Bonjoursi tu as un rapport hijackthis postes le, merci
et puis tu pourras passer smitfraudfix et poster le rapport aussi

Ouvre ce lien (merci a S!RI pour ce programme). http://siri.urz.free.fr/Fix/SmitfraudFix.php

le mieux serait que tu désactives tes protections résidente "anti-virus et anti-spyware"
le temps d'installer smitfraudfix et de faire l'analyse.

et télécharge SmitfraudFix.exe.

Regarde le tuto

Exécute le en choisissant l’option 1
il va générer un rapport

Copie/colle le sur le poste stp.

Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus, ect...) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


une petites démo en vidéo :http://pagesperso-orange.fr/rginformatique/section%20virus/smitfraudfix.htm Attention !! la surmultiplication de logiciels de sécurité ne 
protège pas mieux voire peut engendrer des conflits et
des plantages. " mais chacun reste maître de son PC "

Voici le rapport HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:03, on 07/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\iashost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Wireless\Client Manager\CMAGS.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\BitDefender\BitDefender 2008\seccenter.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\Program Files\Windows Defender\MSASCui.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
C:\Windows\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Sandrine\AppData\Local\Temp\ssqPjigf.dll,c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} (Jolly Bear Games Player) - http://games.bigfishgames.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://files-mjf.jeuxvideo-flash.com/popcap/popcaploader_v10_fr.cab
O16 - DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} (ConnectivityTester Class) - http://motive.club-internet.fr/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
End of file - 17517 bytes

Bonjour, ok pas de traces de rogues sur ton pc tu vas passer LOP S&D et poster le rapport, Merci
Désactive l'UAC, le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
http://eric.71.mespages.googlepages.com/LopSD.exe

.Double-cliques sur Lop S&D.exe pour lancer l'installation,
.Puis double-cliques sur le raccourci Lop S&D présent sur le Bureau.
.Séléctionnes la langue souhaitée , puis choisis l'Option 1 (Recherche)
Le scan prend moins d'une minute.
.A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
.Enregistres le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt

TUTO: http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#


Attention !! la surmultiplication de logiciels de sécurité ne 
protège pas mieux voire peut engendrer des conflits et
des plantages. " mais chacun reste maître de son PC "

ça arrive c'est un faut possitif sois tu passe outre si tu peux sinon tu déactive la protection en temps réel de windows défender et tu recommences , mais si il est déjà sur le bureau tu le vires et tu le retélécharges Attention !! la surmultiplication de logiciels de sécurité n­e 
protège pas mieux voire peut engendrer des conflits et
des plantages. " mais chacun reste maître de son PC "

