Publicités intempestives

Fermé
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 - 7 mars 2009 à 13:52
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 - 8 mars 2009 à 15:48
Bonjour,

Mon écran se couvre de publicités intempestives.Je suis allée dans internet explorer, puis dans outils, bloqueur de fenêtre j'ai validé et rien ne se passe , j'ai toujours les fenêtres de pub.
Merci de bien vouloir me renseigner
j'ai un PC ,window XP , internet explorer, outloock express et messagerie orange que je voudrais supprimer
Cordialement
Mireille
PS je ne suis pas forte en informatique
A voir également:

17 réponses

toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
7 mars 2009 à 13:53
Bonjour

Télécharge le fichier d’installation d’Hijackthis en cliquant sur ce lien

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

* Enregistre HJTInstall.exe sur ton bureau.

* Double-clique sur HJTInstall.exe pour lancer le programme

Tuto : https://www.malekal.com/tutoriel-hijackthis/
http://pagesperso-orange.fr/rginformatique/section%20virus/Hijenr.gif
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm

* Accepte la license en cliquant sur le bouton "I Accept"
* Choisis l'option "Do a system scan and save a log file"
* Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
* Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

* Colle le rapport que tu viens de copier sur ce forum
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
7 mars 2009 à 14:53
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:41:27, on 07/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Securitoo\av_fw\fswsclds.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Commander Pro\UPServ.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Commander Pro\UPS.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\cidaemon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\PROGRA~1\Wanadoo\WOOBRO~1\DownloadManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9799CB34-770B-1AA1-FC0A-E947DCCCB3D9} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Else pure remote sign] C:\Documents and Settings\All Users\Application Data\MP3 FILM ELSE PURE\Iso Fast.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [32 Meta] C:\DOCUME~1\DANIEL~1\APPLIC~1\OKAYCD~1\KindEach.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: UPSmart - Unknown owner - C:\Program Files\Commander Pro\UPServ.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
7 mars 2009 à 15:00
Télécharge Lop S&D.exe sur ton Bureau.

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)


Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
7 mars 2009 à 16:06
avec mes remerciements , merci infiniment pour votre patience.Cordialement Mireille
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A05
USER : Daniel Gouard ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total:111 Go (Free:71 Go)
D:\ (CD or DVD)
F:\ (USB)
H:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 07/03/2009|15:57 )

--------------------\\ Listing des dossiers dans APPLIC~1

[22/11/2004|16:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4D
[14/08/2008|14:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[18/08/2005|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[22/11/2004|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe(2)
[24/08/2004|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[20/10/2005|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\blah meow wave manager
[25/08/2007|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[18/08/2004|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[19/02/2007|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[12/08/2005|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/10/2008|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[11/12/2006|14:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCA13B.tmp
[02/10/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[20/02/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[02/02/2008|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/10/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/02/2009|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MP3 FILM ELSE PURE
[20/01/2007|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
[16/02/2007|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[25/08/2007|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[24/10/2007|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Newsoft
[15/08/2007|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[12/07/2006|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QubeSoft
[23/08/2004|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[18/08/2004|08:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[24/09/2004|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[02/10/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[23/08/2007|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[16/12/2008|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/10/2006|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[18/08/2004|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[25/05/2006|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/08/2006|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[16/12/2006|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[12/11/2004|15:52] C:\DOCUME~1\DANIEL~1\APPLIC~1\Active Disk
[14/08/2008|10:55] C:\DOCUME~1\DANIEL~1\APPLIC~1\Adobe
[08/05/2008|20:49] C:\DOCUME~1\DANIEL~1\APPLIC~1\AdobeUM
[24/08/2004|11:05] C:\DOCUME~1\DANIEL~1\APPLIC~1\AOL
[13/02/2006|15:20] C:\DOCUME~1\DANIEL~1\APPLIC~1\ArcSoft
[10/11/2004|09:30] C:\DOCUME~1\DANIEL~1\APPLIC~1\Common Files
[24/08/2004|13:04] C:\DOCUME~1\DANIEL~1\APPLIC~1\CyberLink
[09/10/2006|15:17] C:\DOCUME~1\DANIEL~1\APPLIC~1\eConf
[20/02/2007|11:19] C:\DOCUME~1\DANIEL~1\APPLIC~1\Google
[23/08/2004|18:48] C:\DOCUME~1\DANIEL~1\APPLIC~1\Help
[10/11/2004|09:29] C:\DOCUME~1\DANIEL~1\APPLIC~1\HP
[18/08/2004|08:29] C:\DOCUME~1\DANIEL~1\APPLIC~1\Identities
[18/08/2004|09:02] C:\DOCUME~1\DANIEL~1\APPLIC~1\Jasc Software Inc
[15/07/2008|15:03] C:\DOCUME~1\DANIEL~1\APPLIC~1\Lasersoft Imaging
[27/10/2008|11:53] C:\DOCUME~1\DANIEL~1\APPLIC~1\Lavasoft
[24/08/2004|08:26] C:\DOCUME~1\DANIEL~1\APPLIC~1\Leadertech
[23/08/2004|18:59] C:\DOCUME~1\DANIEL~1\APPLIC~1\Macromedia
[31/10/2008|19:04] C:\DOCUME~1\DANIEL~1\APPLIC~1\McAfee
[03/01/2009|21:17] C:\DOCUME~1\DANIEL~1\APPLIC~1\Microsoft
[24/09/2004|13:18] C:\DOCUME~1\DANIEL~1\APPLIC~1\Microsoft Web Folders
[06/07/2008|12:36] C:\DOCUME~1\DANIEL~1\APPLIC~1\Mozilla
[20/01/2007|13:54] C:\DOCUME~1\DANIEL~1\APPLIC~1\MSN Search Toolbar
[23/02/2007|10:47] C:\DOCUME~1\DANIEL~1\APPLIC~1\MSN6
[24/10/2007|10:09] C:\DOCUME~1\DANIEL~1\APPLIC~1\NewSoft
[11/09/2004|18:05] C:\DOCUME~1\DANIEL~1\APPLIC~1\Nikon
[24/10/2007|10:34] C:\DOCUME~1\DANIEL~1\APPLIC~1\NSBackup
[22/02/2009|20:28] C:\DOCUME~1\DANIEL~1\APPLIC~1\Okaycdromamok
[11/07/2005|09:46] C:\DOCUME~1\DANIEL~1\APPLIC~1\Real
[25/08/2004|18:22] C:\DOCUME~1\DANIEL~1\APPLIC~1\Sonic
[18/08/2004|08:57] C:\DOCUME~1\DANIEL~1\APPLIC~1\Sun
[24/08/2004|16:03] C:\DOCUME~1\DANIEL~1\APPLIC~1\Template
[16/08/2008|17:10] C:\DOCUME~1\DANIEL~1\APPLIC~1\U3
[01/02/2007|14:26] C:\DOCUME~1\DANIEL~1\APPLIC~1\Yahoo!
[18/08/2004|09:05] C:\DOCUME~1\DANIEL~1\APPLIC~1\You've Got Pictures Screensaver

