Internet Publicité
Résolu/Fermé
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
-
1 janv. 2009 à 18:35
dianemane Messages postés 189 Date d'inscription vendredi 4 août 2006 Statut Membre Dernière intervention 6 mars 2013 - 15 févr. 2009 à 16:02
dianemane Messages postés 189 Date d'inscription vendredi 4 août 2006 Statut Membre Dernière intervention 6 mars 2013 - 15 févr. 2009 à 16:02
A voir également:
- Internet Publicité
- Youtube sans publicité - Accueil - Streaming
- Gps sans internet - Guide
- 2go internet = combien d'heure - Forum Opérateurs & Réseaux mobiles
- 35 go internet équivalent en heure - Forum Mobile
- Un bloqueur de publicité empêche la lecture. veuillez le désactiver pour démarrer la vidéo. ✓ - Forum Mozilla Firefox
53 réponses
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
2 janv. 2009 à 12:01
2 janv. 2009 à 12:01
Voila !
Logfile of random's system information tool 1.05 (written by random/random)
Run by Diane at 2009-01-02 11:51:41
Microsoft® Windows Vista™ Édition Familiale Basique
System drive C: has 70 GB (47%) free of 148 GB
Total RAM: 1791 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:51, on 02/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Diane\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Diane.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WINHKEYR] C:\Windows\WINDOWS\WINHKEYR.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Diane\AppData\Local\Temp\cbXPiGab.dll,#1
O4 - HKCU\..\Run: [gadcom] "C:\Users\Diane\AppData\Roaming\gadcom\gadcom.exe" 61A847B5BBF7281337983D466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Diane\AppData\Local\Temp\jkkLEVop.dll,c
O4 - HKCU\..\Run: [2653cc78] rundll32.exe "C:\Users\Diane\AppData\Local\Temp\lqdnwnaa.dll",b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by Diane at 2009-01-02 11:51:41
Microsoft® Windows Vista™ Édition Familiale Basique
System drive C: has 70 GB (47%) free of 148 GB
Total RAM: 1791 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:51, on 02/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Diane\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Diane.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WINHKEYR] C:\Windows\WINDOWS\WINHKEYR.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Diane\AppData\Local\Temp\cbXPiGab.dll,#1
O4 - HKCU\..\Run: [gadcom] "C:\Users\Diane\AppData\Roaming\gadcom\gadcom.exe" 61A847B5BBF7281337983D466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Diane\AppData\Local\Temp\jkkLEVop.dll,c
O4 - HKCU\..\Run: [2653cc78] rundll32.exe "C:\Users\Diane\AppData\Local\Temp\lqdnwnaa.dll",b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Utilisateur anonyme
2 janv. 2009 à 12:04
2 janv. 2009 à 12:04
Re,
▶ Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
/!\ Déconnectes toi et fermes toutes applications en cours/!\
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
▶ Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
/!\ Déconnectes toi et fermes toutes applications en cours/!\
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
2 janv. 2009 à 12:07
2 janv. 2009 à 12:07
On dirait que le topic bug.
C'est tout noir !
C'est tout noir !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
2 janv. 2009 à 13:42
2 janv. 2009 à 13:42
iLS disent qu'ils ne trouvent pas le fichier.
