\Upgradecodes\\\\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Ext\\\\Stats\\\\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Ext\\\\Stats\\\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\\\\SOFTWARE\\\\Classes\\\\TypeLib\\\\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\\\\SOFTWARE\\\\Macrogaming
HKLM\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\App Paths\\\\SweetIM.exe
HKLM\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Installer\\\\UpgradeCodes\\\\A97CEC23332751B47BA4B95BAA50C9D0
HKLM\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Installer\\\\UpgradeCodes\\\\789034A89BAC50E4782F0A7BDBF75632
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\07D5290CDBDAE4242926B8E6CA650501
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\08E33F7B61DEFF24BB9673ED7D467636
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\1AC67655DD68F8240B2860F2D511EBD8
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\4318DF19719275242801CBE292063A4C
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\4CCCAC049F34D0540AAC13011398BEDB
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\5D19F074C042AD34BAB463D4175A062E
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\697E782CF574CC34CBB9566440BA12BC
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\6AE27A8613CF7EA4782F2886F67295E5
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\7CE172051F585E04187BCB97570BFA74
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\86A901BA5265452499DCBF719C378EE3
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\980289C22F80A7C4BB9323DC61255E4E
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\9A4B7EF3789F871419D9302583B20C15
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\A6C53B0F76C44004A8F36716213017DB
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\B59F2D8189784CC46A4597F2842480B0
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\D149C1355C98DE24E82CEFBD996FE06A
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\E337925F629CF4C4FB08F3D9674DD839
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\F327D0C73C0973644A21E8CC852267A0
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\FA96423FE2B98E248A3B23548D1E22D9
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\\\\~\\\\USERDATA\\\\S-1-5-18\\\\COMPONENTS\\\\305B09CE8C53A214DB58887F62F25536
HKLM\\\\~\\\\USERDATA\\\\S-1-5-21-834705997-286308422-2609924786-1000\\\\COMPONENTS\\\\96D82BE152767B245B7D948EF9126F46
HKLM\\\\~\\\\USERDATA\\\\S-1-5-21-834705997-286308422-2609924786-1000\\\\COMPONENTS\\\\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\\\\~\\\\USERDATA\\\\S-1-5-21-834705997-286308422-2609924786-1000\\\\COMPONENTS\\\\DF75D238060B32E42A452FB5F328222E
.
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Jeu 29 Jan - 22:10:39

(la suite)
C:\\\\Windows\\\\INSTALLER\\\\15464b5.msi
C:\\\\Windows\\\\INSTALLER\\\\15464bb.msi
C:\\\\Program Files\\\\Macrogaming
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\data
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\default.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\logs
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgAdaptersProxy.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgAIMAuto.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgAIMMessengerAdapter.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgArchive.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgcommon.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgcommunication.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgconfig.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgFlashPlayer.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mghooking.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgIEPlayer.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mglogger.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgMediaPlayer.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgMsnAuto.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgMsnMessengerAdapter.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgSweetIM.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgUpdateSupport.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgxml_wrapper.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgYahooAuto.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\mgYahooMessengerAdapter.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\msvcp71.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\msvcr71.dll
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\resources
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\SweetIM.exe
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\update
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\adapter.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\autoupdate.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\logger.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\messages.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\sweetim.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\sweetimapp.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\users
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\users\\\\main_user_config.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\users\\\\sabrinaakaaboune@hotmail.fr
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\users\\\\sabrinaakaaboune@hotmail.fr\\\\emoticons_shortcut.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\conf\\\\users\\\\sabrinaakaaboune@hotmail.fr\\\\user_config.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\data\\\\contentdb
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\data\\\\contentdb\\\\cache_indx.dat
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\resources\\\\images
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\resources\\\\images\\\\AudibleButton.png
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\resources\\\\images\\\\DisplayPicturesButton.png
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\resources\\\\images\\\\EmoticonButton.png
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\resources\\\\images\\\\NudgeButton.png
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\resources\\\\images\\\\SoundFxButton.png
C:\\\\Program Files\\\\Macrogaming\\\\SweetIM\\\\resources\\\\images\\\\WinksButton.png
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\affid.dat
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\basis.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Bookmarks_23x18.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Cache
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Email_23x18.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Games_23x18.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Greetingcards_23x18.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Mobile_23x18.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Music_23x18.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\News_23x18.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Shoping_23x18.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\SmileySmile.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\SmileyWink.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\sweetimicons.bmp
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\toolbar.crc
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\toolbar.xml
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\version.txt
C:\\\\Program Files\\\\Macrogaming\\\\SweetIMBarForIE\\\\Cache\\\\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\\\\Users\\\\baptiste\\\\AppData\\\\Roaming\\\\Microsoft\\\\Windows\\\\Cookies\\\\baptiste@www.sweetim[1].txt