[24/08/2004|11:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[18/08/2004|08:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[18/08/2004|09:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Jasc Software Inc
[01/12/2007|09:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/08/2004|09:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[18/08/2004|08:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[18/08/2004|09:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[13/12/2006|14:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[20/02/2007|10:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[15/10/2006|15:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[15/10/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities
[24/03/2005|09:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[29/04/2007|21:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/02/2007|20:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\MSN6
[31/12/2008|12:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore


[18/08/2004|08:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[24/11/2004|12:40] C:\DOCUME~1\TIZENF~1\APPLIC~1\Active Disk
[26/02/2008|10:27] C:\DOCUME~1\TIZENF~1\APPLIC~1\Adobe
[25/10/2005|17:23] C:\DOCUME~1\TIZENF~1\APPLIC~1\AdobeUM
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\AOL
[06/06/2006|19:09] C:\DOCUME~1\TIZENF~1\APPLIC~1\ArcSoft
[25/12/2007|21:01] C:\DOCUME~1\TIZENF~1\APPLIC~1\bang
[18/08/2006|13:12] C:\DOCUME~1\TIZENF~1\APPLIC~1\Common Files
[05/08/2008|14:33] C:\DOCUME~1\TIZENF~1\APPLIC~1\CyberLink
[25/02/2006|18:56] C:\DOCUME~1\TIZENF~1\APPLIC~1\Google
[17/08/2005|15:17] C:\DOCUME~1\TIZENF~1\APPLIC~1\Help
[18/08/2006|13:12] C:\DOCUME~1\TIZENF~1\APPLIC~1\HP
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\Identities
[21/10/2005|17:55] C:\DOCUME~1\TIZENF~1\APPLIC~1\Jasc Software Inc
[14/08/2005|21:47] C:\DOCUME~1\TIZENF~1\APPLIC~1\Leadertech
[27/10/2006|16:27] C:\DOCUME~1\TIZENF~1\APPLIC~1\Macromedia
[11/11/2008|17:01] C:\DOCUME~1\TIZENF~1\APPLIC~1\Microsoft
[07/07/2008|14:08] C:\DOCUME~1\TIZENF~1\APPLIC~1\Mozilla
[22/01/2007|16:55] C:\DOCUME~1\TIZENF~1\APPLIC~1\MSN Search Toolbar
[22/04/2007|19:57] C:\DOCUME~1\TIZENF~1\APPLIC~1\MSN6
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\Nikon
[20/10/2005|18:35] C:\DOCUME~1\TIZENF~1\APPLIC~1\Okaycdromamok
[09/09/2005|22:12] C:\DOCUME~1\TIZENF~1\APPLIC~1\Opera
[27/10/2006|16:27] C:\DOCUME~1\TIZENF~1\APPLIC~1\PlayFirst
[12/02/2006|17:45] C:\DOCUME~1\TIZENF~1\APPLIC~1\ppStream
[25/08/2005|12:07] C:\DOCUME~1\TIZENF~1\APPLIC~1\Real
[22/10/2005|13:11] C:\DOCUME~1\TIZENF~1\APPLIC~1\size logo play
[19/09/2005|18:17] C:\DOCUME~1\TIZENF~1\APPLIC~1\Sonic
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\Sun
[22/01/2006|11:14] C:\DOCUME~1\TIZENF~1\APPLIC~1\Template
[16/08/2008|19:37] C:\DOCUME~1\TIZENF~1\APPLIC~1\U3
[28/08/2006|18:58] C:\DOCUME~1\TIZENF~1\APPLIC~1\vlc
[18/06/2008|18:41] C:\DOCUME~1\TIZENF~1\APPLIC~1\XnView
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/03/2009 18:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[20/02/2007 10:23][--a------] C:\WINDOWS\tasks\McDefragTask.job
[20/02/2007 10:23][--a------] C:\WINDOWS\tasks\McQcTask.job
[24/08/2004 18:45][--a------] C:\WINDOWS\tasks\Rappel d'abonnement 1 auprŠs de l'ISP.job
[07/03/2009 11:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 07:00][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