Utilisateur anonyme
2 janv. 2009 à 13:47
2 janv. 2009 à 13:47
Re,
Passe sa:
▶ Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte
▶ Mets le à jour
▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
▶ clique sur Rechercher
▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
▶ Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
▶ Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
▶ Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Tutoriel pour MalwareByte's
Passe sa:
▶ Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte
▶ Mets le à jour
▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
▶ clique sur Rechercher
▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
▶ Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
▶ Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
▶ Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Tutoriel pour MalwareByte's
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
18 janv. 2009 à 13:27
18 janv. 2009 à 13:27
Re, ca fait longtemps ^^
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1596
Windows 6.0.6000
18/01/2009 13:18:06
mbam-log-2009-01-18 (13-18-06).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 155958
Temps écoulé: 1 hour(s), 13 minute(s), 13 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 8
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Users\Public\Documents\Popsicle\ADVPro.dll (Trojan.BHO) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{be2ce3a1-0e47-4f12-a243-8fccced94209} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cd796033-04ae-4b69-8cb2-92bd6c2aaa27} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a67b8fe1-8e6d-44d6-8d74-9c28e7bff35c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a67b8fe1-8e6d-44d6-8d74-9c28e7bff35c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a67b8fe1-8e6d-44d6-8d74-9c28e7bff35c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popsicle.comadvpro (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popsicle.comadvpro.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{f7759abc-b7d8-437c-adc4-b35f2e1692cc} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Public\Documents\Popsicle\ADVPro.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Users\Diane\AppData\Local\Temp\Rar$EX01.308\Setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Diane\Desktop\ECBarre_V_01.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Diane\Documents\LimeWire\Saved\sonate au clair de lune\Setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\PlayMP3.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1596
Windows 6.0.6000
18/01/2009 13:18:06
mbam-log-2009-01-18 (13-18-06).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 155958
Temps écoulé: 1 hour(s), 13 minute(s), 13 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 8
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Users\Public\Documents\Popsicle\ADVPro.dll (Trojan.BHO) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{be2ce3a1-0e47-4f12-a243-8fccced94209} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cd796033-04ae-4b69-8cb2-92bd6c2aaa27} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a67b8fe1-8e6d-44d6-8d74-9c28e7bff35c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a67b8fe1-8e6d-44d6-8d74-9c28e7bff35c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a67b8fe1-8e6d-44d6-8d74-9c28e7bff35c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popsicle.comadvpro (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popsicle.comadvpro.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{f7759abc-b7d8-437c-adc4-b35f2e1692cc} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Public\Documents\Popsicle\ADVPro.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Users\Diane\AppData\Local\Temp\Rar$EX01.308\Setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Diane\Desktop\ECBarre_V_01.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Diane\Documents\LimeWire\Saved\sonate au clair de lune\Setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\PlayMP3.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
Utilisateur anonyme
18 janv. 2009 à 15:40
18 janv. 2009 à 15:40
Re,
▶ Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
/!\ Déconnectes toi et fermes toutes applications en cours/!\
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
▶ Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
/!\ Déconnectes toi et fermes toutes applications en cours/!\
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
21 janv. 2009 à 12:21
21 janv. 2009 à 12:21
Ca marche pas, il me dit "impossible de trouver le fichier..."
Utilisateur anonyme
21 janv. 2009 à 12:23
21 janv. 2009 à 12:23
Re,
Comme tu es sous vista désactive l'UAC de vista et clic droit et exécute en tant qu'administrateur.
Comme tu es sous vista désactive l'UAC de vista et clic droit et exécute en tant qu'administrateur.
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
21 janv. 2009 à 14:18
21 janv. 2009 à 14:18
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
Start at: 13:43:39 | Wed 21/01/2009 | Microsoft® Windows Vista™ Home Basic (V6.0.6000)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: DIANESONG | User: Diane ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: UDF)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\
--- Running Processes: 53
+--------------------| Boonty/Boonty Games Elements Found :
.
HKCU\SOFTWARE\Boonty
.
C:\Boonty
C:\Boonty\Components
C:\Boonty\Games
C:\Boonty\Components\384333.ini
C:\Boonty\Components\apiprotection_20081218.cab
C:\Boonty\Components\gamepages_384333_20090114.cab
C:\Boonty\Components\Sims_2_Double_Deluxe_Telecharger(fr_4362){384333}.exe
C:\Boonty\Components\sitepages_41_double_20090116.cab
C:\Boonty\Components\tools
C:\Boonty\Components\tools\extract.exe
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\Components
C:\Program Files\BoontyGames\Components\Joystick.ico
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames\T‚l‚chargeur de Sims 2 Double Deluxe
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames\T‚l‚chargeur de Sims 2 Double Deluxe\D‚sinstaller le t‚l‚chargeur de Sims 2 Double Deluxe.lnk
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames\T‚l‚chargeur de Sims 2 Double Deluxe\T‚l‚charger Sims 2 Double Deluxe.lnk
C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Cookies\diane@genericshell.boonty[1].txt
+--------------------| Eorezo Elements Found :
.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Program Files\EoRezo
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoRezoTools_19.dll
C:\Program Files\EoRezo\EoAdv\eoAdv.url
C:\Program Files\EoRezo\EoAdv\EoRezoBho.old
C:\Program Files\EoRezo\EoAdv\tmp
C:\Users\Diane\AppData\Roaming\EoRezo
C:\Users\Diane\AppData\Roaming\EoRezo\cache
C:\Users\Diane\AppData\Roaming\EoRezo\cmhost.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\ConfMedia.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\db
C:\Users\Diane\AppData\Roaming\EoRezo\eoDesktop
C:\Users\Diane\AppData\Roaming\EoRezo\eoStats
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction.cfg
C:\Users\Diane\AppData\Roaming\EoRezo\host.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\user.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\db\cat.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\eoDesktop\config.xml
C:\Users\Diane\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
C:\Users\Diane\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
C:\Users\Diane\AppData\Roaming\EoRezo\eoStats\eoStats.txt
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\conf_site.xml
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraduction.cfg
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\aide.png
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\eoTraduction.png
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\fermer.png
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\minimiser.png
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\traduire.png
+--------------------| Everest Casino/Everest Poker Elements Found :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :
.