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz )
BIOS : Ver 1.00PARTTBL
USER : Sandrine ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:268 Go (Free:88 Go)
D:\ (USB)
E:\ (USB)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 07/01/2009|22:06 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[09/04/2008|01:41] C:\Users\Sandrine\AppData\Local\Adobe
[31/05/2008|17:25] C:\Users\Sandrine\AppData\Local\Apple
[06/07/2008|19:49] C:\Users\Sandrine\AppData\Local\Apple Computer
[09/02/2008|14:45] C:\Users\Sandrine\AppData\Local\Application Data
[17/08/2008|01:21] C:\Users\Sandrine\AppData\Local\Cooliris
[24/11/2008|22:41] C:\Users\Sandrine\AppData\Local\cooliris-win-iemin-release-1.8.5.14750.msi
[19/12/2008|19:15] C:\Users\Sandrine\AppData\Local\cooliris-win-ie-release-1.9.0.16396.msi
[02/01/2009|17:06] C:\Users\Sandrine\AppData\Local\cooliris-win-ie-release-1.9.1.17582.msi
[05/05/2008|16:13] C:\Users\Sandrine\AppData\Local\d3d8caps.dat
[08/05/2008|17:41] C:\Users\Sandrine\AppData\Local\d3d9caps.dat
[29/12/2008|22:32] C:\Users\Sandrine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[17/02/2008|11:40] C:\Users\Sandrine\AppData\Local\Downloaded Installations
[24/11/2008|22:04] C:\Users\Sandrine\AppData\Local\GDIPFONTCACHEV1.DAT
[04/05/2008|10:47] C:\Users\Sandrine\AppData\Local\Google
[09/02/2008|14:45] C:\Users\Sandrine\AppData\Local\Historique
[02/01/2009|02:12] C:\Users\Sandrine\AppData\Local\IconCache.db
[28/12/2008|00:28] C:\Users\Sandrine\AppData\Local\JollyBear
[20/08/2008|01:43] C:\Users\Sandrine\AppData\Local\Microsoft
[08/03/2008|21:01] C:\Users\Sandrine\AppData\Local\Microsoft Games
[21/11/2007|14:44] C:\Users\Sandrine\AppData\Local\Microsoft Help
[17/05/2008|06:20] C:\Users\Sandrine\AppData\Local\MigWiz
[16/03/2008|22:32] C:\Users\Sandrine\AppData\Local\Mozilla
[08/06/2008|20:30] C:\Users\Sandrine\AppData\Local\piclens-win-iefull-release-1.6.4.3021.msi
[13/07/2008|22:13] C:\Users\Sandrine\AppData\Local\piclens-win-iefull-release-1.7.0.3458.msi
[17/08/2008|01:20] C:\Users\Sandrine\AppData\Local\piclens-win-iemin-release-1.7.1.3938.msi
[21/11/2007|14:48] C:\Users\Sandrine\AppData\Local\Seven Zip
[22/06/2008|19:36] C:\Users\Sandrine\AppData\Local\Shareaza
[09/02/2008|14:48] C:\Users\Sandrine\AppData\Local\Sony_NSCE
[07/01/2009|21:45] C:\Users\Sandrine\AppData\Local\Temp
[19/02/2008|23:22] C:\Users\Sandrine\AppData\Local\Temphead.html
[09/02/2008|14:45] C:\Users\Sandrine\AppData\Local\Temporary Internet Files
[09/02/2008|19:42] C:\Users\Sandrine\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[31/12/2008 19:34][--a------] C:\Windows\tasks\oxkaqrzb.job
[07/01/2009 20:35][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{401198F0-A85B-49D8-AFF3-152C967CEC9D}.job
[02/01/2009 15:01][--a------] C:\Windows\tasks\Norton Security Scan.job
[07/01/2009 18:48][--ah-----] C:\Windows\tasks\SA.DAT
[02/01/2009 20:30][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[21/11/2007|14:48] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[08/10/2008|17:40] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[21/11/2008|20:25] C:\ProgramData\Adobe
[31/05/2008|17:24] C:\ProgramData\Apple
[31/05/2008|17:27] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[31/12/2008|19:50] C:\ProgramData\Babylon
[16/02/2008|17:03] C:\ProgramData\BitDefender
[21/11/2007|09:42] C:\ProgramData\Bureau
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[21/11/2007|09:42] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[09/04/2008|01:34] C:\ProgramData\FLEXnet
[21/11/2007|14:55] C:\ProgramData\Google
[07/01/2009|18:59] C:\ProgramData\Google Updater
[28/12/2008|00:28] C:\ProgramData\JollyBear
[18/07/2008|23:09] C:\ProgramData\Lavasoft
[21/11/2007|09:42] C:\ProgramData\Menu D‚marrer
[20/12/2008|16:02] C:\ProgramData\Microsoft
[12/12/2008|21:03] C:\ProgramData\Microsoft Help
[21/11/2007|09:42] C:\ProgramData\ModŠles
[07/03/2008|22:51] C:\ProgramData\Mozilla
[18/06/2008|20:01] C:\ProgramData\NVIDIA
[21/11/2007|14:56] C:\ProgramData\Skype
[28/12/2007|13:46] C:\ProgramData\Sonic
[21/11/2007|14:55] C:\ProgramData\Sony
[07/06/2008|18:46] C:\ProgramData\Sony Corporation
