[Résolu] Comment faire pour me débarrasser de mes virus

Si vous avez des problèmes pour supprimer virus ou troyens installés sur votre ordinateur, vous pouvez demander de l'aide dans ce forum.

Modérateur: Modérateurs

Règles du forum
:arrow: Les règles du forum

:arrow: S'il vous plait, ne demandez pas d'aide dans le sujet d'un autre membre. Créez votre propre demande dans la partie appropriée du forum en décrivant le plus précisément possible les problèmes rencontrés.

[Résolu] Comment faire pour me débarrasser de mes virus



Publicité
 

[Résolu] Comment faire pour me débarrasser de mes virus

Messagepar romualdina » 09 Oct 2009, 20:33

Bonjour, Voici le blocknote de Hijack this. Comment me débarrasser de mes virus ?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:28:17, on 09/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redire ... &site=home (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fnacphoto.com/ECTelechargeme ... oader5.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9775 bytes
romualdina
Nouveau
Nouveau
 
Messages: 17
Inscription: 05 Oct 2009, 20:42

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar Engil Hramn » 09 Oct 2009, 22:06

Salut,

Il y a beaucoup de logiciel superflus sur ton rapport Hijackthis...
Mais bon, nous verrons ça après.

:arrow: Télécharge Malwarebytes Anti-Malware.

  • Installe le et mets le à jour lorsque ça t'est proposé.
    A la fin de la mise à jour le programme se lance.
  • Coche la case Exécuter un examen complet puis clique sur Rechercher.
  • Sélectionne (coche) toutes tes partitions puis clique sur Lancer l'examen.
  • Lorsque le scan est terminé, un message te prévient. Clique alors sur le bouton Montrer les résultats.
  • Dans la fenêtre suivante clique sur Supprimer la sélection
  • Si le programme te propose de redémarrer l'ordinateur, accepte!
  • Le rapport de scan va s'afficher. Sauvegarde le puis poste son contenu dans ta prochaine réponse.

Si besoin tu peux consulter le tuto suivant: Comment installer et utiliser Malwarebytes' Anti-Malware

Bonne fin de soirée à toi.
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 162
Inscription: 17 Sep 2008, 14:39

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar romualdina » 10 Oct 2009, 08:42

Bonjour,
Voilà donc le texte. Mon PC a été toujours aussi compliqué à redémarrer et affiche toujours le message "your application has requested the runtime program..."
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 6.0.6002 Service Pack 2

10/10/2009 09:31:50
mbam-log-2009-10-10 (09-31-50).txt

Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 254027
Temps écoulé: 1 hour(s), 13 minute(s), 17 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 15
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 31
Fichier(s) infecté(s): 139

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.4.23050 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\Media Access Startup\1.6.0.940 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\HPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_07.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Cursor.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Glitter.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Smiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_07.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_07.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090905-225747.862.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\Media Access Startup\1.6.0.940\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\christine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090905-225747.815.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\carlo\Local Settings\Application Data\hblffa_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\carlo\Local Settings\Application Data\hblffa_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
romualdina
Nouveau
Nouveau
 
Messages: 17
Inscription: 05 Oct 2009, 20:42

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar Engil Hramn » 10 Oct 2009, 09:36

Salut,
Où en sont les problèmes du PC ?
Tu peut donner plus d'informations sur le message que tu as au démarrage ?

:arrow: Désactive ton antivirus le temps de télécharger et exécuter Ad-Remover

  • Télécharge Ad-remover de C_XX et enregistre sur ton bureau.
  • Une fois le fichier téléchargé, ferme toutes les fenêtres de ton navigateur.
  • Si tu es sous XP, double-clique sur AD-R.exe pour le lancer.
    Si tu es sous Vista, clique droit sur AD-R.exe puis choisis Exécuter en tant qu'administrateur.
  • Accepte les conditions d'utilisation en cliquant sur OUI.
  • Une fenêtre va s'ouvrir te proposant un menu. Pour lancer le scan saisis S puis appuie sur [Entrée]
  • Patiente le temps du scan sans rien toucher.
  • A la fin, un rapport va s'ouvrir à l'écran. Poste l'intégralité de son contenu dans ta prochaine réponse.
    (Le rapport est aussi sauvegardé sous C:\Ad-report-scan.log)

NB:
- Process.exe une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Bonne journée à toi.
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 162
Inscription: 17 Sep 2008, 14:39

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar romualdina » 10 Oct 2009, 10:34

Bonjour, Merci de ces explications.
Voici le texte :
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Y | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 10.10.2009 à 10:53
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 11:23:52, 10/10/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
Nom du PC: PC-DE-CHRISTINE | Utilisateur actuel: christine
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.

HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
HKCU\Software\AppDataLow\Software\DoubleD
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\SweetIM
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
HKLM\Software\Classes\MediaPlayer.GraphicsUtils
HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1
HKLM\Software\Classes\MgMediaPlayer.GifAnimator
HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM\Software\Classes\SWEETIE.IEToolbar
HKLM\Software\Classes\SWEETIE.IEToolbar.1
HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\Software\Classes\Toolbar3.SWEETIE
HKLM\Software\Classes\Toolbar3.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
HKLM\Software\SweetIM
HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\Registry\User\S-1-5-21-1613807860-2138168787-3425087141-1000\Software\Sweetim
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{27FF1EE8-8CCC-49E1-B801-F212E3744E80}
HKLM\Software\Classes\TypeLib\{22C12739-C111-44C6-9BB7-F335C2A9BE2A}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
HKLM\software\classes\installer\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
.
C:\ProgramData\SweetIM
C:\Users\christine\AppData\LocalLow\SweetIM
C:\Program Files\SweetIM
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf
C:\Users\CHRIST~1\AppData\Local\Temp\tdf.zip
C:\Windows\Installer\4a0e18.msi
C:\Windows\Installer\4a0e1e.msi
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[2].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[3].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[5].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[6].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@pub.iminent[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@pub.iminent[2].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@pub.iminent[3].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@pub.iminent[5].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\Low\carlo@partypoker[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\Low\carlo@search.sweetim[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\Low\carlo@sweetim[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\Low\carlo@www.sweetim[2].txt
C:\Users\christine\AppData\Roaming\Microsoft\Windows\Cookies\christine@iminent[1].txt
C:\Users\christine\AppData\Roaming\Microsoft\Windows\Cookies\christine@iminent[3].txt
C:\Users\christine\AppData\Roaming\Microsoft\Windows\Cookies\christine@mywebsearch[1].txt
C:\Users\christine\AppData\Roaming\Microsoft\Windows\Cookies\christine@pub.iminent[1].txt
C:\Users\christine\AppData\Roaming\Microsoft\Windows\Cookies\christine@pub.iminent[3].txt
C:\Users\christine\AppData\Roaming\Microsoft\Windows\Cookies\christine@sweetim[2].txt
C:\Users\christine\AppData\Roaming\Microsoft\Windows\Cookies\christine@www.sweetim[1].txt
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version [Impossible d'obtenir la version] *
.
Nom du profil: (christine)
.
.
.
* Internet Explorer Version 8.0.6001.18813 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://www.google.com/ig/redirectdomain ... bmod=TSEA;
Default_Page_URL: hxxp://www.google.com/ig/redirectdomain ... bmod=TSEA;
Search Bar: hxxp://www.google.com/ie
Search Page: hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.google.com/ig/redirectdomain ... bmod=TSEA;
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
12974 Octet(s) - C:\Ad-Report-SCAN[1].log
.
1423 Fichier(s) - C:\Users\CHRIST~1\AppData\Local\Temp
2177 Fichier(s) - C:\Windows\Temp
.
0 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 11:29:35 | 10/10/2009 - SCAN[1]
.
============== E.O.F ==============
.
romualdina
Nouveau
Nouveau
 
Messages: 17
Inscription: 05 Oct 2009, 20:42

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar Engil Hramn » 10 Oct 2009, 10:53

Salut,

:arrow: Veille à ce que ton antivirus soit toujours désactivé et ferme toutes les fenêtres de ton navigateur le temps d'exécuter Ad-Remover.