--------------------\\ Listing des dossiers dans C:\Program Files

[28/10/2006|23:00] C:\Program Files\A4Desk
[22/08/2007|11:38] C:\Program Files\Ad-Aware SE Professional
[14/08/2008|10:48] C:\Program Files\Adobe
[19/09/2005|17:59] C:\Program Files\Ahead
[12/11/2008|17:15] C:\Program Files\Angels Online
[19/12/2007|09:17] C:\Program Files\Ankama Games
[07/01/2006|12:38] C:\Program Files\Aquatica Waterworlds
[11/09/2004|18:00] C:\Program Files\ArcSoft
[29/08/2006|18:15] C:\Program Files\Avvenu
[01/01/2008|21:03] C:\Program Files\Boonty
[25/08/2007|11:42] C:\Program Files\BoontyGames
[18/08/2004|08:59] C:\Program Files\Broadcom Management Programs
[22/08/2007|11:36] C:\Program Files\CCleaner
[27/02/2009|13:36] C:\Program Files\Circl Developement
[23/08/2007|22:48] C:\Program Files\CleanUp!
[22/04/2005|10:41] C:\Program Files\Commander Pro
[08/06/2008|18:20] C:\Program Files\Common Files
[25/10/2008|16:27] C:\Program Files\Conduit
[24/08/2007|13:59] C:\Program Files\Corel
[29/07/2006|14:08] C:\Program Files\CursorXP
[18/08/2004|09:00] C:\Program Files\CyberLink
[08/05/2008|10:46] C:\Program Files\Datel
[18/08/2004|09:01] C:\Program Files\Dell
[18/08/2004|09:02] C:\Program Files\Dell Computer
[16/04/2006|22:37] C:\Program Files\DivX
[06/02/2009|17:03] C:\Program Files\Dofus
[11/07/2008|14:31] C:\Program Files\DofusArena2
[15/07/2007|13:12] C:\Program Files\eMule
[20/01/2008|16:48] C:\Program Files\Enjoy 5e
[27/10/2008|11:49] C:\Program Files\Fichiers communs
[29/01/2006|20:22] C:\Program Files\FotoStation Easy
[23/08/2006|15:01] C:\Program Files\Freezerware
[05/11/2006|16:49] C:\Program Files\Fujifilm
[02/03/2005|15:07] C:\Program Files\G‚n‚aTique2004
[26/02/2009|17:44] C:\Program Files\Google
[16/10/2008|18:03] C:\Program Files\HP
[27/12/2006|15:18] C:\Program Files\ICom Plugins
[13/08/2008|21:51] C:\Program Files\InstallShield Installation Information
[11/02/2009|13:36] C:\Program Files\Internet Explorer
[12/11/2004|15:47] C:\Program Files\Iomega
[25/10/2008|16:27] C:\Program Files\IsoBuster
[12/10/2006|17:06] C:\Program Files\IZArc
[28/01/2005|16:39] C:\Program Files\Jardins3D
[21/10/2005|17:55] C:\Program Files\Jasc Software Inc
[30/12/2008|16:41] C:\Program Files\Java
[01/05/2008|17:53] C:\Program Files\Journal Macro
[11/04/2008|17:26] C:\Program Files\LaserSoft
[27/10/2008|11:53] C:\Program Files\Lavasoft
[18/08/2004|09:05] C:\Program Files\Learn2.com
[12/07/2006|14:54] C:\Program Files\LEGO Software
[25/08/2006|18:34] C:\Program Files\Logitech
[02/09/2008|14:27] C:\Program Files\LOMA
[22/06/2006|16:31] C:\Program Files\Macrogaming
[04/03/2009|16:26] C:\Program Files\McAfee
[20/02/2007|10:28] C:\Program Files\McAfee.com
[18/10/2005|16:56] C:\Program Files\MediaMonkey
[28/01/2005|09:56] C:\Program Files\Messager Wanadoo
[01/09/2008|11:38] C:\Program Files\Messenger
[22/02/2009|20:27] C:\Program Files\Messenger Plus! Live
[20/07/2008|16:07] C:\Program Files\Metin2_France
[05/02/2005|15:48] C:\Program Files\Micro Application
[24/09/2004|13:25] C:\Program Files\microsoft frontpage
[30/10/2006|08:33] C:\Program Files\Microsoft FrontPage Express
[21/08/2006|14:06] C:\Program Files\Microsoft Games
[07/03/2009|12:26] C:\Program Files\Microsoft Money
[28/12/2005|18:51] C:\Program Files\Microsoft Money 2005
[24/09/2004|13:26] C:\Program Files\Microsoft Office
[18/08/2004|09:02] C:\Program Files\Microsoft Works
[05/12/2004|18:38] C:\Program Files\Mindscape
[01/09/2008|11:17] C:\Program Files\Movie Maker
[21/10/2008|15:23] C:\Program Files\Mozilla Firefox
[24/07/2007|09:14] C:\Program Files\MSECACHE
[22/11/2004|17:38] C:\Program Files\MSN
[18/08/2004|08:29] C:\Program Files\MSN Gaming Zone
[22/02/2009|20:27] C:\Program Files\MSN Messenger
[20/01/2007|13:50] C:\Program Files\MSN Toolbar Suite
[19/11/2006|12:01] C:\Program Files\MSXML 4.0
[26/11/2008|14:30] C:\Program Files\Mu~Templar 2.0
[24/08/2004|13:34] C:\Program Files\MUSICMATCH
[01/09/2008|11:07] C:\Program Files\NetMeeting
[11/09/2004|18:01] C:\Program Files\Nikon
[25/02/2009|18:00] C:\Program Files\Norton Security Scan
[22/02/2009|20:27] C:\Program Files\Okaycdromamok
[19/02/2007|17:38] C:\Program Files\Orange Link