[02/11/2006|14:02] C:\ProgramData\Start Menu
[09/02/2008|17:19] C:\ProgramData\Symantec
[07/01/2009|19:15] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[22/02/2008|21:38] C:\ProgramData\Trymedia
[28/12/2007|13:31] C:\ProgramData\VAIO Media Platform
[04/05/2008|13:39] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[21/11/2007|14:48] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[21/11/2008|20:25] C:\Program Files\Adobe
[05/09/2008|20:22] C:\Program Files\Apple Software Update
[28/12/2007|13:44] C:\Program Files\ArcSoft
[21/11/2007|14:50] C:\Program Files\BFG
[09/04/2008|00:21] C:\Program Files\bfgclient
[09/02/2008|17:28] C:\Program Files\BitDefender
[08/10/2008|17:30] C:\Program Files\Bonjour
[01/01/2009|17:16] C:\Program Files\CCleaner
[17/02/2008|11:26] C:\Program Files\club-internet
[20/12/2008|15:37] C:\Program Files\Common Files
[09/02/2008|14:35] C:\Program Files\CONEXANT
[01/05/2008|14:17] C:\Program Files\directx
[21/11/2007|14:51] C:\Program Files\DivX
[04/05/2008|13:57] C:\Program Files\El Juky
[30/03/2008|19:33] C:\Program Files\EoRezo
[19/02/2008|23:33] C:\Program Files\EuroThink
[21/11/2007|09:42] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[10/04/2008|20:21] C:\Program Files\Free-Soft
[18/07/2008|19:28] C:\Program Files\Google
[21/11/2007|14:53] C:\Program Files\Google BAE
[21/11/2007|13:39] C:\Program Files\IDT
[07/06/2008|18:47] C:\Program Files\InstallShield Installation Information
[21/11/2007|14:55] C:\Program Files\Intel
[31/05/2008|17:27] C:\Program Files\Internet Explorer
[28/12/2007|13:54] C:\Program Files\InterVideo
[08/10/2008|17:40] C:\Program Files\iPod
[08/10/2008|17:40] C:\Program Files\iTunes
[24/11/2008|15:10] C:\Program Files\Java
[24/11/2008|15:11] C:\Program Files\JRE
[01/05/2008|16:39] C:\Program Files\Larousse
[18/07/2008|23:08] C:\Program Files\Lavasoft
[28/12/2007|13:28] C:\Program Files\Lecteur CANALPLAY
[20/12/2008|16:03] C:\Program Files\Microsoft
[09/02/2008|20:34] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[21/11/2007|14:53] C:\Program Files\Microsoft Office
[22/10/2008|17:22] C:\Program Files\Microsoft Silverlight
[25/02/2008|21:27] C:\Program Files\Microsoft SQL Server Compact Edition
[20/12/2008|16:03] C:\Program Files\Microsoft Sync Framework
[12/09/2008|18:07] C:\Program Files\Microsoft Works
[21/11/2007|14:46] C:\Program Files\Microsoft.NET
[04/05/2008|12:31] C:\Program Files\Movie Maker
[04/05/2008|10:26] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[21/11/2007|10:28] C:\Program Files\MSXML 4.0
[02/01/2009|15:00] C:\Program Files\Norton Security Scan
[24/11/2008|15:11] C:\Program Files\OpenOffice.org 3
[06/04/2008|22:29] C:\Program Files\Picasa2
[17/08/2008|01:21] C:\Program Files\PicLensIE
[08/10/2008|17:39] C:\Program Files\QuickTime
[07/03/2008|23:10] C:\Program Files\Real
[21/11/2007|13:29] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[28/12/2007|13:46] C:\Program Files\Roxio
[18/10/2008|13:11] C:\Program Files\Shareaza
[21/11/2007|13:39] C:\Program Files\Sigmatel
[21/11/2007|14:56] C:\Program Files\Skype
[07/06/2008|18:47] C:\Program Files\Sony
[28/12/2007|13:49] C:\Program Files\Sony Corporation
[10/02/2008|15:36] C:\Program Files\SpeedTouch
[02/01/2009|18:53] C:\Program Files\Spyware Doctor
[07/03/2008|23:45] C:\Program Files\Sun
[21/11/2007|13:54] C:\Program Files\Synaptics
[02/01/2009|02:01] C:\Program Files\Trend Micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[21/11/2007|13:44] C:\Program Files\WIDCOMM
[04/05/2008|12:31] C:\Program Files\Windows Calendar
[04/05/2008|12:31] C:\Program Files\Windows Collaboration
[04/05/2008|12:31] C:\Program Files\Windows Defender
[04/05/2008|12:31] C:\Program Files\Windows Journal
[20/12/2008|16:03] C:\Program Files\Windows Live
[20/12/2008|15:57] C:\Program Files\Windows Live SkyDrive
[12/12/2008|22:41] C:\Program Files\Windows Mail
[04/05/2008|12:31] C:\Program Files\Windows Media Player
[21/11/2007|09:42] C:\Program Files\Windows NT
[04/05/2008|12:31] C:\Program Files\Windows Photo Gallery
[04/05/2008|12:31] C:\Program Files\Windows Sidebar
[09/02/2008|17:59] C:\Program Files\Wireless