+--------------------| Added Scan :


+---------- SCANNING PREFS.JS ... ( # Mozilla user preferences )

..\\\\4j6699j9.default\\\\prefs.js :

~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH SELECTED ENGINE: "Live Search"
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "windows-1252

.

+---------------------------------------------------------------------------+


~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

+--[HKEY_CURRENT_USER\\\\..\\\\INTERNET EXPLORER\\\\MAIN]

Start page : hxxp://www.msn.com/

+--[HKEY_LOCAL_MACHINE\\\\..\\\\INTERNET EXPLORER\\\\MAIN]

Start page : hxxp://www.msn.com/

+---------------------------------------------------------------------------+

[~13891 BYTES] - "C:\\\\AD-REPORT-SCAN-28.01.2009.LOG"

End at: 22:46:18 | 28/01/2009 - Time elapsed: 44.0 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 261 Lines ]
+---------------------------------------------------------------------------+
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Jeu 29 Jan - 22:11:15

Puis le rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:41, on 2009-01-29
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\\Windows\\system32\\Dwm.exe
C:\\Windows\\Explorer.EXE
C:\\Windows\\system32\\taskeng.exe
C:\\Program Files\\Common Files\\LogiShrd\\LVCOMSER\\LVComSer.exe
C:\\Windows\\System32\\jureg.exe
C:\\Windows\\WindowsMobile\\wmdSync.exe
C:\\Windows\\RtHDVCpl.exe
C:\\Program Files\\Alwil Software\\Avast4\\ashDisp.exe
C:\\Windows\\ehome\\ehtray.exe
C:\\Program Files\\Macrogaming\\SweetIM\\SweetIM.exe
C:\\Program Files\\Windows Media Player\\wmpnscfg.exe
C:\\Program Files\\Hercules\\WiFi Station\\WiFiStation.exe
C:\\Windows\\ehome\\ehmsas.exe
C:\\Windows\\system32\\schtasks.exe
C:\\Program Files\\OpenOffice.org 3\\program\\swriter.exe
C:\\Program Files\\OpenOffice.org 3\\program\\soffice.exe
C:\\Program Files\\OpenOffice.org 3\\program\\soffice.bin
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\Users\\baptiste\\Desktop\\rapports\\HiJackThis.exe

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.lookanddiscover.com/
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://home.sweetim.com
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\\Program Files\\Real\\RealPlayer\\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\\PROGRA~1\\EoRezo\\EoAdv\\EOREZO~1.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\\Program Files\\Microsoft\\Search Enhancement Pack\\Search Helper\\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre6\\bin\\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\\Program Files\\EoRezo\\EoAdv\\EoRezoBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\\Program Files\\Windows Live\\Toolbar\\wltcore.dll
O4 - HKLM\\..\\Run: [SunJavaUpdateReg] "C:\\Windows\\system32\\jureg.exe"
O4 - HKLM\\..\\Run: [Windows Mobile-based device management] %windir%\\WindowsMobile\\wmdSync.exe
O4 - HKLM\\..\\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\\..\\Run: [avast!] C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe
O4 - HKLM\\..\\RunOnce: [Launcher] %WINDIR%\\SMINST\\launcher.exe
O4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe
O4 - HKCU\\..\\Run: [SweetIM] C:\\Program Files\\Macrogaming\\SweetIM\\SweetIM.exe
O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
O4 - Global Startup: WiFi Station.lnk = C:\\Program Files\\Hercules\\WiFi Station\\WiFiStation.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\\PROGRA~1\\MICROS~3\\Office12\\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\\Program Files\\PokerStars\\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~3\\Office12\\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\\Windows\\system32\\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\\Program Files\\NOS\\bin\\getPlus_HelperSvc.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\\Program Files\\Hewlett-Packard\\HP Health Check\\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\LVCOMSER\\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\LVMVFM\\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\SrvLnch\\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\PACSPTISVR.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxMediaDB9.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SsBeSvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\\Program Files\\SPAMfighter\\sfus.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files\\Common Files\\Steam\\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe

--
End of file - 8345 bytes


J'ai le rapport Virus Removal Tool, mais tu ne m'a pas demandé de l'afficher,
sans compter qu'il est très très long.
Merci encore!
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
bluestyle
Contributeur
Contributeur


Masculin
Nombre de messages : 158
Age : 46
Localisation : canada
Système d\'exploitation * : Windows
Date d'inscription : 23/11/2008

MessageSujet: Re: Problème de lookanddiscover   Jeu 29 Jan - 23:24:03



Avant d'aller à la procédure suivante de désinfection avec Ad-Remover
.

Soit vous retournez au premier message que je vous ai laissé et suivez les procédures :
• Désactiver l'UAC,
• Relancer HijackThis, pour cochez et [Fix Checker] les lignes , suivit d'un redémarrage.

Ou alors vous redémarrez en >> mode sans échec << et continuer avec les procédure suivante dans ce message.
________________________________________________________________________________________

Procédure de désinfection Ad-Remover,

► Désactiver votre antivirus.

• Relancez "Ad-remover",
• Choisissez l'option "B" .
• Sélectionnez >> Boonty/Boonty Games [ ]
• Sélectionnez >> Suppression Eorezo [ ]
• Sélectionnez >> TV Elements [ ]
• Sélectionnez >> Sweetim [ ]
• Entrez "S" (Supprimer les éléments cochés)

Affichez le rapport généré (C:\Ad-report-date.log ).

/!\ Si le Bureau ne réapparait pas,
• Appuyez sur Ctrl - Alt - Suppr.
• Allez à "Fichier" --> "Nouvelle tâche" ,
• Entrez explorer.exe et validez

P.S.: Si Ad-Remover avait de la difficulté à prendre ensemble toutes les options sélectionnées, soit :
- Sweetim, -TV Elements, - Eorezo et -Boonty/Boonty Games
• Alors relancer Ad-Remover pour les sélectionner/supprimer une après l'autre.
• Mais sauvegardez chaque rapport, entre chaque suppression sur votre bureau, pour les afficher ultérieurement.


• Relancer Ad-Remover et choisissez U pour le désinstaller.
► Réactiver l'antivirus.
_________________________________________________________________


Afficher le rapport HijackThis sur votre prochain post.

.
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Ven 30 Jan - 13:49:44

Bonjour =),
Voici le rapport ad-remover!

------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

Updated by C_XX on 17/01/2009 at 12:00

*** LIMITED TO ***

Boonty/Boontygames
Eorezo
It's TV
Sweetim

******************

Start at: 11:42:27 | Fri 30/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
Boot mode: Normal
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: PC-DE-SANAA | User: baptiste ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\

--- Running Processes: 65

(!) ---- IE start pages reset

+--------------------| Boonty/Boonty Games Elements Deleted :

.
HKCR\boontybox
.
C:\Program Files\BoontyGames

+--------------------| Eorezo Elements Deleted :

.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
.
C:\Program Files\EoRezo
C:\Users\baptiste\AppData\Roaming\EoRezo

+--------------------| It's TV Elements Deleted :

HKCU\SOFTWARE\ItsLabel
.
C:\Users\baptiste\AppData\Roaming\ItsLabel

+--------------------| Sweetim Elements Deleted :