[01/09/2008|11:07] C:\Program Files\Outlook Express
[23/10/2004|09:19] C:\Program Files\Overland
[15/05/2005|09:19] C:\Program Files\Palm
[10/11/2008|14:03] C:\Program Files\PC Camera
[14/08/2008|10:52] C:\Program Files\PDFCreator
[22/08/2007|11:34] C:\Program Files\PhotoFiltre
[27/10/2006|16:26] C:\Program Files\PlayFirst
[24/10/2007|10:09] C:\Program Files\Plustek
[01/02/2006|18:18] C:\Program Files\ppStream
[22/11/2004|17:39] C:\Program Files\QuickTime
[18/08/2004|09:04] C:\Program Files\Real
[28/08/2005|12:34] C:\Program Files\ReflexiveArcade
[21/08/2007|08:40] C:\Program Files\RegClean
[22/08/2007|18:02] C:\Program Files\RegCleaner
[09/10/2006|18:34] C:\Program Files\SAGEM
[21/08/2007|15:15] C:\Program Files\Securitoo
[18/08/2004|08:29] C:\Program Files\Services en ligne
[29/08/2004|09:17] C:\Program Files\Skyline
[24/09/2004|13:26] C:\Program Files\Snapshot Viewer
[18/08/2004|09:02] C:\Program Files\Sonic
[21/08/2007|14:50] C:\Program Files\splus
[23/08/2007|22:20] C:\Program Files\Spybot - Search & Destroy
[28/05/2008|16:45] C:\Program Files\Sun
[04/08/2006|12:22] C:\Program Files\themexp
[24/02/2005|17:58] C:\Program Files\Tracker Software
[23/08/2007|23:23] C:\Program Files\Trend Micro
[28/08/2006|17:03] C:\Program Files\TVUPlayer
[18/08/2004|08:57] C:\Program Files\Uninstall Information
[24/06/2006|17:35] C:\Program Files\VeriSign
[18/08/2004|09:04] C:\Program Files\Viewpoint
[28/12/2005|13:49] C:\Program Files\VirginMega
[01/11/2005|17:40] C:\Program Files\Visicom Media
[03/11/2008|14:35] C:\Program Files\Wakfu
[07/03/2009|12:09] C:\Program Files\Wanadoo
[28/12/2005|18:32] C:\Program Files\Web Publish
[19/02/2009|15:30] C:\Program Files\Win G‚n‚alogic
[24/07/2007|09:15] C:\Program Files\Windows Installer Clean Up
[25/05/2006|18:15] C:\Program Files\Windows Journal Viewer
[24/08/2007|13:33] C:\Program Files\Windows Live
[01/09/2008|11:38] C:\Program Files\Windows Media Player
[01/09/2008|11:07] C:\Program Files\Windows NT
[28/10/2006|22:05] C:\Program Files\WindowsUpdate
[24/08/2007|15:58] C:\Program Files\WinRAR
[18/08/2004|08:29] C:\Program Files\XEROX
[12/08/2006|18:22] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[14/08/2008|10:48] C:\Program Files\Fichiers communs\Adobe
[18/08/2005|19:19] C:\Program Files\Fichiers communs\Adobe Systems Shared
[19/09/2005|17:59] C:\Program Files\Fichiers communs\Ahead
[24/08/2004|11:15] C:\Program Files\Fichiers communs\AOL
[25/08/2007|11:43] C:\Program Files\Fichiers communs\BOONTY Shared
[12/11/2004|09:40] C:\Program Files\Fichiers communs\cnnuesub
[24/09/2004|13:20] C:\Program Files\Fichiers communs\Designer
[23/08/2004|18:42] C:\Program Files\Fichiers communs\Hewlett-Packard
[23/08/2004|18:40] C:\Program Files\Fichiers communs\HP
[12/08/2005|17:59] C:\Program Files\Fichiers communs\InstallShield
[18/08/2004|08:57] C:\Program Files\Fichiers communs\Java
[24/08/2004|13:33] C:\Program Files\Fichiers communs\Logitech
[12/11/2007|09:29] C:\Program Files\Fichiers communs\McAfee
[22/03/2007|17:59] C:\Program Files\Fichiers communs\Microsoft Shared
[18/08/2004|08:29] C:\Program Files\Fichiers communs\MSSoap
[13/08/2008|22:00] C:\Program Files\Fichiers communs\NewSoft
[11/09/2004|18:01] C:\Program Files\Fichiers communs\Nikon
[18/08/2004|09:04] C:\Program Files\Fichiers communs\Nullsoft
[13/08/2008|20:40] C:\Program Files\Fichiers communs\PAC207
[11/07/2005|09:37] C:\Program Files\Fichiers communs\Real
[18/08/2004|08:29] C:\Program Files\Fichiers communs\Services
[18/08/2004|09:02] C:\Program Files\Fichiers communs\Sonic
[18/08/2004|09:01] C:\Program Files\Fichiers communs\Sonic Shared
[18/08/2004|08:29] C:\Program Files\Fichiers communs\SpeechEngines
[07/11/2004|16:35] C:\Program Files\Fichiers communs\SWF Studio
[15/08/2008|17:01] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2008|11:07] C:\Program Files\Fichiers communs\System
[20/01/2008|16:47] C:\Program Files\Fichiers communs\Thraex Software
[16/08/2005|20:08] C:\Program Files\Fichiers communs\Vbox
[27/10/2008|11:49] C:\Program Files\Fichiers communs\Wise Installation Wizard
[06/07/2008|12:33] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 71 Processes )