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[21/11/2008|20:25] C:\Program Files\Common Files\Adobe
[08/10/2008|17:38] C:\Program Files\Common Files\Apple
[09/02/2008|17:28] C:\Program Files\Common Files\BitDefender
[21/11/2007|14:46] C:\Program Files\Common Files\DESIGNER
[28/12/2007|13:31] C:\Program Files\Common Files\InstallShield
[28/12/2007|13:54] C:\Program Files\Common Files\InterVideo
[21/11/2007|14:57] C:\Program Files\Common Files\Java
[09/04/2008|01:24] C:\Program Files\Common Files\Macrovision Shared
[20/12/2008|15:57] C:\Program Files\Common Files\microsoft shared
[17/02/2008|21:48] C:\Program Files\Common Files\Motive
[28/12/2007|13:46] C:\Program Files\Common Files\PX Storage Engine
[07/03/2008|23:10] C:\Program Files\Common Files\Real
[28/12/2007|13:46] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[07/03/2008|23:16] C:\Program Files\Common Files\Skype
[28/12/2007|13:46] C:\Program Files\Common Files\Sonic Shared
[07/06/2008|18:48] C:\Program Files\Common Files\Sony Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[26/04/2008|20:46] C:\Program Files\Common Files\Symantec Shared
[04/05/2008|12:31] C:\Program Files\Common Files\System
[20/12/2008|15:37] C:\Program Files\Common Files\Windows Live
[04/03/2008|01:14] C:\Program Files\Common Files\WindowsLiveInstaller
[18/07/2008|23:02] C:\Program Files\Common Files\Wise Installation Wizard
[07/03/2008|23:10] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 94 Processes )

iexplore.exe ~ [PID:4904]
iexplore.exe ~ [PID:6880]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-07 22:06:40
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Sandrine\Jeux\Bigfish Games - Super Granny 3 + Crack.zip
C:\Users\Sandrine\Jeux\Bigfish Games - Travelogue 360 Paris + Crack.zip
C:\Users\Sandrine\Jeux\Bigfish Games - Virtual Villagers - The Lost Children + Crack updated-fixed Release 02-2007.zip
C:\Users\Sandrine\Jeux\Bigfish Games - Virtual Villagers - The Lost Children + Crack.zip
C:\Users\Sandrine\Jeux\Virtual Villagers Crack updated-fixed 07-2006_Francais.zip
C:\Users\Sandrine\Jeux\Big City Adventure - San Francisco\Big City Adventure - San Francisco - Fran‡ais - Deja Cracke - by FlPh.exe
C:\Users\Sandrine\Jeux\Bigfish Games - Virtual Villagers 2\CRACK
C:\Users\Sandrine\Jeux\Bigfish Games - Virtual Villagers 2\CRACK\How To Use The Crack.txt
C:\Users\Sandrine\Music\Musique a trier\A\Abba\2-12 The Visitors (Crackin' Up).mp3
C:\Users\Sandrine\Music\Musique a trier\A\Abba\Abba - The Definitive Collection (Cd2) - 12. The Visitors (Crackin' Up).mp3
C:\Users\Sandrine\Music\Musique a trier\D\David Bowie\1989 - Tin Machine\David Bowie - 1989 - Tin Machine - 04 - Crack City.mp3
C:\Users\Sandrine\Music\Musique OK\Spin Doctors\Pocket Full Of Kryptonite\13 Stepped On A Crack (Live).mp3