.
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\07D5290CDBDAE4242926B8E6CA650501
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\08E33F7B61DEFF24BB9673ED7D467636
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\1AC67655DD68F8240B2860F2D511EBD8
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4318DF19719275242801CBE292063A4C
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4CCCAC049F34D0540AAC13011398BEDB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D19F074C042AD34BAB463D4175A062E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\697E782CF574CC34CBB9566440BA12BC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\6AE27A8613CF7EA4782F2886F67295E5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\7CE172051F585E04187BCB97570BFA74
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\86A901BA5265452499DCBF719C378EE3
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\9A4B7EF3789F871419D9302583B20C15
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\A6C53B0F76C44004A8F36716213017DB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\B59F2D8189784CC46A4597F2842480B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\D149C1355C98DE24E82CEFBD996FE06A
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\E337925F629CF4C4FB08F3D9674DD839
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\F327D0C73C0973644A21E8CC852267A0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\305B09CE8C53A214DB58887F62F25536
HKLM\~\USERDATA\S-1-5-21-834705997-286308422-2609924786-1000\COMPONENTS\96D82BE152767B245B7D948EF9126F46
HKLM\~\USERDATA\S-1-5-21-834705997-286308422-2609924786-1000\COMPONENTS\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\~\USERDATA\S-1-5-21-834705997-286308422-2609924786-1000\COMPONENTS\DF75D238060B32E42A452FB5F328222E
HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCU\SOFTWARE\SWEETIE
HKCU\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Macrogaming
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
.
C:\Windows\INSTALLER\15464b5.msi
C:\Windows\INSTALLER\15464bb.msi
C:\Program Files\Macrogaming
C:\Users\baptiste\AppData\Roaming\Microsoft\Windows\Cookies\baptiste@www.sweetim[2].txt

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+--------------------| Added Scan :


+---------- SCANNING PREFS.JS ... ( # MOZILLA USER PREFERENCES )

..\4j6699j9.default\prefs.js :

~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH SELECTED ENGINE: "Live Search"
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "windows-1252

.

+---------------------------------------------------------------------------+


~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

[~6976 BYTES] - "C:\AD-REPORT-CLEAN-20.9-.1-30.LOG"
[~14376 BYTES] - "C:\AD-REPORT-SCAN-20.9-.1-30.LOG"
[~14225 BYTES] - "C:\AD-REPORT-SCAN-28.01.2009.LOG"

End at: 11:44:39 | 2009-01-30 - Time elapsed: 2 minutes, 11 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 131 Lines ]
+---------------------------------------------------------------------------+
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Ven 30 Jan - 13:51:06

Puis le rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:50, on 2009-01-30
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\System32\jureg.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
C:\Windows\system32\schtasks.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\baptiste\Desktop\rapports\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 6592 bytes


Merciiiii encore! Cordialement!
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Ven 30 Jan - 14:03:55

J'ai vu que Ad-remover avait détécté le problème (* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"), mais j'ai vérifié et sa lance toujours cette maudite page! En tout cas merci de ton aide!
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
bluestyle
Contributeur
Contributeur


Masculin
Nombre de messages : 158
Age : 46
Localisation : canada
Système d\'exploitation * : Windows
Date d'inscription : 23/11/2008

MessageSujet: Re: Problème de lookanddiscover   Ven 30 Jan - 14:34:23

re,

Initialisation des navigateurs.
Avec Internet Explorer 7,
• accédez au menu [Outils] + [Options internet].
• Dans cette fenêtre, cliquez sur l'onglet [Avancé] + [Réinitialiser].

Avec Firefox,
• accédez au menu [Outils] + [Options].
• Dans cette fenêtre, cliquez sur [Restaurer la configuration par défaut].
_____________________________________________________________

Désactiver votre antivirus.

Re-télécharger Ad-Remover, si nécessaire et
Relancer AdRemover pour un scan.
• Au menu principal choisissez l'option "A" pour un Scan,
Affichez le rapport.

Réactiver votre antivirus.
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Ven 30 Jan - 15:16:44

I'am Quiet, I trust you!


------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

Updated by C_XX on 17/01/2009 at 12:00

Start at: 13:13:18 | Fri 30/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: PC-DE-SANAA | User: baptiste ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\

--- Running Processes: 65

+--------------------| Boonty/Boonty Games Elements Found :

.
.