HKCU\SOFTWARE\AppDataLow\software\MyWebSearch
HKCU\SOFTWARE\FunWebProducts
.
C:\Windows\Downloaded Program Files\F3initialsetup1.0.1.0.inf
C:\Users\Diane\AppData\LocalLow\MyWebSearch
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\History
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Settings
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BA5F0
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BB136
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BB625.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BB847.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BBA3B.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BBC4D.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BBE21.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BC11D
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\004298C6.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\00429AC9.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\00429C3F.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\00429DA6.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\00429EEE.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\History\search2
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Settings\setting2.htm
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Settings\settings.dat
C:\Users\Diane\AppData\LocalLow\FunWebProducts
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Installr
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Shared
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Installr\Cache
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Installr\Cache\002F0712.exe
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Installr\Cache\files.ini
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Shared\004310E2.dat
+--------------------| It's TV Elements Found :
HKCU\SOFTWARE\ItsLabel
HKLM\SOFTWARE\ItsLabel
.
C:\Users\Diane\AppData\Roaming\ItsLabel
C:\Users\Diane\AppData\Roaming\ItsLabel\ItsTV
C:\Users\Diane\AppData\Roaming\ItsLabel\ItsTV\itsTV.xml
+--------------------| Sweetim Elements Found :
.
.
+--------------------| Added Scan :
~~~~ INTERNET EXPLORER VERSION 7.0.6000.16512 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://lo.st
+---------------------------------------------------------------------------+
[~6782 BYTES] - "C:\AD-REPORT-SCAN-21.01.2009.LOG"
End at: 13:54:41 | 21/01/2009 - Time elapsed: 11 minutes, 2 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 133 Lines ]
+---------------------------------------------------------------------------+
Updated by C_XX on 17/01/2009 at 12:00
Start at: 13:43:39 | Wed 21/01/2009 | Microsoft® Windows Vista™ Home Basic (V6.0.6000)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: DIANESONG | User: Diane ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: UDF)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\
--- Running Processes: 53
+--------------------| Boonty/Boonty Games Elements Found :
.
HKCU\SOFTWARE\Boonty
.
C:\Boonty
C:\Boonty\Components
C:\Boonty\Games
C:\Boonty\Components\384333.ini
C:\Boonty\Components\apiprotection_20081218.cab
C:\Boonty\Components\gamepages_384333_20090114.cab
C:\Boonty\Components\Sims_2_Double_Deluxe_Telecharger(fr_4362){384333}.exe
C:\Boonty\Components\sitepages_41_double_20090116.cab
C:\Boonty\Components\tools
C:\Boonty\Components\tools\extract.exe
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\Components
C:\Program Files\BoontyGames\Components\Joystick.ico
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames\T‚l‚chargeur de Sims 2 Double Deluxe
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames\T‚l‚chargeur de Sims 2 Double Deluxe\D‚sinstaller le t‚l‚chargeur de Sims 2 Double Deluxe.lnk
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames\T‚l‚chargeur de Sims 2 Double Deluxe\T‚l‚charger Sims 2 Double Deluxe.lnk
C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Cookies\diane@genericshell.boonty[1].txt
+--------------------| Eorezo Elements Found :
.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Program Files\EoRezo
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoRezoTools_19.dll
C:\Program Files\EoRezo\EoAdv\eoAdv.url
C:\Program Files\EoRezo\EoAdv\EoRezoBho.old
C:\Program Files\EoRezo\EoAdv\tmp
C:\Users\Diane\AppData\Roaming\EoRezo
C:\Users\Diane\AppData\Roaming\EoRezo\cache
C:\Users\Diane\AppData\Roaming\EoRezo\cmhost.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\ConfMedia.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\db
C:\Users\Diane\AppData\Roaming\EoRezo\eoDesktop
C:\Users\Diane\AppData\Roaming\EoRezo\eoStats
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction.cfg
C:\Users\Diane\AppData\Roaming\EoRezo\host.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\user.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\db\cat.cyp
C:\Users\Diane\AppData\Roaming\EoRezo\eoDesktop\config.xml
C:\Users\Diane\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
C:\Users\Diane\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
C:\Users\Diane\AppData\Roaming\EoRezo\eoStats\eoStats.txt
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\conf_site.xml
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraduction.cfg
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\aide.png
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\eoTraduction.png
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\fermer.png
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\minimiser.png
C:\Users\Diane\AppData\Roaming\EoRezo\EoTraduction\EoTraductionSkin\traduire.png
+--------------------| Everest Casino/Everest Poker Elements Found :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :
.