  • Si tu es sous XP, double-clique sur l'icone de Ad-Remover qui est sur ton bureau.
    Si tu es sous Vista, Clique droit sur l'icone de AD-Remover sur ton bureau et choisis Exécuter en tant qu'administrateur.
  • Une fois le menu affiché, tape L pour lancer le nettoyage et appuis sur [Entrée]
  • Patiente le temps que l'outil travaille sans l'interrompre.
  • Un rapport va s'afficher à l'écran. Poste tout son contenu dans ta prochaine réponse.
    (Le rapport est aussi enregistré sur C:/Ad-Report-(jour-mois-année).log)

Postes également un nouveau log Hijackthis, et cette fois si, dit moi où en sont les problèmes du PC et donne plus de précision sur le message d'erreur que tu obtient au démarrage du pc. (questions auxquelles tu n'as pas répondu...)
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 162
Inscription: 17 Sep 2008, 14:39

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar romualdina » 10 Oct 2009, 13:55

Bonjour, Le message d'erreur que j'ai quand j'allume l'ordi est : "This application has requested Runtime to terminate it in an unusual way. " Je tape donc ok entre 10 et 50 fois avant de pouvoir accéder. Cela peut prendre une heure.
Il arrive aussi avant d'accéder à ce message d'erreur, j'ai l'écran noir qui me propose le mode sans échec mais je ne démarre pas par ce mode.
Merci de votre aide

Voila le nouveau texte. Je n'ai pas rééteint mon ordi, vous comprenez pourquoi !
======= RAPPORT D'AD-REMOVER 1.1.4.5_Y | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 10.10.2009 à 12:21
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 14:38:18, 10/10/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
Nom du PC: PC-DE-CHRISTINE | Utilisateur actuel: christine
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
HKCU\Software\AppDataLow\Software\DoubleD
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\SweetIM
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
HKLM\Software\Classes\MediaPlayer.GraphicsUtils
HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1
HKLM\Software\Classes\MgMediaPlayer.GifAnimator
HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM\Software\Classes\SWEETIE.IEToolbar
HKLM\Software\Classes\SWEETIE.IEToolbar.1
HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\Software\Classes\Toolbar3.SWEETIE
HKLM\Software\Classes\Toolbar3.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
HKLM\Software\SweetIM
HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\Registry\User\S-1-5-21-1613807860-2138168787-3425087141-1000\Software\Sweetim
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{27FF1EE8-8CCC-49E1-B801-F212E3744E80}
HKLM\Software\Classes\TypeLib\{22C12739-C111-44C6-9BB7-F335C2A9BE2A}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
HKLM\software\classes\installer\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
.
C:\ProgramData\SweetIM\Messenger
C:\ProgramData\SweetIM\Toolbars
C:\ProgramData\SweetIM\Messenger\conf
C:\ProgramData\SweetIM\Messenger\data
C:\ProgramData\SweetIM\Messenger\logs
C:\ProgramData\SweetIM\Messenger\update
C:\ProgramData\SweetIM\Messenger\conf\adapter.xml
C:\ProgramData\SweetIM\Messenger\conf\autoupdate.xml
C:\ProgramData\SweetIM\Messenger\conf\logger.xml
C:\ProgramData\SweetIM\Messenger\conf\messages.xml
C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml
C:\ProgramData\SweetIM\Messenger\conf\sweetimapp.xml
C:\ProgramData\SweetIM\Messenger\conf\users
C:\ProgramData\SweetIM\Messenger\conf\users\cfsornay@hotmail.fr
C:\ProgramData\SweetIM\Messenger\conf\users\main_user_config.xml
C:\ProgramData\SweetIM\Messenger\conf\users\cfsornay@hotmail.fr\content_update_notification.xml
C:\ProgramData\SweetIM\Messenger\conf\users\cfsornay@hotmail.fr\emoticons_shortcut.xml
C:\ProgramData\SweetIM\Messenger\conf\users\cfsornay@hotmail.fr\lastuse_Audibles.xml
C:\ProgramData\SweetIM\Messenger\conf\users\cfsornay@hotmail.fr\lastuse_Emoticons.xml
C:\ProgramData\SweetIM\Messenger\conf\users\cfsornay@hotmail.fr\lastuse_SoundFX.xml
C:\ProgramData\SweetIM\Messenger\conf\users\cfsornay@hotmail.fr\lastuse_Winks.xml
C:\ProgramData\SweetIM\Messenger\conf\users\cfsornay@hotmail.fr\user_config.xml
C:\ProgramData\SweetIM\Messenger\data\contentdb
C:\ProgramData\SweetIM\Messenger\data\contentdb\00010844.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00010893.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0001089A.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000108A2.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000108AA.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000108C2.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00010932.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0001094E.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00010952.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00010968.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0001096C.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00010970.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00010995.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0002006E.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0002013F.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00020185.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00020318.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0002032E.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00020337.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0002033D.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000300A1.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000300B2.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000300B9.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000300CD.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00040015.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00040020.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0004005A.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00040063.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000400C0.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000400C6.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000400DD.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0004010D.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00040129.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00050005.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00060027.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0006007D.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00060137.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00080011.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00080022.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0008002D.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00080044.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00080045.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\0008005C.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\00080077.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000800D9.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\000800DA.dat
C:\ProgramData\SweetIM\Messenger\data\contentdb\cache_indx.dat
C:\ProgramData\SweetIM\Toolbars\Internet Explorer
C:\ProgramData\SweetIM\Toolbars\Internet Explorer\cache
C:\ProgramData\SweetIM\Toolbars\Internet Explorer\cache\79364243b9dac7ae8d7a0ecd142b9032.toolbar34.xml
C:\ProgramData\SweetIM
C:\Users\christine\AppData\LocalLow\SweetIM\Toolbars
C:\Users\christine\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer
C:\Users\christine\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache
C:\Users\christine\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\79364243b9dac7ae8d7a0ecd142b9032.toolbar34.xml
C:\Users\christine\AppData\LocalLow\SweetIM
C:\Program Files\SweetIM\Messenger
C:\Program Files\SweetIM\Toolbars
C:\Program Files\SweetIM\Messenger\default.xml
C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
C:\Program Files\SweetIM\Messenger\mgAIMAuto.dll
C:\Program Files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
C:\Program Files\SweetIM\Messenger\mgArchive.dll
C:\Program Files\SweetIM\Messenger\mgcommon.dll
C:\Program Files\SweetIM\Messenger\mgcommunication.dll
C:\Program Files\SweetIM\Messenger\mgconfig.dll
C:\Program Files\SweetIM\Messenger\mgFlashPlayer.dll
C:\Program Files\SweetIM\Messenger\mghooking.dll
C:\Program Files\SweetIM\Messenger\mgICQAuto.dll
C:\Program Files\SweetIM\Messenger\mgICQMessengerAdapter.dll
C:\Program Files\SweetIM\Messenger\mgIEPlayer.dll
C:\Program Files\SweetIM\Messenger\mglogger.dll
C:\Program Files\SweetIM\Messenger\mgMediaPlayer.dll
C:\Program Files\SweetIM\Messenger\mgMsnAuto.dll
C:\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
C:\Program Files\SweetIM\Messenger\mgsimcommon.dll
C:\Program Files\SweetIM\Messenger\mgSweetIM.dll
C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll
C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll
C:\Program Files\SweetIM\Messenger\mgYahooAuto.dll
C:\Program Files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
C:\Program Files\SweetIM\Messenger\msvcp71.dll
C:\Program Files\SweetIM\Messenger\msvcr71.dll
C:\Program Files\SweetIM\Messenger\resources
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SweetIM\Messenger\resources\images
C:\Program Files\SweetIM\Messenger\resources\images\AudibleButton.png
C:\Program Files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png
C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png
C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png
C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer
C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf
C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\msvcp71.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\msvcr71.dll
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources
C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\live.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\news.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
C:\Program Files\SweetIM
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\248d6576afce4ee94af42d7350131106.gif
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\24a70fb875fab686b6b3c217612bc07c.gif
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\default1.dat
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\loading.dat
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Cache\loading.gif
