J'AI BESOIN D'AIDE ! AU SECOURS

Section d'analyse de rapports et de désinfection : malwares en tous genre et autres indésirables. Demandes de nettoyage uniquement. Prise en charge restreinte : équipe spécialisée.

Modérateur: Modérateurs

Règles du forum :arrow: Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
:arrow: Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
:arrow: Un topic par machine, chacun crée le sien. ;)

J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 30 Sep 2009 19:51

Bonjour, vieille maman au foyer que je suis (45 ans) je ne sais plus quoi faire je suis infectée de partout, l'informatique ce n'est pas mon truc mais les pubs pour adultes et les virus grouillent dans tous les coins de mon disque dur ! Aidez-moi je sais pas par où commencer !

J'ai suivi votre tutoriel Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:21:21, on 14.05.2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}

\PIFSvc.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\SGPSA\ie3sh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}

\PifSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\ProgramData\Sukoku\sukoku119.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sukoku\sukoku.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\conime.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Luffy\Downloads\HiJackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://format.packardbell.com/cgi-bin/r ... ey=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?

LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHelper Class - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program

Files\SGPSA\mtwb3sh.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program

Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-

4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet

Saving Optimizer\3.8.1.4690\NPIEAddOn.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program

Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -

C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} -

C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program

Files\System Search Dispatcher\1.4.3.1040\ssd.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program

Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser

Search\IE\FBStoolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program

Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program

Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: GamingHarbor Toolbar - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program

Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stb0.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0

\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard

Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec

Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program

Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SmileyApp] C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020

\stbapp.exe
O4 - HKCU\..\Run: [sydjhtse] "c:\users\marik\appdata\local\sydjhtse.exe" sydjhtse
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem

(User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

(User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem

(User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-888174824-1203318291-1749208249-1003\..\Run: [Sidebar] C:\Program

Files\Windows Sidebar\sidebar.exe /autoRun (User 'Luffy')
O4 - HKUS\S-1-5-21-888174824-1203318291-1749208249-1003\..\Run: [msnmsgr] "C:\Program

Files\MSN Messenger\msnmsgr.exe" /background (User 'Luffy')
O4 - HKUS\S-1-5-21-888174824-1203318291-1749208249-1003\..\Run: [ehTray.exe]

C:\Windows\ehome\ehTray.exe (User 'Luffy')
O4 - HKUS\S-1-5-21-888174824-1203318291-1749208249-1003\..\Run: [ISUSPM] "C:\Program

Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (User 'Luffy')
O4 - HKUS\S-1-5-21-888174824-1203318291-1749208249-1003\..\Run: [swg] "C:\Program

Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Luffy')
O4 - S-1-5-21-888174824-1203318291-1749208249-1003 Startup: StarOffice 8.lnk = C:\Program

Files\Sun\StarOffice 8\program\quickstart.exe (User 'Luffy')
O4 - S-1-5-21-888174824-1203318291-1749208249-1003 User Startup: StarOffice 8.lnk = C:\Program

Files\Sun\StarOffice 8\program\quickstart.exe (User 'Luffy')
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32

\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1

\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) -

http://a516.g.akamai.net/f/516/25175/7d ... ix/icaweb-

20070115.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) -

http://picasaweb.google.com/s/v/52.09/uploader2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK

Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program

Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common

Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) -

Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9d1876b457984) (gupdate1c9d1876b457984) - Google

Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program

Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program

Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program

Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program

Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0

\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common

Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware

Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware

Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing

Shared\stllssvr.exe
O23 - Service: Sukoku Service - Unknown owner - C:\ProgramData\Sukoku\sukoku119.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program

Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common

Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 14053 bytes










J'espère que vous ne désespérez pas trop
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar nardino » 01 Oct 2009 10:45

Bonjour.

Voici un procédure à appliquer dans cet ordre précis.
1- Télécharge Navilog1 :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.

Double clique sur "navilog1.exe" pour lancer l'installation.

L'installation terminée, fais un clic-droit sur le raccourci "Navilog1" présent sur ton bureau et choisis :
"Exécuter en tant qu'administrateur". C'est impératif.

Au menu principal, Fais le choix "1"
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le blocnote va s'ouvrir.

Copie-colle l'intégralité du rapport dans ta réponse.
Referme le blocnote.
Note : Il sera enregistré sous C:\cleannavi.txt

2- Télécharge Navilog1 :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.

Double clique sur "navilog1.exe" pour lancer l'installation.