[F:10][D:5]-> C:\Users\Sandrine\AppData\Local\Temp
[F:46][D:1]-> C:\Users\Sandrine\AppData\Roaming\MICROS~1\Windows\Cookies
[F:81][D:4]-> C:\Users\Sandrine\AppData\Local\MICROS~2\Windows\TEMPOR~1\content.IE5
[F:10][D:5]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 07/01/2009|22:09 - Option : [1]

--------------------\\ Fin du rapport a 22:09:51
[ UAC => 1 ]

--------------------\\ Cracks & Keygens .. 

C:\Users\Sandrine\Jeux\Bigfish Games - Super Granny 3 + Crack.zip 
C:\Users\Sandrine\Jeux\Bigfish Games - Travelogue 360 Paris + Crack.zip 
C:\Users\Sandrine\Jeux\Bigfish Games - Virtual Villagers - The Lost Children + Crack updated-fixed Release 02-2007.zip 
C:\Users\Sandrine\Jeux\Bigfish Games - Virtual Villagers - The Lost Children + Crack.zip 
C:\Users\Sandrine\Jeux\Virtual Villagers Crack updated-fixed 07-2006_Francais.zip 
C:\Users\Sandrine\Jeux\Big City Adventure - San Francisco\Big City Adventure - San Francisco - Fran‡ais - Deja Cracke - by FlPh.exe 
C:\Users\Sandrine\Jeux\Bigfish Games - Virtual Villagers 2\CRACK 
C:\Users\Sandrine\Jeux\Bigfish Games - Virtual Villagers 2\CRACK\How To Use The Crack.txt 
C:\Users\Sandrine\Music\Musique a trier\A\Abba\2-12 The Visitors (Crackin' Up).mp3 
C:\Users\Sandrine\Music\Musique a trier\A\Abba\Abba - The Definitive Collection (Cd2) - 12. The Visitors (Crackin' Up).mp3 
C:\Users\Sandrine\Music\Musique a trier\D\David Bowie\1989 - Tin Machine\David Bowie - 1989 - Tin Machine - 04 - Crack City.mp3 
C:\Users\Sandrine\Music\Musique OK\Spin Doctors\Pocket Full Of Kryptonite\13 Stepped On A Crack (Live).mp3 

Je n'y arrive pas pour la partie 2 : au moment d'executer sr l'icône Ad-remover çame dit : "Cmdow.exe" est manquant.
Que faire ?

Bizare bon essais de le désinstaller et retélécharge le et essais de nouveau tu cliques bien du clique droit et exécuter en tant que administrateur et si pas moyen tu le vires et on feras autrement car possible que ce que je veux virer le bloque dans ce ça on le supprimera manuellement avant de passer ad-remover Attention !! la surmultiplication de logiciels de sécurité n­e 
protège pas mieux voire peut engendrer des conflits et
des plantages. " mais chacun reste maître de son PC "

Je viens de réesayer (en retelechargeant) ... ça me dit toujours "Cmdow.exe"

Ok tu le supprime tu iras le rechercher après la on vas essayer de le virer avec otmoveit3

Télécharge OTMoveIt3 de OldTimer sur ton Bureau en cliquant sur ce lien :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe pour le lancer.

Vérifie que la case devant "Unregister Dll's and Ocx's est bien cochée.

Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans le cadre de gauche de OTMoveIt : "Paste instructions for item to be moved".

:files
C:\Program Files\EoRezo

:Commands
[emptytemp]
[reboot]



Clique sur "MoveIt!" pour lancer la suppression.

Le résultat apparaitra dans le cadre "Results".

Clique sur "Exit" pour fermer.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles sous le nom xxxxxx_xxxxxxxxxx.log .

Il te sera peut-être demander de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.
Attention !! la surmultiplication de logiciels de sécurité ne 
protège pas mieux voire peut engendrer des conflits et
des plantages. " mais chacun reste maître de son PC "

Peux tu essayer de passer ad-remover , merci je vais dormir je reprendrais demain soir Attention !! la surmultiplication de logiciels de sécurité n­e 
protège pas mieux voire peut engendrer des conflits et
des plantages. " mais chacun reste maître de son PC "

OK bonne nuit, je me reconnecte demain vers 18h30 - 19h, merci pour ton aide

Voici le rapport concernant Ad-remover :


------- Logfile of AD-Remover 1.0.8.6 by C_XX | ONLY XP/VISTA -------

# START at: 0:19:11 | Thu 08/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (v6.0.6001)
# BOOT MODE: Normal
(!) - UAC is disable
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: PC-DE-SANDRINE | USER: Sandrine ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
# Internet Explorer v7.0.6001.18000

# RUNNING PROCESSES: 79

+-----------------------| Boonty/Boonty Games Elements found :

.
.

+-----------------------| Eorezo Elements found :

.
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64­F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brow­ser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Program Files\EoRezo
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoWeather
C:\Program Files\EoRezo\EoAdv\eoAdv.url
C:\Program Files\EoRezo\EoAdv\EoRezoBho.old
C:\Program Files\EoRezo\EoAdv\tmp
C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.756
C:\Users\Sandrine\AppData\Roaming\EoRezo
C:\Users\Sandrine\AppData\Roaming\EoRezo\cache
C:\Users\Sandrine\AppData\Roaming\EoRezo\cmhost.cyp
C:\Users\Sandrine\AppData\Roaming\EoRezo\ConfMedia.cyp
C:\Users\Sandrine\AppData\Roaming\EoRezo\ConfMedia.cyp.old
C:\Users\Sandrine\AppData\Roaming\EoRezo\db
C:\Users\Sandrine\AppData\Roaming\EoRezo\eoDesktop
C:\Users\Sandrine\AppData\Roaming\EoRezo\eoStats
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather.cfg
C:\Users\Sandrine\AppData\Roaming\EoRezo\host.cyp
C:\Users\Sandrine\AppData\Roaming\EoRezo\tmp.exe
C:\Users\Sandrine\AppData\Roaming\EoRezo\user.cyp
C:\Users\Sandrine\AppData\Roaming\EoRezo\db\cat.cyp
C:\Users\Sandrine\AppData\Roaming\EoRezo\eoDesktop\eoDesktop­.html
C:\Users\Sandrine\AppData\Roaming\EoRezo\eoDesktop\userConfi­g.xml
C:\Users\Sandrine\AppData\Roaming\EoRezo\eoStats\eoStats.txt­
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\EoWeather­Val_02EC282.cfg
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\67_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\67_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\69_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\69_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\70_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\70_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\78_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\78_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\82_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\82_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\83_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\83_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\84_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\84_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\85_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\85_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\89_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\89_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\back.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\background.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\background_1.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\background_1days.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\background_2days.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\background_7days.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\backPressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\band.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\band_small.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\close.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\closePressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\dayPrevisionBackground.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\dayPrevisionClose.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\earth.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\fonds_‚cran.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\help.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\helpPressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\minimise.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\minimisePressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\next.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\nextPressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\option.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\optionPressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\reflet_ecran.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\small_background.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_cl­assic\Thumbs.db
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\67_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\67_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\69_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\69_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\70_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\70_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\78_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\78_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\82_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\82_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\83_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\83_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\84_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\84_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\85_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\85_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\89_day.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\89_night.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\about.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\back.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\background.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\background_1.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\background_1days.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\background_2days.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\background_7days.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\backPressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\close.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\closePressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\dayPrevisionBackground.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\dayPrevisionClose.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\earth.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\fonds_‚cran.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\help.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\helpPressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\minimise.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\minimisePressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\next.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\nextPressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\option.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\optionPressed.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\reflet_ecran.png
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\Thumbs.db
C:\Users\Sandrine\AppData\Roaming\EoRezo\EoWeather\images_st­ation_meteo\txt_14x13.png