HKCU\SOFTWARE\AppDataLow\software\MyWebSearch
HKCU\SOFTWARE\FunWebProducts
.
C:\Windows\Downloaded Program Files\F3initialsetup1.0.1.0.inf
C:\Users\Diane\AppData\LocalLow\MyWebSearch
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\History
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Settings
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BA5F0
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BB136
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BB625.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BB847.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BBA3B.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BBC4D.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BBE21.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\003BC11D
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\004298C6.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\00429AC9.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\00429C3F.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\00429DA6.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\00429EEE.bin
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\History\search2
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Settings\setting2.htm
C:\Users\Diane\AppData\LocalLow\MyWebSearch\bar\Settings\settings.dat
C:\Users\Diane\AppData\LocalLow\FunWebProducts
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Installr
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Shared
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Installr\Cache
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Installr\Cache\002F0712.exe
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Installr\Cache\files.ini
C:\Users\Diane\AppData\LocalLow\FunWebProducts\Shared\004310E2.dat
+--------------------| It's TV Elements Found :
HKCU\SOFTWARE\ItsLabel
HKLM\SOFTWARE\ItsLabel
.
C:\Users\Diane\AppData\Roaming\ItsLabel
C:\Users\Diane\AppData\Roaming\ItsLabel\ItsTV
C:\Users\Diane\AppData\Roaming\ItsLabel\ItsTV\itsTV.xml
+--------------------| Sweetim Elements Found :
.
.
+--------------------| Added Scan :
~~~~ INTERNET EXPLORER VERSION 7.0.6000.16512 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://lo.st
+---------------------------------------------------------------------------+
[~6782 BYTES] - "C:\AD-REPORT-SCAN-21.01.2009.LOG"
End at: 13:54:41 | 21/01/2009 - Time elapsed: 11 minutes, 2 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 133 Lines ]
+---------------------------------------------------------------------------+
Utilisateur anonyme
21 janv. 2009 à 14:20
21 janv. 2009 à 14:20
Re,
▶ /!\ Déconnectes toi et fermes toutes applications en cours /!\
▶ Relances "Ad-remover" : au menu principal choisi l'option "B" .
http://apu.mabul.org/up/apu/2008/11/19/img-221318q2g03.jpg
Il faut taper un chiffre et valider systématiquement celui-ci par ENTREE.
▶ Ensuite coche:
Boonty ==> Puis ENTRER
Eorezo==> Puis ENTRER
Mywebsearch==> Puis ENTRER
It's TV==> Puis ENTRER
▶ Puis "S"
▶ le programme va travailler ...
▶ Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
▶ /!\ Déconnectes toi et fermes toutes applications en cours /!\
▶ Relances "Ad-remover" : au menu principal choisi l'option "B" .
http://apu.mabul.org/up/apu/2008/11/19/img-221318q2g03.jpg
Il faut taper un chiffre et valider systématiquement celui-ci par ENTREE.
▶ Ensuite coche:
Boonty ==> Puis ENTRER
Eorezo==> Puis ENTRER
Mywebsearch==> Puis ENTRER
It's TV==> Puis ENTRER
▶ Puis "S"
▶ le programme va travailler ...
▶ Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
21 janv. 2009 à 14:30
21 janv. 2009 à 14:30
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
*** LIMITED TO ***
Boonty/Boontygames
Eorezo
Funwebproduct/Myway/Mywebsearch
It's TV
******************
Start at: 14:23:29 | Wed 21/01/2009 | Microsoft® Windows Vista™ Home Basic (V6.0.6000)
Boot mode: Normal
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: DIANESONG | User: Diane ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: UDF)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\
--- Running Processes: 53
(!) ---- IE start pages reset
+--------------------| Boonty/Boonty Games Elements Deleted :
.
HKCU\SOFTWARE\Boonty
.