L'installation terminée, fais un clic-droit sur le raccourci "Navilog1" présent sur ton bureau et choisis :
"Exécuter en tant qu'administrateur". C'est impératif.

Au menu principal, Fais le choix "1"
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le blocnote va s'ouvrir.

Copie-colle l'intégralité du rapport dans ta réponse.
Referme le blocnote.
Note : Il sera enregistré sous C:\cleannavi.txt

3- Télécharge et installe Malwarebyte's Anti-Malware de RubbeR DuckY
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée. Clique sur "Terminer"
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free, clique sur OK.
Laisse les Mises à jour se télécharger et referme le programme.

Lance Malwarebyte's Anti-Malware par clic droit sur l'icône du bureau et "Exécuter en tant qu'administrateur"
Onglet "Recherche", coche Exécuter un examen complet et Rechercher
Sélectionne ton disque dur et clique sur Lancer l'examen

A la fin du scan, sélectionne tout et clique sur Supprimer la sélection
Poste le rapport.
Il se trouve dans l'onglet Rapports/Logs avec la date et l'heure d'exécution

Tu as donc trois rapports à poster auxquels tu joindras un nouveau rapport Hijackthis et des informations sur l'évolution des problèmes constatée.

@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 01 Oct 2009 18:43

Merci d'avoir pris du temps. Voilà les rapports :

Fix Navipromo version 4.0.2 commencé le 14.05.2007 0:05:47.92

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2080 @ 1.73GHz )
BIOS : Default System BIOS
USER : marik ( Not Administrator ! )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:141 Go (Free:71 Go)
D:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


C:\Users\marik\AppData\Local\dmfncm.exe supprimé !
C:\Users\marik\AppData\Local\dmfncm.dat supprimé !
C:\Users\marik\AppData\Local\dmfncm_nav.dat supprimé !
C:\Users\marik\AppData\Local\dmfncm_navps.dat supprimé !
C:\Users\marik\AppData\Local\ecmdb.bat supprimé !


Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\marik\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok






*** Scan terminé 14.05.2007 0:06:13.49 ***



MBAM :


Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2885
Windows 6.0.6000

14.05.2007 01:31:12
mbam-log-2007-05-14 (01-31-12).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 246116
Temps écoulé: 1 hour(s), 1 minute(s), 35 second(s)

Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 12
Clé(s) du Registre infectée(s): 54
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 30
Fichier(s) infecté(s): 159

Processus mémoire infecté(s):
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbapp.exe (Adware.DoubleD) -> Unloaded process successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbappHelper.exe (Adware.DoubleD) -> Unloaded process successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbsvc.exe (Adware.DoubleD) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\HookAPINT.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\MyDll.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\ProductInfo.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\riched20Smiley.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\SkinCrafterDll.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbapp.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbMsn.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\SmileyCore.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPCommon.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050\HPCommon.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{42c23154-00fa-4a93-9de9-3eb523cffff6} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2e8e2100-98cb-4aac-9480-63a281acaff5} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{803e73fe-cb73-4d49-8aff-653fd6f44171} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51b67a88-02d0-43cb-8d12-5ca3e2d4cf49} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d44cc2fb-77b8-48a5-a5dc-f961f2d258fb} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5297e905-1dfb-4a9c-9871-a4f95fd58945} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{22c12739-c111-44c6-9bb7-f335c2a9be2a} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{edb1a56e-2224-4c79-a4bd-42a39c6e4608} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{27ff1ee8-8ccc-49e1-b801-f212e3744e80} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{872a1c39-df0b-4c8b-ad84-12ba24a3b781} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smileyapp (Adware.DoubleD) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\DoubleD (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020 (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale\en-US (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\searchplugins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690 (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050 (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\FF (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\components (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.3.1040 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.3.1040\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.3.1040\ssd.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\OEActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stb0.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\GEN5\DESSIN\TESTCD.EXE (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\Navilog1\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Geraldine\AppData\Local\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Invité\AppData\Local\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Luffy\AppData\Local\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Luffy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CST2Q42I\Official-eMule_setup[1].exe (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Luffy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4I1MJ51\MakeTheWebBetter[1].exe (Adware.MakeTheWebBetter) -> Quarantined and deleted successfully.
C:\Users\marik\AppData\Local\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\AxGifAnimator.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\gdiplus.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\HookAPINT.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\mfc80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Microsoft.VC80.CRT.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\msvcr80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\MyDll.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\ProductInfo.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Riched20Smiley.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\SkinCrafterDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbAol.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbapp.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbapp.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbappHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbasst.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbdl.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbIE.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbMsn.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbOL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbOLEX.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbsvc.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbYahoo8.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stbYahoo9.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\default1.dat (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\loading.dat (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\loading.gif (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Cursor.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Game.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Glitter.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Logo.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Option.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Recipe.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Ringtone.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Screensaver.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Search.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Web.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\pixel.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\ProductInfo.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\profile.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\SearchEngineList.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\tbcore.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\ToolbarLayout.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\UpdateCentre.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\URLDynamic.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\URLStatic.mx (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\GamingHarborToolbar.jar (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\DDAutoComplete.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\SmileyCore.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\TBFFHelper.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\About.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Cursor.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Cursor.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Game.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Glitter.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Glitter.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Logo.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Option.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Recipe.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Search.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Smiley.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Smiley.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Web.mg (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDefault.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnOption.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink.png (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin1.skf (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin2.skf (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin3.skf (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin4.skf (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\ToastSkin.skf (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPCommon.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\HPCommon.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.3.1040\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.3.1040\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.


HiJackThis :

¨Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:11:34, on 14.05.2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\ProgramData\Sukoku\sukoku119.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Search Guard PlusU\sgpupdaters.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\Sukoku\sukoku.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\SGPSA\ie3sh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\marik\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/r ... ey=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHelper Class - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d ... 070115.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/52.09/uploader2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9d1876b457984) (gupdate1c9d1876b457984) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Sukoku Service - Unknown owner - C:\ProgramData\Sukoku\sukoku119.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 12477 bytes
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar nardino » 02 Oct 2009 10:38

Bonjour.

Encore un petit outil à utiliser, mais les choses doivent s'améliorer sur ton pc. :)
Télécharge Toolbar-S&D de Eric_71
Sur ton bureau, impératif.
Double clique sur l'icône ToolBar SD.exe.
[img]
http://i85.servimg.com/u/f85/11/05/93/83/tbsd110.jpg[/img]

(Sous Vista, faire un clic droit sur cette icône, Exécuter en tant qu'administrateur (Elévation des privilèges.), puis Continuer.)

Dans la fenêtre DOS bleue, Tape F, puis Entrer.
Ensuite tape 1 et Entrer.
Le système va redémarrer et le scan prendra quelques minutes.
Une fois terminé un rapport TB.txt va s'ouvrir.
Tu le postes
Tu fermes le rapport sur ton bureau et tu attends les résultats de l'analyse.
Ce rapport sera enregistré à la racine du système : C:\TB.txt
@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 12:20

-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2080 @ 1.73GHz )
BIOS : Default System BIOS
USER : marik ( Not Administrator ! )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:141 Go (Free:71 Go)
D:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 14.05.2007| 0:07 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Start Page"="http://www.google.com/"
"Default_Page_URL"="http://format.packardbell.com/cgi-bin/redirect/?country=CHFR&range=AD&phase=8&key=IESTART"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 14.05.2007| 0:08 - Option : [1]

-----------\\ Fin du rapport a 0:08:35.25





Merci d'avance
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar nardino » 02 Oct 2009 13:07

Bonjour.

Peux-tu me dire à quoi te servent ces deux programmes :
C:\Program Files\SGPSA
C:\Program Files\Fast Browser Search

D'autre part il faut mettre à jour Java.
Télécharge Java Runtime Environment (JRE)6u16 :
http://java.sun.com/javase/downloads/index.jsp
Clique sur Download Java Runtime Environment (JRE) 6 update16
Dans la page suivante, choisis Windows dans Platform coche I agree to the Java SE Runtime Environment 6 License Agreement et Continue
Dans la nouvelle page, coche Windows Offline Installation, et clique sur jre-6u16-windows-i586-p.exe //15.89 MB.
Tu l'installeras hors connexion.
Par Programmes et fonctionnalités, tu désinstalles toutes les autres versions si présentes.
N'oublies pas la réponse à ma question. :wink:
@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 13:10

Je ne sais pas à quoi ils servent ma fille a une fâcheuse tendance à toucher à tout...

Pour java, je vais faire la mise à jour.
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar nardino » 02 Oct 2009 13:21

Bonjour.
Dans ce cas tu les désinstalles par le panneau de configuration, Programmes et fonctionnalités.
Puis tu redémarres et tu établis un nouveau rapport Hijackthis auquel tu joins des nouvelles sur l'évolution de tes problèmes.
@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 13:57

aLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:04:07, on 14.05.2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\marik\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/r ... ey=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O13 - Gopher Prefix:
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d ... 070115.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/52.09/uploader2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Google Update (gupdate1c9d1876b457984) (gupdate1c9d1876b457984) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Sukoku Service - Unknown owner - C:\ProgramData\Sukoku\sukoku119.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 7640 bytes




Au niveau des problèmes ça va beaucoup mieux.

J'en ai profité pour supprimer plein de logiciels inutiles.

Cependant je n'arrive pas à supprimer Bitdefender pour installer Antivir...
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar nardino » 02 Oct 2009 14:49

Bonjour.
Il faut aussi supprimer ce fichier : C:\ProgramData\Sukoku
Pour BitDefender, fais-le avec RevoUnintsller.
Redémarre avant d'installer Antivir.
@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 14:58

Que faire ensuite ?
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 15:18

Franchement ça va beaucoup mieux je ne sais comment vous remercier !!
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 16:07

Je viens de me rendre compte que je ne peux pas supprimer sukoku, enfin je ne le trouve pas
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 16:13

Ah si c'est bon je l'ai supprimé...

Maintenant j'ai un problème encore, je n'arrive pas à mettre à jour Antivir, ni Windows... pourtant j'ai Internet...


Ah je viens de voir qu'on pouvait éditer les messages, donc voilà j'ai réussi à mettre à jour windows mais quand je mets à jour antivir ça marche pas rien ne charge enfin la mise à jour se lance mais y a pas de chargement...
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar nardino » 02 Oct 2009 17:24

Bonsoir,
Pour le mises à jour de Antivir, il faut insister à d'autres moments, il y a des problèmes de serveurs.
C'est la rançon du succès.
Si tout va bien nous allons désinstaller tous les ouils utilisés pour cette désinfection.
Tu lances le dernier outil proposé, OTM
Tu cliques sur le bouton CleanUp
Il va se désinstaller lui-même avec les autres outils.
Quand tu auras mis à jour Antivir, tu pourras passer la question en réolu.
Pour info voici les programmes qui peuevent causer l'infection par Navipromo, donc à ne pas installer.

* Instant access
* Go-astro
* GoRecord
* HotTVPlayer
* MailSkinner
* Messenger Skinner
* Instant Access
* InternetGameBox
* Sudoplanet
* Spyware Secure
* WebMediaplayer
* Live Player
* Games Attack
* Funky Emoticons
* Original Solitaire
* Funkyemoticons

@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 17:56

Je ne comprends pas, qu'est-ce qu'OTM ?
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar mtagan » 02 Oct 2009 18:14

Je crois que j'ai encore un problème vu que je n'arrive toujours pas à faire la mise à jour de Antivir et je viens de me rendre compte que je n'arrive pas non plus à faire celle de windows, j'ai juste pu installer une d'entre elles, le reste ça me met une erreur de contact du serveur ou je sais pas quoi exactement comme avec Antivir :(
mtagan
 
Messages: 11
Inscription: 30 Sep 2009 19:44

Re: J'AI BESOIN D'AIDE ! AU SECOURS

Messagepar nardino » 02 Oct 2009 19:12

Bonsoir.
Pour OTM j'ai mélangé deux sujets. :oops:
Télécharge ToolsCleaner2 de A. Rothstein sur ton Bureau :

Double clique sur ToolsCleaner2.exe
Clique sur Recherche et la liste des outils va s'afficher.
Clique sur le bouton Suppression.
Quitter.

Un fichier C:\TCleaner.txt sera créé, postes-le

Note : ton bureau va disparaître, c'est normal.
S'il n'apparaît pas à la fin du scan, fais la manip suivante :

CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"
Tape explorer.exe et valide. Cela fera réapparaître le Bureau


Pour ton problème de connexion, dans le menu Windows, Tous les programmes, Accessoires tu cliques droit sur Invite de commandes et dans le menu sur Exécuter en tant qu'administrateur.
Une fenêtre de type DOS s'ouvre.
-Au prompt tu tapes ipconfig /flushdns et tu appuies sur [Entrer]

Donne des nouvelles.
@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02


Retourner vers Désinfections et demandes d'analyse

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 0 invités