IEXPLORE.EXE ~ [PID:3312]
IEXPLORE.EXE ~ [PID:3648]
iexplore.exe ~ [PID:1584]
IEXPLORE.EXE ~ [PID:692]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@advertising[1].txt
C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@banner.cotedazurpalace[2].txt
C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@cotedazurpalace[2].txt
C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@www.cotedazurpalace[1].txt
C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@adopt.euroclick[1].txt
C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@pacificpoker[2].txt
C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@partypoker[1].txt
C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@32vegas[1].txt
C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@banner.32vegas[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-07 15:59:56
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 12

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:33][D:5]-> C:\DOCUME~1\DANIEL~1\LOCALS~1\Temp
[F:110][D:0]-> C:\DOCUME~1\DANIEL~1\Cookies
[F:2926][D:8]-> C:\DOCUME~1\DANIEL~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 07/03/2009|16:02 - Option : [1]

--------------------\\ Fin du rapport a 16:02:14
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
7 mars 2009 à 16:08
Relance Lop S&D


* Choisis cette fois ci l'Option 2 (Suppression)

* Ne ferme pas la fenêtre lors de la suppression !

* Poste le rapport généré (C:\lopR.txt)
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
7 mars 2009 à 16:18
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A05
USER : Daniel Gouard ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total:111 Go (Free:71 Go)
D:\ (CD or DVD)
F:\ (USB)
H:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 07/03/2009|16:13 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@advertising[1].txt
Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@partypoker[1].txt
Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@32vegas[1].txt
Supprime! - C:\DOCUME~1\DANIEL~1\Cookies\daniel_gouard@banner.32vegas[2].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[22/11/2004|16:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4D
[14/08/2008|14:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[18/08/2005|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[22/11/2004|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe(2)
[24/08/2004|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[20/10/2005|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\blah meow wave manager
[25/08/2007|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[18/08/2004|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[19/02/2007|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[12/08/2005|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/10/2008|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[11/12/2006|14:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCA13B.tmp
[02/10/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[20/02/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[02/02/2008|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/10/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/02/2009|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MP3 FILM ELSE PURE
[20/01/2007|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
[16/02/2007|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[25/08/2007|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[24/10/2007|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Newsoft
[15/08/2007|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[12/07/2006|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QubeSoft
[23/08/2004|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[18/08/2004|08:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[24/09/2004|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[02/10/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[23/08/2007|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[16/12/2008|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/10/2006|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[25/05/2006|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/08/2006|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[16/12/2006|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[12/11/2004|15:52] C:\DOCUME~1\DANIEL~1\APPLIC~1\Active Disk
[14/08/2008|10:55] C:\DOCUME~1\DANIEL~1\APPLIC~1\Adobe
[08/05/2008|20:49] C:\DOCUME~1\DANIEL~1\APPLIC~1\AdobeUM
[24/08/2004|11:05] C:\DOCUME~1\DANIEL~1\APPLIC~1\AOL
[13/02/2006|15:20] C:\DOCUME~1\DANIEL~1\APPLIC~1\ArcSoft
[10/11/2004|09:30] C:\DOCUME~1\DANIEL~1\APPLIC~1\Common Files
[24/08/2004|13:04] C:\DOCUME~1\DANIEL~1\APPLIC~1\CyberLink
[09/10/2006|15:17] C:\DOCUME~1\DANIEL~1\APPLIC~1\eConf
[20/02/2007|11:19] C:\DOCUME~1\DANIEL~1\APPLIC~1\Google
[23/08/2004|18:48] C:\DOCUME~1\DANIEL~1\APPLIC~1\Help