+-----------------------| Everest Poker Elements found :

.
.

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :

.
.

+-----------------------| It's TV Elements found :

HKCU\SOFTWARE\ItsLabel
.
C:\Users\Sandrine\AppData\Roaming\ItsLabel
C:\Users\Sandrine\AppData\Roaming\ItsLabel\ItsTV
C:\Users\Sandrine\AppData\Roaming\ItsLabel\ItsTV\itsTV.xml

+-----------------------| Sweetim Elements found :

.
.

+-----------------------| ADDED SCAN :


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\m3vdd418.default\prefs.js :

~~~~ Mozilla FireFox version 2.0.0.7 ~~~~


.

+-----------------------------------------------------------­----------------+


+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.club-internet.fr
Start Page : hxxp://partnerpage.google.com/eu.sony.com/fr\0http

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://go.microsoft.com/fwlink/?LinkId=69157

+-----------------------------------------------------------­----------------+

[~10848 bytes] - "C:\AD-report-Scan-08.01.2009.log"

# END at: 0:20:06 | 08/01/2009 - Time elapsed: 54.6 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 164 lines ]
+---------------------------------------------------------------------------+

Bonjour, tu relances ad-remover pour faire la suppression tu posteras le rapport , tu le désinstalles, et puis feras malwarebytes en mode sans echec tu postes le rapport et un nouveau hijackthis , Merci



1) tu relances ad-R en faisant un clic droit et exécuter en tant qu'administrateur et tu choisis l'option B

et tu coches tout et tu le lances laissesle travailler en appuyant sur S</gars>

et postes le rapport générer

Il est sauvegardé ici : C:\Ad-report(date).log


2) désinstallation de ad-renover:

Via l'Explorateur Windows, ouvre le répertoire C:\Program Files\Ad-remover.
Double-clique sur le fichier Uninstal.exe.

Supprime les fichiers : C:\Ad-report(date).log
Supprime ensuite le répertoire C:\Program Files\AD-Remover qui sera vide.



3) tu passeras malwarebytes en <gras>mode sans echec car c'est comme cela qu'il est le plus efficasse , tu suis bien la procédure et fait bien attention de bien cliquer sur supprimer la sélection en fin de l'examem complet , et sois patient car il dure près de 2 heures des fois plus alors laisses le travailler et postes le rapport , Merci



Télécharge Malwarebytes' Anti-Malware: http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php

. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminée,fermes Malwarebytes
. redemarres en mode sans échec pour savoir comment au cas ou tu ne saurrais pas regarde plus bas
. une fois en mode sans echec tu double-cliques sur l'icône de malwarebytes
. une fois ouvert rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés)

. cliques sur Supprimer la sélection

. Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc
. une fois redémarré en mode normal double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
http://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe
pour éviter les erreurs ...)

pour redémarrer en mode sans échec : /!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\



. Cliques sur Démarrer
. Cliques sur Arrêter
. Sélectionnes Redémarrer et au redémarrage
. Appuis sur la touche F8 sans discontinuer "1 appuis seconde" dès qu'un écran de texte apparaît puis disparaît
. Utilises les touches de direction pour sélectionner mode sans échec
. puis appuis sur ENTRÉE des fois cela peut prendre plusieurs minute entre la validation et l'affichage
. Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre
une fois démarré ne t'inquiette pas si les couleurs et les icônes ne sont pas comme d'abitude

tuto:http://www.vista-xp.fr/forum/topic93.html




5) Postes un nouveau hijackthis , Merci
------------------------------
Attention !! la surmultiplication de logiciels de sécurité ne 
protège pas mieux voire peut engendrer des conflits et
des plantages. " mais chacun reste maître de son PC "

Bonsoir, je me lance dans les différentes étapes. A plus tard pour les rapport ou si je bloque.

Voici le rapport Ad-remover appres l'option B :


------- Logfile of AD-Remover 1.0.8.6 by C_XX | ONLY XP/VISTA -------

*** Limited to ***

Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
It's TV
Sweetim

******************

# START at: 19:39:15 | Thu 08/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (v6.0.6001)
# BOOT MODE: Normal
(!) - UAC is disable
# OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: PC-DE-SANDRINE | USER: Sandrine ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
# Internet Explorer v7.0.6001.18000

# RUNNING PROCESSES: 81

(!) ---- IE start pages reset

+-----------------------| Boonty/Boonty Games Elements Deleted :

.
.

+-----------------------| Eorezo Elements Deleted :

.
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64­F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brow­ser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Program Files\EoRezo
C:\Users\Sandrine\AppData\Roaming\EoRezo

+-----------------------| Everest Poker Elements Deleted :

.
.

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

.
.

+-----------------------| It's TV Elements Deleted :

HKCU\SOFTWARE\ItsLabel
.
C:\Users\Sandrine\AppData\Roaming\ItsLabel

+-----------------------| Sweetim Elements Deleted :

.
.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+-----------------------| ADDED SCAN :


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\m3vdd418.default\prefs.js :

~~~~ Mozilla FireFox version 2.0.0.7 ~~~~


.

+-----------------------------------------------------------­----------------+


+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page : hxxp://partnerpage.google.com/eu.sony.com/fr\0http

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

[~2316 bytes] - "C:\AD-report-Clean-08.01.2009.log"
[~11184 bytes] - "C:\AD-report-Scan-08.01.2009.log"

# END at: 19:41:56 | 08/01/2009 - Time elapsed: 2 minutes, 41 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 60 lines ]
+---------------------------------------------------------------------------+

Bien, voila enfin le rapport Malwarebytes :

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1632
Windows 6.0.6001 Service Pack 1

08/01/2009 22:03:33
mbam-log-2009-01-08 (22-03-33).txt

Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 182474
Temps écoulé: 1 hour(s), 53 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion­\Explorer\Browser Helper Objects\{e6cd86f7-d2ed-4272-8bf6-dfab8a14daa1} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e6cd86f7-d2ed-4272-8bf6-dfab8a14daa1} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\AppData\Local\Temp\ssqPjigf.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.

Et le dernier rapport hijackthis fait en dernier :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:13:58, on 08/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\iashost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Wireless\Client Manager\CMAGS.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
End of file - 16031 bytes

A l'ouverture d'Internet, je n'ai eu aucune fenêtre de pub, j'espère que ça va continuer.

J'ai bien supprimé Ad-remover comme indiqué.

A t'ont encore besoin de LopSD, SmitfraudFix et OTMoveIt3 ? Si non, peut-tu m'indiquer la façon la plus sur de les desinstaller.
Merci