+--------------------| Eorezo Elements Found :

.
.

+--------------------| Everest Casino/Everest Poker Elements Found :

.
.

+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :

.
.

+--------------------| It's TV Elements Found :

.

+--------------------| Sweetim Elements Found :

.
.

+--------------------| Added Scan :


+---------- SCANNING PREFS.JS ... ( # Mozilla user preferences )

..\4j6699j9.default\prefs.js :

~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH SELECTED ENGINE: "Live Search"
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER SEARCH DEFAULT URL: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "http://www.lookanddiscover.com/"
* BROWSER STARTUP HOMEPAGE: "windows-1252

.

+---------------------------------------------------------------------------+


~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]


+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://go.microsoft.com/fwlink/?LinkId=69157

+---------------------------------------------------------------------------+

[~7425 BYTES] - "C:\AD-REPORT-CLEAN-20.9-.1-30.LOG"
[~2553 BYTES] - "C:\AD-REPORT-SCAN-20.9-.1-30.LOG"
[~14225 BYTES] - "C:\AD-REPORT-SCAN-28.01.2009.LOG"

End at: 13:13:58 | 2009-01-30 - Time elapsed: 39.9 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 57 Lines ]
+---------------------------------------------------------------------------+
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
bluestyle
Contributeur
Contributeur


Masculin
Nombre de messages : 158
Age : 46
Localisation : canada
Système d\'exploitation * : Windows
Date d'inscription : 23/11/2008

MessageSujet: Re: Problème de lookanddiscover   Ven 30 Jan - 15:31:36

re,

>>Vous aviez initialisé les navigateurs avant de scanner avec Ad-remover.


.
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Ven 30 Jan - 22:48:48

Oui et bien c'est ce que vous m'aviez demandé! Je n'ai pas du comprendre si ce n'est pas le cas ! Désolé! Que Faut-il que je fasse ?
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
k3nphr3n
Membre
Membre


Masculin
Nombre de messages : 10
Age : 29
Localisation : clermont-ferrand
Date d'inscription : 28/01/2009

MessageSujet: Re: Problème de lookanddiscover   Dim 1 Fév - 14:23:06

S'il vous plaît, J'ai besoin d'aide!!!
Le virus n'est pas parti, que faut-il que je fasse? Sad
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
Anthony5151
Modérateur
Modérateur
avatar

Masculin
Nombre de messages : 177
Age : 29
Localisation : Reims (51)
Système d\'exploitation * : Vista / Ubuntu
Date d'inscription : 03/12/2008

MessageSujet: Re: Problème de lookanddiscover   Mar 3 Fév - 1:59:40

Bonjour,


Essaye ceci pour régler le problème :
  • Lance Firefox
  • Tape about:config dans la barre d'adresse et appuie sur le touche Entrée
  • Lis l'avertissement et clique sur "Je ferai attention, promis !"
  • Dans la barre Filtre située en haut de la page, tape lookanddiscover
  • Les lignes qui apparaitront devraient correspondre à l'option browser.startup.homepage (si d'autres options comportent la valeur lookanddiscover, dis le moi avant de modifier quoi que ce soit). S'il n'y a que cette option, fais un clic-droit dessus et clique sur Modifier pour remettre la page d'accueil de ton choix (tape "about:blank" pour une page vide)
  • Ferme Firefox : Fichier --> Quitter
  • Fais redémarrer ton ordinateur, et dis moi si tu page d'accueil est revenue.
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
Contenu sponsorisé




MessageSujet: Re: Problème de lookanddiscover   

Revenir en haut Aller en bas
 
Problème de lookanddiscover
Voir le sujet précédent Voir le sujet suivant Revenir en haut 
Page 1 sur 1
 Sujets similaires
-
» problème démarrage
» [Résolu] Problème avec psg tv
» Problème fax xp
» [Résolu] Problème affichage diapo powerpoint sous firefox
» [Résolu] problème freewifi hotspots

Permission de ce forum:Vous ne pouvez pas répondre aux sujets dans ce forum
 :: Forums :: Virus/Sécurité-
Sauter vers: