Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Vendredi 9 janvier 2009 - 08:00:17
- inscrits : 1158994
- connectés : 15461
- questions/jour : 5500
- Taux de réponse : 76.67%
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
Statut : Non résolu
Rapport à analyser gros bugs depuis hier
senjaman, le dimanche 30 novembre 2008 à 12:39:42Bonjour,
est-ce qu'une âme généreuse pourrait regarder ça svp, merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:47, on 30/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\BOINC\boinc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://google.neo.cx/search.php?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://barredoutilsrfx.ourtoolbar.com/exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.neo.cx/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.neo.cx/volet.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\QQ\Africa2003\AddEmotion.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://oiseaudeparadis1984.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E960ACC-BF9B-4D7D-A969-E594CC40FC74}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED880319-2C83-49C3-8B13-5702F402CDD2}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
End of file - 10159 bytes
est-ce qu'une âme généreuse pourrait regarder ça svp, merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:47, on 30/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\BOINC\boinc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://google.neo.cx/search.php?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://barredoutilsrfx.ourtoolbar.com/exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.neo.cx/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.neo.cx/volet.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\QQ\Africa2003\AddEmotion.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://oiseaudeparadis1984.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E960ACC-BF9B-4D7D-A969-E594CC40FC74}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED880319-2C83-49C3-8B13-5702F402CDD2}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
End of file - 10159 bytes
Configuration: Windows Vista Firefox 3.0.4
slt tu as quel antvirus
car on voit avast, norton et bidefender il n'en faut qu'un! pour virer avast: http://www.avast.com/fre/avast-uninstall-utility.html pour virer bitdefender: http://www.bitdefender.fr/KB333-fr--Desinstaller-BitDefender.html pour virer norton http://service1.symantec.com/... ensuite tu as boonty game à virer: Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau : http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe /!\ Déconnectes toi et fermes toutes applications en cours ● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files ) ● Double clique sur l'icône Ad-removersituée sur ton bureau ● Au menu principal choisi l'option "A" ● Postes le rapport qui apparait à la fin . ( le rapport est sauvegardé aussi sous C:\Ad-report(date).log ) (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. |
F --------- Logfile of AD-Remover 1.0.5.5 by C_XX ---------
# OPTION: Scan START at: 13:14:29 | 30/11/2008 ON: Microsoft Windows [version 6.0.6001] ( Windows Vista ) Internet Explorer: [7.0.6001.18000] EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat USER: Congo David ( Current user is an administrator ) PC: CONGOPC BOOT MODE: Normal UAC is disable DRIVE(S): C:\ D:\ E:\ F:\ G:\ J:\ - Systemdrive: C:\ (NTFS) --------- [ RUNNING PROCESSES ] --------- \SystemRoot\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Windows\system32\taskeng.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe ---------------------------- [~> 50] +---------------------------------------------------------------------------+ +------------------------------- SERVICES FOUND .. +---------------------------------------------------------------------------+ Found ! - "Boonty Games" +---------------------------------------------------------------------------+ +------------------------------- REGISTRY ELEMENTS FOUND .. +---------------------------------------------------------------------------+ "HKEY_CURRENT_USER\SOFTWARE\Boonty" "HKEY_LOCAL_MACHINE\Software\Boonty" "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games" "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games" "HKEY_CLASSES_ROOT\ImageOle.GifAnimator" "HKEY_CLASSES_ROOT\ImageOle.GifAnimator.1" "HKEY_CLASSES_ROOT\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}" "HKEY_CLASSES_ROOT\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}" +---------------------------------------------------------------------------+ +------------------------------- FILES\FOLDERS FOUND .. +---------------------------------------------------------------------------+ [03/05/2008 17:52|d--------] C:\Program Files\BoontyGames [03/05/2008 17:36|d--------] C:\Program Files\Common Files\BOONTY Shared [03/05/2008 17:36|d--------] C:\ProgramData\BOONTY [03/05/2008 17:52|d--------] C:\ProgramData\Microsoft\Windows\STARTM~1\Programs\BoontyGames [03/05/2008 17:36|d--------] C:\ProgramData\BOONTY +---------------------------------------------------------------------------+ +------------------------------- ADDED SCAN .. +---------------------------------------------------------------------------+ +---------- Scanning prefs.js ... ( # Mozilla User Preferences ) ...\xowo03p5.default\prefs.js : ~~~~ Mozilla FireFox version 3.0.4 ~~~~ Start Page : "http://www.google.fr" +----------+ +---------------------------------------------------------------------------+ +--[HKEY_CURRENT_USER\...\Run] ISUSPM REG_SZ "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (par d‚faut) REG_SZ ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe +--[HKEY_LOCAL_MACHINE\...\Run] JMB36X IDE Setup REG_SZ C:\Windows\RaidTool\xInsIDE.exe SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe IAAnotif REG_SZ "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe NvSvc REG_SZ RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit COMODO Firewall Pro REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h COMODO Internet Security REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h +--[HKEY_USERS\.DEFAULT\...\Run] +--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN] Start Page : hxxp://www.google.fr/ +--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN] Start Page : hxxp://www.msn.com/ |
ok relance ad remover choisi l'option B et coche boonty et colle le rapport de desinfection |