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Cursor.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_DailyVideo.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Game.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Glitter.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Logo.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Option.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Recipe.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Ringtone.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Screensaver.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Search.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Smiley.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Smiley_Config.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Smiley_Config.mx.new
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Smiley_TellAFriend.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Wallpaper.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_Web.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_01.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_02.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_03.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_04.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_05.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_06.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\Module_WebDropdown_07.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\pixel.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\ProductInfo.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\profile.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\SearchEngineList.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\tbcore.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\ToolbarLayout.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\UpdateCentre.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\UpdateCentreBk.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\URLDynamic.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Data\URLStatic.mx
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\About.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Component_ComboBox.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Cursor.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Cursor.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_DailyVideo.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Game.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Glitter.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Glitter.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Logo.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Option.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Recipe.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Ringtone.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Screensaver.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Search.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Smiley.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Smiley.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Wallpaper.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_Web.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_01.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_01.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_02.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_02.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_03.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_03.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_04.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_04.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_05.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_05.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_06.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_06.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_07.mg
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\Module_WebDropdown_07.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDefault.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDisplay.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDisplay.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDisplay18.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnDisplay20.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnGlitters.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnGlitters.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnGlitters18.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnGlitters20.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnOption.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnSmiley.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnSmiley.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnSmiley18.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnSmiley20.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnTellFd.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnTellFd.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnTellFd18.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnTellFd20.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnWink.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnWink.png
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnWink18.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Icons\TBBtnWink20.bmp
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\myskin1.skf
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\myskin2.skf
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\myskin3.skf
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\myskin4.skf
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\TellafriendSkin.skf
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\TellafriendSkin_s.skf
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD\GamingHarbor Toolbar\4.2.4.23050\Skins\ToastSkin.skf
C:\Users\CHRIST~1\AppData\Local\Temp\DoubleD
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\Module_Smiley_TellAFriend.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\Module_WebDropdown_01.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\Module_WebDropdown_02.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\Module_WebDropdown_03.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\Module_WebDropdown_04.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\Module_WebDropdown_05.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\Module_WebDropdown_06.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\Module_WebDropdown_07.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Data\ToolbarLayout.mx
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_01.mg
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_01.png
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_02.mg
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_02.png
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_03.mg
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_03.png
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_04.mg
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_04.png
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_05.mg
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_05.png
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_06.mg
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_06.png
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_07.mg
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf\Icons\Module_WebDropdown_07.png
C:\Users\CHRIST~1\AppData\Local\Temp\New_tdf
C:\Users\CHRIST~1\AppData\Local\Temp\tdf.zip
C:\Windows\Installer\4a0e18.msi
C:\Windows\Installer\4a0e1e.msi
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[2].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[3].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[5].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@iminent[6].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@pub.iminent[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@pub.iminent[2].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@pub.iminent[3].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\carlo@pub.iminent[5].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\Low\carlo@partypoker[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\Low\carlo@search.sweetim[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\Low\carlo@sweetim[1].txt
C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Cookies\Low\carlo@www.sweetim[2].txt
C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\Cookies\christine@iminent[1].txt
C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\Cookies\christine@iminent[3].txt
C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\Cookies\christine@mywebsearch[1].txt
C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\Cookies\christine@pub.iminent[1].txt
C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\Cookies\christine@pub.iminent[3].txt
C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\Cookies\christine@sweetim[2].txt
C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\Cookies\christine@www.sweetim[1].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version [Impossible d'obtenir la version] *
.
Nom du profil: (christine)
.
.
.
* Internet Explorer Version 8.0.6001.18813 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
36890 Octet(s) - C:\Ad-Report-CLEAN[1].log
13310 Octet(s) - C:\Ad-Report-SCAN[1].log
.
246 Fichier(s) - C:\Users\CHRIST~1\AppData\Local\Temp
21 Fichier(s) - C:\Windows\Temp
.
18 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
72 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 14:44:53 | 10/10/2009 - CLEAN[1]
.
============== E.O.F ==============
.
romualdina
Nouveau
Nouveau
 
Messages: 17
Inscription: 05 Oct 2009, 20:42

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar Engil Hramn » 10 Oct 2009, 14:45

Re,

:arrow: Relance Ad-remover : au menu principal choisis l'option D pour lancer la désinstallation.
Clique sur Ok quand l'avertissement apparait .

Nous allons procéder également à une petite vérification avec Navilog1, ton rapport Malwarebytes laissant apparaître des traces de l'adware Navipromo/Magic_Control:

:arrow: Désactive ton antivirus le temps de l'utilisation de l'outil Navilog1.


:arrow: Télécharge Navilog1 (par IL-MAFIOSO) sur ton bureau à partir du lien suivant: http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

  • Ensuite double clique sur navilog1.exe pour lancer l'installation.

  • Une fois l'installation terminée, double-clique sur le raccourci Navilog1 présent sur le bureau.

  • Laisse-toi guider. Appuie sur une touche quand on te le demande.

  • Au menu principal, choisis 1 et valide.
    < Ne fais pas le choix 2 >

  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.

  • Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.

  • Patiente jusqu'au message "Scan terminé le......"

  • Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir contenant le rapport.
    Copie-colle l'intégralité du rapport dans ta prochaine réponseréponse. Referme le bloc-notes.


    PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt




:arrow: Poste ensuite un nouveau rapport HijackThis, et de même, essaye de donner le message d'erreur en entier (le problème de runtime au démarrage), il manque à mon avis le plus important du message... postes en un screenshot au pire. :wink:
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 162
Inscription: 17 Sep 2008, 14:39

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar romualdina » 11 Oct 2009, 08:43

Bonjour, merci encore de cette aide, je me sens vraiment moins seule !
Alors d'abord voici ce qui se passe exactement quand j'allume l'ordi : d'abord l'écran bleu apparaît avec "veuillez patientez" ce qui dure 1 à 2 minutes, puis voici le message d'erreur complet qui apparaît systématiquement :
"This application has requested Runtime to terminate it in an unusual way. Please contact the application support's team for more information"J'ai une seule proposition : "ok" et j'accepte donc "ok" et alors j'ai en boucle l'écraqn bleu "veuillez patientez" et ce message. Parfois, tout se bloque et je dois éteindre sauvagement.
Là, vous savez tout !

Voici le résultat du scan Navilog1:
Fix Navipromo version 4.0.2 commencé le 11/10/2009 9:07:12,11

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : christine ( Not Administrator ! )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:117 Go (Free:66 Go)
E:\ (Local Disk) - NTFS - Total:113 Go (Free:108 Go)
F:\ (CD or DVD)


Recherche executée en mode normal


Aucune Infection Navipromo/Egdaccess trouvée



*** Scan terminé 11/10/2009 9:24:03,02 ***

Et voici le nouveau rapport Hijack this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:41:46, on 11/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\conime.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navcli ... ource=iglk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redire ... &site=home (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fnacphoto.com/ECTelechargeme ... oader5.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9394 bytes
romualdina
Nouveau
Nouveau
 
Messages: 17
Inscription: 05 Oct 2009, 20:42

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar Engil Hramn » 11 Oct 2009, 11:04

Salut,
Ton problème de Runtime ne me dit pas grand chose... il serait mieux d'aller poser la question dans la section adéquate du forum une fois la désinfection achevée.

Désinstalles Navilog1 via Ajout/Supression de Programme, dans le panneau de configuration.

:arrow: Télécharge ATF Cleaner by Atribune sur ton bureau.
C'est un petit programme qui va nettoyer les fichiers temporaires de Windows.

  • Si tu es sous XP, double-clique sur ATF-Cleaner.exe pour lancer le programme.
    Si tu es sous Vista, clique droit sur le programme et choisis Exécuter en tant qu'administrateur.
  • Coche la case Select All (toutes les cases vont se cocher)
  • Clique ensuite sur le bouton Empty Selected
  • Une fois fait, sors du programme par Exit

Assure toi d'abord de mettre à jour complètement ton système, et d'avoir les dernières versions des Logiciels Java/Flash et Adobe Reader sur ton ordinateur:

Rends toi sur cette page afin de vérifier si ton installation de Java est à jour, le cas échéant, fais ceci:

:arrow: Installe la dernière version de la machine Java:

  • Commence par désinstaller toutes les anciennes versions de JAVA par Ajout/Suppression de programmes.
    Tu désinstalles tout ce qui a rapport avec Java Runtime Environment.
  • Avec Internet Explorer, va sur la page de téléchargement de Java.
  • Installe la nouvelle version.
    Si besoin, tu as un guide d'installation sur cette page (Partie Instructions d'installation)

Pour Flash:

:arrow: Pour flashplayer, on va d'abord désinstaller ta version complètement puis réinstaller la dernière.