C:\Boonty
C:\Program Files\T‚l‚chargeur de Sims 2 Double Deluxe\ui\Images\Boonty
C:\Program Files\BoontyGames
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames
C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Cookies\diane@genericshell.boonty[1].txt
+--------------------| Eorezo Elements Deleted :
.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Program Files\EoRezo
C:\Users\Diane\AppData\Roaming\EoRezo
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Deleted :
.
HKCU\SOFTWARE\AppDataLow\software\MyWebSearch
HKCU\SOFTWARE\FunWebProducts
.
C:\Windows\Downloaded Program Files\F3initialsetup1.0.1.0.inf
C:\Users\Diane\AppData\LocalLow\MyWebSearch
C:\Users\Diane\AppData\LocalLow\FunWebProducts
+--------------------| It's TV Elements Deleted :
HKCU\SOFTWARE\ItsLabel
HKLM\SOFTWARE\ItsLabel
.
C:\Users\Diane\AppData\Roaming\ItsLabel
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+--------------------| Added Scan :
+---------------------------------------------------------------------------+
~~~~ INTERNET EXPLORER VERSION 7.0.6000.16512 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
[~2731 BYTES] - "C:\AD-REPORT-CLEAN-21.01.2009.LOG"
[~7124 BYTES] - "C:\AD-REPORT-SCAN-21.01.2009.LOG"
End at: 14:29:38 | 21/01/2009 - Time elapsed: 6 minutes, 8 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 67 Lines ]
+---------------------------------------------------------------------------+
Updated by C_XX on 17/01/2009 at 12:00
*** LIMITED TO ***
Boonty/Boontygames
Eorezo
Funwebproduct/Myway/Mywebsearch
It's TV
******************
Start at: 14:23:29 | Wed 21/01/2009 | Microsoft® Windows Vista™ Home Basic (V6.0.6000)
Boot mode: Normal
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: DIANESONG | User: Diane ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: UDF)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\
--- Running Processes: 53
(!) ---- IE start pages reset
+--------------------| Boonty/Boonty Games Elements Deleted :
.
HKCU\SOFTWARE\Boonty
.
C:\Boonty
C:\Program Files\T‚l‚chargeur de Sims 2 Double Deluxe\ui\Images\Boonty
C:\Program Files\BoontyGames
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames
C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Cookies\diane@genericshell.boonty[1].txt
+--------------------| Eorezo Elements Deleted :
.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Program Files\EoRezo
C:\Users\Diane\AppData\Roaming\EoRezo
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Deleted :
.
HKCU\SOFTWARE\AppDataLow\software\MyWebSearch
HKCU\SOFTWARE\FunWebProducts
.
C:\Windows\Downloaded Program Files\F3initialsetup1.0.1.0.inf
C:\Users\Diane\AppData\LocalLow\MyWebSearch
C:\Users\Diane\AppData\LocalLow\FunWebProducts
+--------------------| It's TV Elements Deleted :
HKCU\SOFTWARE\ItsLabel
HKLM\SOFTWARE\ItsLabel
.
C:\Users\Diane\AppData\Roaming\ItsLabel
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+--------------------| Added Scan :
+---------------------------------------------------------------------------+
~~~~ INTERNET EXPLORER VERSION 7.0.6000.16512 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
[~2731 BYTES] - "C:\AD-REPORT-CLEAN-21.01.2009.LOG"
[~7124 BYTES] - "C:\AD-REPORT-SCAN-21.01.2009.LOG"
End at: 14:29:38 | 21/01/2009 - Time elapsed: 6 minutes, 8 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 67 Lines ]
+---------------------------------------------------------------------------+
Utilisateur anonyme
21 janv. 2009 à 14:34
21 janv. 2009 à 14:34
Re,
Redémarre ton pc normalement et fait ce qui suit:
▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
▶ Double clique sur RSIT.exe pour lancer l'outil.
▶ Clique sur ' continue ' à l'écran Disclaimer.
▶ Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Redémarre ton pc normalement et fait ce qui suit:
▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
▶ Double clique sur RSIT.exe pour lancer l'outil.
▶ Clique sur ' continue ' à l'écran Disclaimer.