[10/11/2004|09:29] C:\DOCUME~1\DANIEL~1\APPLIC~1\HP
[18/08/2004|08:29] C:\DOCUME~1\DANIEL~1\APPLIC~1\Identities
[18/08/2004|09:02] C:\DOCUME~1\DANIEL~1\APPLIC~1\Jasc Software Inc
[15/07/2008|15:03] C:\DOCUME~1\DANIEL~1\APPLIC~1\Lasersoft Imaging
[27/10/2008|11:53] C:\DOCUME~1\DANIEL~1\APPLIC~1\Lavasoft
[24/08/2004|08:26] C:\DOCUME~1\DANIEL~1\APPLIC~1\Leadertech
[23/08/2004|18:59] C:\DOCUME~1\DANIEL~1\APPLIC~1\Macromedia
[31/10/2008|19:04] C:\DOCUME~1\DANIEL~1\APPLIC~1\McAfee
[03/01/2009|21:17] C:\DOCUME~1\DANIEL~1\APPLIC~1\Microsoft
[24/09/2004|13:18] C:\DOCUME~1\DANIEL~1\APPLIC~1\Microsoft Web Folders
[06/07/2008|12:36] C:\DOCUME~1\DANIEL~1\APPLIC~1\Mozilla
[20/01/2007|13:54] C:\DOCUME~1\DANIEL~1\APPLIC~1\MSN Search Toolbar
[23/02/2007|10:47] C:\DOCUME~1\DANIEL~1\APPLIC~1\MSN6
[24/10/2007|10:09] C:\DOCUME~1\DANIEL~1\APPLIC~1\NewSoft
[11/09/2004|18:05] C:\DOCUME~1\DANIEL~1\APPLIC~1\Nikon
[24/10/2007|10:34] C:\DOCUME~1\DANIEL~1\APPLIC~1\NSBackup
[22/02/2009|20:28] C:\DOCUME~1\DANIEL~1\APPLIC~1\Okaycdromamok
[11/07/2005|09:46] C:\DOCUME~1\DANIEL~1\APPLIC~1\Real
[25/08/2004|18:22] C:\DOCUME~1\DANIEL~1\APPLIC~1\Sonic
[18/08/2004|08:57] C:\DOCUME~1\DANIEL~1\APPLIC~1\Sun
[24/08/2004|16:03] C:\DOCUME~1\DANIEL~1\APPLIC~1\Template
[16/08/2008|17:10] C:\DOCUME~1\DANIEL~1\APPLIC~1\U3
[01/02/2007|14:26] C:\DOCUME~1\DANIEL~1\APPLIC~1\Yahoo!
[18/08/2004|09:05] C:\DOCUME~1\DANIEL~1\APPLIC~1\You've Got Pictures Screensaver

[24/08/2004|11:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[18/08/2004|08:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[18/08/2004|09:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Jasc Software Inc
[01/12/2007|09:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/08/2004|09:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[18/08/2004|08:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[18/08/2004|09:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[13/12/2006|14:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[20/02/2007|10:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[15/10/2006|15:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[15/10/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Identities
[24/03/2005|09:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[29/04/2007|21:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/02/2007|20:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\MSN6
[31/12/2008|12:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore


[18/08/2004|08:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[24/11/2004|12:40] C:\DOCUME~1\TIZENF~1\APPLIC~1\Active Disk
[26/02/2008|10:27] C:\DOCUME~1\TIZENF~1\APPLIC~1\Adobe
[25/10/2005|17:23] C:\DOCUME~1\TIZENF~1\APPLIC~1\AdobeUM
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\AOL
[06/06/2006|19:09] C:\DOCUME~1\TIZENF~1\APPLIC~1\ArcSoft
[25/12/2007|21:01] C:\DOCUME~1\TIZENF~1\APPLIC~1\bang
[18/08/2006|13:12] C:\DOCUME~1\TIZENF~1\APPLIC~1\Common Files
[05/08/2008|14:33] C:\DOCUME~1\TIZENF~1\APPLIC~1\CyberLink
[25/02/2006|18:56] C:\DOCUME~1\TIZENF~1\APPLIC~1\Google
[17/08/2005|15:17] C:\DOCUME~1\TIZENF~1\APPLIC~1\Help
[18/08/2006|13:12] C:\DOCUME~1\TIZENF~1\APPLIC~1\HP
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\Identities
[21/10/2005|17:55] C:\DOCUME~1\TIZENF~1\APPLIC~1\Jasc Software Inc
[14/08/2005|21:47] C:\DOCUME~1\TIZENF~1\APPLIC~1\Leadertech
[27/10/2006|16:27] C:\DOCUME~1\TIZENF~1\APPLIC~1\Macromedia
[11/11/2008|17:01] C:\DOCUME~1\TIZENF~1\APPLIC~1\Microsoft
[07/07/2008|14:08] C:\DOCUME~1\TIZENF~1\APPLIC~1\Mozilla
[22/01/2007|16:55] C:\DOCUME~1\TIZENF~1\APPLIC~1\MSN Search Toolbar
[22/04/2007|19:57] C:\DOCUME~1\TIZENF~1\APPLIC~1\MSN6
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\Nikon
[20/10/2005|18:35] C:\DOCUME~1\TIZENF~1\APPLIC~1\Okaycdromamok
[09/09/2005|22:12] C:\DOCUME~1\TIZENF~1\APPLIC~1\Opera
[27/10/2006|16:27] C:\DOCUME~1\TIZENF~1\APPLIC~1\PlayFirst
[12/02/2006|17:45] C:\DOCUME~1\TIZENF~1\APPLIC~1\ppStream
[25/08/2005|12:07] C:\DOCUME~1\TIZENF~1\APPLIC~1\Real
[22/10/2005|13:11] C:\DOCUME~1\TIZENF~1\APPLIC~1\size logo play
[19/09/2005|18:17] C:\DOCUME~1\TIZENF~1\APPLIC~1\Sonic
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\Sun
[22/01/2006|11:14] C:\DOCUME~1\TIZENF~1\APPLIC~1\Template
[16/08/2008|19:37] C:\DOCUME~1\TIZENF~1\APPLIC~1\U3
[28/08/2006|18:58] C:\DOCUME~1\TIZENF~1\APPLIC~1\vlc
[18/06/2008|18:41] C:\DOCUME~1\TIZENF~1\APPLIC~1\XnView
[22/11/2004|17:39] C:\DOCUME~1\TIZENF~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/03/2009 18:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[20/02/2007 10:23][--a------] C:\WINDOWS\tasks\McDefragTask.job
[20/02/2007 10:23][--a------] C:\WINDOWS\tasks\McQcTask.job
[24/08/2004 18:45][--a------] C:\WINDOWS\tasks\Rappel d'abonnement 1 auprŠs de l'ISP.job
[07/03/2009 11:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 07:00][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

