Sujet Précédent Sujet Suivant

Moteur de recherche lo.st - rapport hijack

Fermé
cricri14 - 26 déc. 2008 à 19:40
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 - 27 déc. 2008 à 13:56
Bonjour,

J'ai un souci avec un moteur de recherche lo.st qui apparait tjrs au lancement de Mozilla. Tout ce que j'ai pu lire sur les différentes forum n'y font rien. J'ai donc fait un hijack et je fais appel a des connaisseurs pour l'analyse de ce rapport.

Comment supprimer cette page "lo.st" et retrouver ma page d'accueil Mozilla.

Merci pour vos conseils

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:33:53, on 26/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\joomla\outils\xampplite\apache\bin\apache.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\joomla\outils\xampplite\mysql\bin\mysqld-nt.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\joomla\outils\xampplite\apache\bin\apache.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\logitech\quickcam\lu\lulnchr.exe
c:\program files\logitech\quickcam\lu\LogitechUpdate.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4596013b-6c31-408b-a266-deae5c086dc2} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {4596013b-6c31-408b-a266-deae5c086dc2} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.cg14.fr/geoservices/mg65ctrl_windows_activex_ie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: uethfq.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\joomla\outils\xampplite\apache\bin\apache.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mysql - Unknown owner - C:\joomla\outils\xampplite\mysql\bin\mysqld-nt.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
A voir également:

2 réponses

Réponse 1 / 2
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 790
27 déc. 2008 à 09:36
Bonjour,


Cette page se met en place suite à l'installation des logiciels parasites EoRezo (EoMeteo, EoSudoku...)


Télécharge Ad-Remover (de C_XX) sur ton Bureau.

/!\ Déconnecte toi et ferme toutes les applications en cours /!\

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton Bureau
● Au menu principal choisis l'option "A"
● Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report(date).log )


0
cricri14
27 déc. 2008 à 10:49
Bonjour,

Merci pour ton aide. Voici le rapport généré, qu'en penses tu ?

--------- Logfile of AD-Remover 1.0.8.0 by C_XX ---------

# START at: 10:41:38 | Sam 27/12/2008 | Microsoft® Windows XP™ SP3 (v5.1.2600)
# BOOT MODE: Normal

# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: IBM-3745DC52BB0 | USER: herve ( Current user is an administrator)

# DRIVE(S):
- C:\ (File System: NTFS)
- E:\ (File System: FAT32)

# Internet Explorer v7.0.5730.11

--------- [ RUNNING PROCESSES: 48 ] ---------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\joomla\outils\xampplite\apache\bin\apache.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\joomla\outils\xampplite\mysql\bin\mysqld-nt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\joomla\outils\xampplite\apache\bin\apache.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\ntvdm.exe

-----------------------------------


+-----------------------| Boonty/Boonty Games Elements found :

.

+-----------------------| Eorezo Elements found :