▶ Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
21 janv. 2009 à 14:38
21 janv. 2009 à 14:38
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:07, on 21/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Users\Diane\AppData\Local\Temp\a.exe
C:\Users\Diane\AppData\Local\Temp\~tmpc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Diane\AppData\Local\Apps\2.0\V34QD4WZ.Z5Y\58AO78MD.D79\pack..tion_0906286e828d55eb_0001.0003_9f1c347874de5a17\PackBarre.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Users\Diane\AppData\Local\Temp\~tmpa.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [WINHKEYR] C:\Windows\WINDOWS\WINHKEYR.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Cognac] C:\Users\Diane\AppData\Local\Temp\~tmpa.exe
O4 - HKCU\..\Run: [MSFox] C:\Users\Diane\AppData\Local\Temp\a.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\Windows\System32\dinput32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Scan saved at 14:32:07, on 21/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Users\Diane\AppData\Local\Temp\a.exe
C:\Users\Diane\AppData\Local\Temp\~tmpc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Diane\AppData\Local\Apps\2.0\V34QD4WZ.Z5Y\58AO78MD.D79\pack..tion_0906286e828d55eb_0001.0003_9f1c347874de5a17\PackBarre.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Users\Diane\AppData\Local\Temp\~tmpa.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [WINHKEYR] C:\Windows\WINDOWS\WINHKEYR.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Cognac] C:\Users\Diane\AppData\Local\Temp\~tmpa.exe
O4 - HKCU\..\Run: [MSFox] C:\Users\Diane\AppData\Local\Temp\a.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\Windows\System32\dinput32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Utilisateur anonyme
21 janv. 2009 à 14:41
21 janv. 2009 à 14:41
Re,
Met à jour malwarebyte et refait un scan complet .
=>Version 1674
Met à jour malwarebyte et refait un scan complet .
=>Version 1674
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
25 janv. 2009 à 19:53
25 janv. 2009 à 19:53
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1688
Windows 6.0.6000
24/01/2009 13:42:57
mbam-log-2009-01-24 (13-42-57).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 154576
Temps écoulé: 1 hour(s), 4 minute(s), 47 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
C:\Users\Diane\AppData\Local\Temp\~tmpa.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Users\Diane\AppData\Local\Temp\~tmpc.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Windows\System32\msxml71.dll (Trojan.Siggen) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSFox (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\System32\msxml71.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Users\Diane\AppData\Local\Temp\a.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Users\Diane\AppData\Local\Temp\~tmpa.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Users\Diane\AppData\Local\Temp\~tmpb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Diane\AppData\Local\Temp\~tmpc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Version de la base de données: 1688
Windows 6.0.6000
24/01/2009 13:42:57
mbam-log-2009-01-24 (13-42-57).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 154576
Temps écoulé: 1 hour(s), 4 minute(s), 47 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
C:\Users\Diane\AppData\Local\Temp\~tmpa.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Users\Diane\AppData\Local\Temp\~tmpc.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Windows\System32\msxml71.dll (Trojan.Siggen) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSFox (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\System32\msxml71.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Users\Diane\AppData\Local\Temp\a.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Users\Diane\AppData\Local\Temp\~tmpa.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Users\Diane\AppData\Local\Temp\~tmpb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Diane\AppData\Local\Temp\~tmpc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Utilisateur anonyme
25 janv. 2009 à 23:22
25 janv. 2009 à 23:22
Re,
Supprime bien l quarantaine et redémarre ton pc et refait un rapport avec RSIT.
merci
Supprime bien l quarantaine et redémarre ton pc et refait un rapport avec RSIT.
merci
dianemane
Messages postés
189
Date d'inscription
vendredi 4 août 2006
Statut
Membre
Dernière intervention
6 mars 2013
5
31 janv. 2009 à 22:39
31 janv. 2009 à 22:39
Logfile of random's system information tool 1.05 (written by random/random)
Run by Diane at 2009-01-31 22:33:22
Microsoft® Windows Vista™ Édition Familiale Basique
System drive C: has 64 GB (43%) free of 148 GB
Total RAM: 1791 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:33:27, on 31/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Diane\AppData\Local\Temp\a.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Diane\AppData\Local\Temp\~tmpc.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Diane\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Diane.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [WINHKEYR] C:\Windows\WINDOWS\WINHKEYR.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [MSFox] C:\Users\Diane\AppData\Local\Temp\a.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\Windows\System32\dinput32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Run by Diane at 2009-01-31 22:33:22
Microsoft® Windows Vista™ Édition Familiale Basique
System drive C: has 64 GB (43%) free of 148 GB
Total RAM: 1791 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:33:27, on 31/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Diane\AppData\Local\Temp\a.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Diane\AppData\Local\Temp\~tmpc.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Diane\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Diane.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [WINHKEYR] C:\Windows\WINDOWS\WINHKEYR.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [MSFox] C:\Users\Diane\AppData\Local\Temp\a.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\Windows\System32\dinput32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