--------------------\\ Listing des dossiers dans C:\Program Files

[28/10/2006|23:00] C:\Program Files\A4Desk
[22/08/2007|11:38] C:\Program Files\Ad-Aware SE Professional
[14/08/2008|10:48] C:\Program Files\Adobe
[19/09/2005|17:59] C:\Program Files\Ahead
[12/11/2008|17:15] C:\Program Files\Angels Online
[19/12/2007|09:17] C:\Program Files\Ankama Games
[07/01/2006|12:38] C:\Program Files\Aquatica Waterworlds
[11/09/2004|18:00] C:\Program Files\ArcSoft
[29/08/2006|18:15] C:\Program Files\Avvenu
[01/01/2008|21:03] C:\Program Files\Boonty
[25/08/2007|11:42] C:\Program Files\BoontyGames
[18/08/2004|08:59] C:\Program Files\Broadcom Management Programs
[22/08/2007|11:36] C:\Program Files\CCleaner
[27/02/2009|13:36] C:\Program Files\Circl Developement
[23/08/2007|22:48] C:\Program Files\CleanUp!
[22/04/2005|10:41] C:\Program Files\Commander Pro
[08/06/2008|18:20] C:\Program Files\Common Files
[25/10/2008|16:27] C:\Program Files\Conduit
[24/08/2007|13:59] C:\Program Files\Corel
[29/07/2006|14:08] C:\Program Files\CursorXP
[18/08/2004|09:00] C:\Program Files\CyberLink
[08/05/2008|10:46] C:\Program Files\Datel
[18/08/2004|09:01] C:\Program Files\Dell
[18/08/2004|09:02] C:\Program Files\Dell Computer
[16/04/2006|22:37] C:\Program Files\DivX
[06/02/2009|17:03] C:\Program Files\Dofus
[11/07/2008|14:31] C:\Program Files\DofusArena2
[15/07/2007|13:12] C:\Program Files\eMule
[20/01/2008|16:48] C:\Program Files\Enjoy 5e
[27/10/2008|11:49] C:\Program Files\Fichiers communs
[29/01/2006|20:22] C:\Program Files\FotoStation Easy
[23/08/2006|15:01] C:\Program Files\Freezerware
[05/11/2006|16:49] C:\Program Files\Fujifilm
[02/03/2005|15:07] C:\Program Files\G‚n‚aTique2004
[26/02/2009|17:44] C:\Program Files\Google
[16/10/2008|18:03] C:\Program Files\HP
[27/12/2006|15:18] C:\Program Files\ICom Plugins
[13/08/2008|21:51] C:\Program Files\InstallShield Installation Information
[11/02/2009|13:36] C:\Program Files\Internet Explorer
[12/11/2004|15:47] C:\Program Files\Iomega
[25/10/2008|16:27] C:\Program Files\IsoBuster
[12/10/2006|17:06] C:\Program Files\IZArc
[28/01/2005|16:39] C:\Program Files\Jardins3D
[21/10/2005|17:55] C:\Program Files\Jasc Software Inc
[30/12/2008|16:41] C:\Program Files\Java
[01/05/2008|17:53] C:\Program Files\Journal Macro
[11/04/2008|17:26] C:\Program Files\LaserSoft
[27/10/2008|11:53] C:\Program Files\Lavasoft
[18/08/2004|09:05] C:\Program Files\Learn2.com
[12/07/2006|14:54] C:\Program Files\LEGO Software
[25/08/2006|18:34] C:\Program Files\Logitech
[02/09/2008|14:27] C:\Program Files\LOMA
[22/06/2006|16:31] C:\Program Files\Macrogaming
[04/03/2009|16:26] C:\Program Files\McAfee
[20/02/2007|10:28] C:\Program Files\McAfee.com
[18/10/2005|16:56] C:\Program Files\MediaMonkey
[28/01/2005|09:56] C:\Program Files\Messager Wanadoo
[01/09/2008|11:38] C:\Program Files\Messenger
[22/02/2009|20:27] C:\Program Files\Messenger Plus! Live
[20/07/2008|16:07] C:\Program Files\Metin2_France
[05/02/2005|15:48] C:\Program Files\Micro Application
[24/09/2004|13:25] C:\Program Files\microsoft frontpage