  • Va sur le site d'Adobe et télécharge le fichier Flash Player Uninstaller qui se trouve dans le tableau Windows:

    Image
  • Ferme toutes les fenêtres d'Internet Explorer puis double clique sur le fichier que tu viens de télécharger.
    A la fin de l'exécution Flash Player ne se trouvera plus sur ton PC.
  • Rends toi sur la page de téléchargement de FlashPlayer.
    Sans le plugin elle doit ressembler à ça:
    Image

  • Clique sur le bouton Télécharger puis dans la fenêtre suivante sur le bouton Accepter et installer maintenant.

  • Une fenêtre va s'ouvrir te demandant de cliquer sur la barre jaune qui est apparue en haut de la fenêtre de ton navigateur.
    Ferme la petite fenêtre, clique sur la barre jaune et choisis Installer Contrôle ActiveX

  • Une autre petite fenêtre va apparaitre: clique sur Continuer

  • Puis encore une autre: clique sur Installer

    Attends qu'il ait fini son installation puis ferme Internet Explorer.

  • Relance Internet Explorer et rends toi de nouveau sur le site de téléchargement d'Adobe.

    Maintenant, avec le plugin installé, la page doit te montrer une animation qui ressemble à ça:

    Image


Dis nous si tu vois bien l'animation en question, et postes nous un nouveau log HIjackthis une fois tout ceci fait. :wink:
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 162
Inscription: 17 Sep 2008, 14:39

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar romualdina » 11 Oct 2009, 13:54

Salut, et bien j'ai tout fait comme indiqué ! Alors voilà le rapport de HiJack :
A plus.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:53:13, on 11/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\conime.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navcli ... ource=iglk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redire ... &site=home (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fnacphoto.com/ECTelechargeme ... oader5.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9552 bytes
romualdina
Nouveau
Nouveau
 
Messages: 17
Inscription: 05 Oct 2009, 20:42

Re: Hijack this. Comment faire pour me débarrasser de mes virus

Messagepar Engil Hramn » 12 Oct 2009, 11:22

Salut,
On a fini. :wink:
Relance HIjackthis, ferme toutes les fenêtres d'internet explorer et désactive ton antivirus le temps de la manipulation.
Coches les lignes suivantes:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript


Puis clique sur Fix Checked

Tu peut reposter un rapport après ça si tu le désire.

Pense à maintenir à jour ton ordinateur constamment, en installant les dernières révisions des logiciels critique comme Adobe Flash/Acrobat, Java, et y compris ton système lui même via Windows update.

Pour ton problème de démarrage, dirige toi vers cette section du forum afin d'y soumettre ton problème, TopXM viendra sans doute t'y répondre :wink:
aide-a-la-resolution-de-problemes-sur-windows-xp-f42.html

Édites ensuite ton premiers post, et ajoute la mention [Résolu] au titre du sujet.

Et bon surf. :ciao:
Avatar de l’utilisateur
Engil Hramn
Cadet Sécurité
Cadet Sécurité
 
Messages: 162
Inscription: 17 Sep 2008, 14:39

Re: [Résolu] Comment faire pour me débarrasser de mes virus

Messagepar romualdina » 12 Oct 2009, 19:00

Merci Engil !
Trop bonne nouvelle !
Voici donc le tout dernier rapport


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:57:01, on 12/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\conime.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navcli ... ource=iglk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redire ... &site=home (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fnacphoto.com/ECTelechargeme ... oader5.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-29-0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8862 bytes
romualdina
Nouveau
Nouveau
 
Messages: 17
Inscription: 05 Oct 2009, 20:42


Retourner vers Aide pour supprimer les virus

 


  • Articles en relation
    Réponses
    Vus
    Dernier message

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 1 invité