F --------- Logfile of AD-Remover 1.0.5.5 by C_XX ---------
# OPTION: Clean START at: 13:19:26 | 30/11/2008 ON: Microsoft Windows [version 6.0.6001] ( Windows Vista ) Internet Explorer: [7.0.6001.18000] *** Limited to *** Boonty/BoontyGames ****************** EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat USER: Congo David ( Current user is an administrator ) PC: CONGOPC BOOT MODE: Normal UAC is disable DRIVE(S): C:\ D:\ E:\ F:\ G:\ J:\ - Systemdrive: C:\ (NTFS) --------- [ RUNNING PROCESSES ] --------- \SystemRoot\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Windows\system32\taskeng.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe ---------------------------- [~> 50] (!) ---- IE start pages reset +---------------------------------------------------------------------------+ +------------------------------- SERVICES DELETED .. +---------------------------------------------------------------------------+ Deleted successfully ! - "Boonty Games" +---------------------------------------------------------------------------+ +------------------------------- REGISTRY ELEMENTS DELETED .. +---------------------------------------------------------------------------+ "HKEY_CURRENT_USER\SOFTWARE\Boonty" "HKEY_LOCAL_MACHINE\Software\Boonty" "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games" +---------------------------------------------------------------------------+ +------------------------------- FILES\FOLDERS DELETED .. +---------------------------------------------------------------------------+ [03/05/2008 17:52|d--------] C:\Program Files\BoontyGames [03/05/2008 17:36|d--------] C:\Program Files\Common Files\BOONTY Shared [03/05/2008 17:36|d--------] C:\ProgramData\BOONTY [03/05/2008 17:52|d--------] C:\ProgramData\Microsoft\Windows\STARTM~1\Programs\BoontyGames (!) ---- Temp files deleted. (!) ---- Recycle bin emptied in all drives. +---------------------------------------------------------------------------+ +------------------------------- ADDED SCAN .. +---------------------------------------------------------------------------+ +--[HKEY_CURRENT_USER\...\Run] ISUSPM REG_SZ "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (par d‚faut) REG_SZ ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe +--[HKEY_LOCAL_MACHINE\...\Run] JMB36X IDE Setup REG_SZ C:\Windows\RaidTool\xInsIDE.exe SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe IAAnotif REG_SZ "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe NvSvc REG_SZ RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit COMODO Firewall Pro REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h COMODO Internet Security REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h +--[HKEY_USERS\.DEFAULT\...\Run] +--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN] Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome +--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN] Start Page : hxxp://fr.msn.com/ |
ok tu as gardé qu'un antivirus?
encore des soucis? |
ouais ça à l'air d'aller merci
pour norton j'arrivais pas à le virer complétement avec windows donc thanks |
tu peux desinstaller ad remover via ton panneau de configuration
si plus de souci c'est bon!!! |
Résultats pour rapport à analyser gros bugs depuis hier
Infection par un cheval de troye (Résolu) Bonjour, j'ai installé NOD32 hier (seul antivirus réputé efficace pour mon configuration achaïque windows ME, après avoir enlevé Avast) et sacrebleu, celui-ci me met en garde contre des menaces de types Trojan Voici ce rapport: Analyse exécutée...
www.commentcamarche.net/forum/affich-4877079-infection-par-un-cheval-de-troye
Analyse de routine hijackthis (Résolu) Bonjour, Voici Le rapports analysez est ce qu'il y a des risque s 'il y a il faut me donnez le .................................................................................................................................. Logfile of...
www.commentcamarche.net/forum/affich-7041524-analyse-de-routine-hijackthis
Infection par Bagle (Résolu) Bonjour, voilà j'ai lancé une analyse hier avec l'antivirus/firewall de Orange et voilà ce qu'il me trouve Type d'analyse: Effectuer une analyse complète de l'ordinateur Cible : C:\ + système + rootkits Résultat: 3...
www.commentcamarche.net/forum/affich-6058380-infection-par-bagle
Résultats pour rapport à analyser gros bugs depuis hier
Comment analyser un rapport HijackThisCet article est destiné aux utilisateurs désirant apprendre à mieux connaitre cet outil, encore à ce jour incontournable pour établir un premier diagnostic sur un PC infecté.
Il n'a pas pour vocation d'être purement technique, mais vous propose...
www.commentcamarche.net/faq/sujet-12196-comment-analyser-un-rapport-hijackthis
Résultats pour rapport à analyser gros bugs depuis hier
Pc très très lent, je ne peux rien faire (Résolu)Voila pc hyper lent j ai mis à jour l anti virus et fait une analyse hier et rien d'infecté !! alors : Logfile of HijackThis v1.99.1 Scan saved at 15:06:48, on 08/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00...
www.commentcamarche.net/forum/affich-2659899-pc-tres-tres-lent-je-ne-peux-rien-faire
Prb ouverture windows (Résolu)Bonjour, Peut-être l'un de vous pourra m'éclairé de ses lumières!! Voilà le problème : Je ne sais pas si ça a un rapport mais hier j'ai ouvert un message sur msn, le problème est que ct un virus. J'ai éteind mon pc et ce matin en...
www.commentcamarche.net/forum/affich-5368705-prb-ouverture-windows
Rapport analyse navilog. Demande d'aide (Résolu)Bonjour, Je viens de faire une analyse de mon pc avec navilog sous vista. Je vous soumets mon analyse pour être sûr de ne pas faire d'erreur. Est-ce que je peux sans problème passer au choix 2 pour la suppression automatique? Merci de votre aide...
www.commentcamarche.net/forum/affich-9175095-rapport-analyse-navilog-demande-d-aide