.
[26/12/2008 11:33|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo
[28/03/2008 09:59|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\cmhost.cyp
[26/12/2008 11:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\CONFME~1.CYP
[26/12/2008 11:33|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\db
[26/12/2008 11:33|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EODESK~1
[26/12/2008 10:27|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\eoStats
[28/03/2008 18:37|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1
[28/03/2008 09:59|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\host.cyp
[26/12/2008 11:37|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\SOFTWA~1
[26/12/2008 11:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\user.cyp
[26/12/2008 11:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\db\cat.cyp
[26/12/2008 11:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EODESK~1\config.xml
[26/12/2008 11:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EODESK~1\EODESK~1.HTM
[26/12/2008 11:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EODESK~1\USERCO~1.XML
[26/12/2008 11:32|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\eoStats\eoStats.txt
[28/03/2008 09:59|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2
[28/03/2008 09:59|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1
[30/06/2005 13:40|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\67_day.png
[30/06/2005 13:40|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\67_night.png
[21/08/2006 12:07|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\69_day.png
[21/08/2006 12:07|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\69_night.png
[13/07/2005 15:04|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\70_day.png
[13/07/2005 15:04|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\70_night.png
[30/06/2005 13:40|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\78_day.png
[30/06/2005 13:40|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\78_night.png
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\82_day.png
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\82_night.png
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\83_day.png
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\83_night.png
[30/06/2005 13:40|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\84_day.png
[30/06/2005 13:40|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\84_night.png
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\85_day.png
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\85_night.png
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\89_day.png
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\89_night.png
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\back.png
[30/10/2006 11:31|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\BA24E2~1.PNG
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\BACKGR~4.PNG
[24/10/2006 09:58|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\BACKGR~3.PNG
[27/09/2006 13:55|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\BACKGR~1.PNG
[27/09/2006 13:57|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\BACKGR~2.PNG
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\BACKPR~1.PNG
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\band.png
[30/06/2005 09:14|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\BAND_S~1.PNG
[10/07/2006 11:38|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\close.png
[10/07/2006 11:37|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\CLOSEP~1.PNG
[23/10/2006 10:32|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\DAYPRE~2.PNG
[23/10/2006 10:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\DAYPRE~1.PNG
[25/10/2006 10:59|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\earth.png
[04/10/2006 10:21|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\FONDS_~1.PNG
[10/07/2006 11:50|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\help.png
[10/07/2006 11:49|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\HELPPR~1.PNG
[10/07/2006 11:24|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\minimise.png
[10/07/2006 11:23|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\MINIMI~1.PNG
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\next.png
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\NEXTPR~1.PNG
[31/10/2006 11:45|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\option.png
[31/10/2006 11:45|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\OPTION~1.PNG
[02/10/2006 17:36|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\REFLET~1.PNG
[18/05/2006 13:20|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\SMALL_~1.PNG
[06/11/2006 10:05|--ahs----] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~2\Thumbs.db
[30/10/2006 12:05|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\67_day.png
[30/10/2006 12:05|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\67_night.png
[02/10/2006 16:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\69_day.png
[02/10/2006 14:12|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\69_night.png
[06/11/2006 15:18|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\70_day.png
[06/11/2006 15:19|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\70_night.png
[02/10/2006 16:00|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\78_day.png
[02/10/2006 16:00|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\78_night.png
[02/10/2006 15:59|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\82_day.png
[02/10/2006 15:59|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\82_night.png
[02/10/2006 15:58|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\83_day.png
[02/10/2006 15:57|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\83_night.png
[02/10/2006 15:54|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\84_day.png
[02/10/2006 15:56|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\84_night.png
[02/10/2006 13:59|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\85_day.png
[02/10/2006 14:12|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\85_night.png
[02/10/2006 15:56|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\89_day.png
[02/10/2006 15:56|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\89_night.png
[10/01/2007 10:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\about.png
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\back.png
[06/11/2006 12:37|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\BACKGR~4.PNG
[06/11/2006 12:38|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\BADB1B~1.PNG
[24/10/2006 09:58|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\BACKGR~3.PNG
[27/09/2006 13:55|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\BACKGR~1.PNG
[27/09/2006 13:57|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\BACKGR~2.PNG
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\BACKPR~1.PNG
[10/07/2006 11:38|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\close.png
[10/07/2006 11:37|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\CLOSEP~1.PNG
[23/10/2006 10:32|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\DAYPRE~2.PNG
[23/10/2006 10:33|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\DAYPRE~1.PNG
[25/10/2006 10:59|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\earth.png
[04/10/2006 10:21|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\FONDS_~1.PNG
[10/07/2006 11:50|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\help.png
[10/07/2006 11:49|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\HELPPR~1.PNG
[10/07/2006 11:24|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\minimise.png
[10/07/2006 11:23|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\MINIMI~1.PNG
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\next.png
[30/10/2006 10:01|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\NEXTPR~1.PNG
[06/11/2006 12:46|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\option.png
[31/10/2006 11:45|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\OPTION~1.PNG
[02/10/2006 17:36|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\REFLET~1.PNG
[10/01/2007 10:33|--ahs----] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\Thumbs.db
[12/07/2005 13:55|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\EOWEAT~1\IMAGES~1\TXT_14~1.PNG
[25/12/2008 19:23|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\SOFTWA~1\unins000.dat
[26/12/2008 11:30|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\SOFTWA~1\USER_C~1.CYP
[25/12/2008 19:15|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\EoRezo\SOFTWA~1\USER_P~1.CYP

+-----------------------| Everest Poker Elements found :

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :

.

+-----------------------| It's TV Elements found :

.
[28/03/2008 09:59|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\ItsLabel
[28/03/2008 18:27|d--------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\ItsLabel\ItsTV
[28/03/2008 10:00|--a------] C:\DOCUME~1\HERVE~1.IBM\APPLIC~1\ItsLabel\ItsTV\itsTV.xml

+-----------------------| Sweetim Elements found :

.

+-----------------------| ADDED SCAN :

+--[HKEY_CURRENT_USER\..\Run]

ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

+--[HKEY_LOCAL_MACHINE\..\Run]

HotKeysCmds REG_SZ C:\WINDOWS\system32\hkcmd.exe
BluetoothAuthenticationAgent REG_SZ rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
LVCOMS REG_SZ C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
LogitechImageStudioTray REG_SZ C:\Program Files\Logitech\ImageStudio\LogiTray.exe
FaxCenterServer REG_SZ "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
Autoconfigurateur WiFi Neuf REG_SZ "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
IgfxTray REG_SZ C:\WINDOWS\system32\igfxtray.exe
LogitechCommunicationsManager REG_SZ "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
LogitechQuickCamRibbon REG_SZ "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
!AVG Anti-Spyware REG_SZ "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime

+--[HKEY_USERS\.DEFAULT\..\Run]

CTFMON.EXE REG_SZ C:\WINDOWS\System32\CTFMON.EXE

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.google.fr/
Start Page : hxxp://www.google.com/

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp:blank

+---------------------------------------------------------------------------+

- "C:\AD-report-Scan-27.12.2008.log" (~15494 bytes)

# END at: 10:42:21 | 27/12/2008 - Time elapsed: 43.4 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 207 lines ]
+---------------------------------------------------------------------------+
0
Réponse 2 / 2
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 790
27 déc. 2008 à 13:56
! Déconnecte toi et ferme toutes les applications en cours !

Relance "Ad-remover" et choisis l'option "B" au menu principal

Coche à l'écran de sélection :
Suppression Eorezo
Suppression It's TV

Puis choisis "S" , le programme va travailler,

Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report(date).log )

0

Discussions similaires

recherche à partir de la barre d'adresse
Sylviane -
Lulin -

11 réponses
Yahoo Search (moteur de recherche) revient
jbpfrance -
alice -

38 réponses
[référencement] Ne pas être référencé
kij_82 -
Searaphina -

10 réponses
1fichier
titi342 -
bazfile -

1 réponse
écrire un rapport de travail
asi -
REGINALD -

3 réponses