[30/10/2006|08:33] C:\Program Files\Microsoft FrontPage Express
[21/08/2006|14:06] C:\Program Files\Microsoft Games
[07/03/2009|12:26] C:\Program Files\Microsoft Money
[28/12/2005|18:51] C:\Program Files\Microsoft Money 2005
[24/09/2004|13:26] C:\Program Files\Microsoft Office
[18/08/2004|09:02] C:\Program Files\Microsoft Works
[05/12/2004|18:38] C:\Program Files\Mindscape
[01/09/2008|11:17] C:\Program Files\Movie Maker
[21/10/2008|15:23] C:\Program Files\Mozilla Firefox
[24/07/2007|09:14] C:\Program Files\MSECACHE
[22/11/2004|17:38] C:\Program Files\MSN
[18/08/2004|08:29] C:\Program Files\MSN Gaming Zone
[22/02/2009|20:27] C:\Program Files\MSN Messenger
[20/01/2007|13:50] C:\Program Files\MSN Toolbar Suite
[19/11/2006|12:01] C:\Program Files\MSXML 4.0
[26/11/2008|14:30] C:\Program Files\Mu~Templar 2.0
[24/08/2004|13:34] C:\Program Files\MUSICMATCH
[01/09/2008|11:07] C:\Program Files\NetMeeting
[11/09/2004|18:01] C:\Program Files\Nikon
[25/02/2009|18:00] C:\Program Files\Norton Security Scan
[22/02/2009|20:27] C:\Program Files\Okaycdromamok
[19/02/2007|17:38] C:\Program Files\Orange Link
[01/09/2008|11:07] C:\Program Files\Outlook Express
[23/10/2004|09:19] C:\Program Files\Overland
[15/05/2005|09:19] C:\Program Files\Palm
[10/11/2008|14:03] C:\Program Files\PC Camera
[14/08/2008|10:52] C:\Program Files\PDFCreator
[22/08/2007|11:34] C:\Program Files\PhotoFiltre
[27/10/2006|16:26] C:\Program Files\PlayFirst
[24/10/2007|10:09] C:\Program Files\Plustek
[01/02/2006|18:18] C:\Program Files\ppStream
[22/11/2004|17:39] C:\Program Files\QuickTime
[18/08/2004|09:04] C:\Program Files\Real
[28/08/2005|12:34] C:\Program Files\ReflexiveArcade
[21/08/2007|08:40] C:\Program Files\RegClean
[22/08/2007|18:02] C:\Program Files\RegCleaner
[09/10/2006|18:34] C:\Program Files\SAGEM
[21/08/2007|15:15] C:\Program Files\Securitoo
[18/08/2004|08:29] C:\Program Files\Services en ligne
[29/08/2004|09:17] C:\Program Files\Skyline
[24/09/2004|13:26] C:\Program Files\Snapshot Viewer
[18/08/2004|09:02] C:\Program Files\Sonic
[21/08/2007|14:50] C:\Program Files\splus
[23/08/2007|22:20] C:\Program Files\Spybot - Search & Destroy
[28/05/2008|16:45] C:\Program Files\Sun
[04/08/2006|12:22] C:\Program Files\themexp
[24/02/2005|17:58] C:\Program Files\Tracker Software
[23/08/2007|23:23] C:\Program Files\Trend Micro
[28/08/2006|17:03] C:\Program Files\TVUPlayer
[18/08/2004|08:57] C:\Program Files\Uninstall Information
[24/06/2006|17:35] C:\Program Files\VeriSign
[28/12/2005|13:49] C:\Program Files\VirginMega
[01/11/2005|17:40] C:\Program Files\Visicom Media
[03/11/2008|14:35] C:\Program Files\Wakfu
[07/03/2009|12:09] C:\Program Files\Wanadoo
[28/12/2005|18:32] C:\Program Files\Web Publish
[19/02/2009|15:30] C:\Program Files\Win G‚n‚alogic
[24/07/2007|09:15] C:\Program Files\Windows Installer Clean Up
[25/05/2006|18:15] C:\Program Files\Windows Journal Viewer
[24/08/2007|13:33] C:\Program Files\Windows Live
[01/09/2008|11:38] C:\Program Files\Windows Media Player
[01/09/2008|11:07] C:\Program Files\Windows NT
[28/10/2006|22:05] C:\Program Files\WindowsUpdate
[24/08/2007|15:58] C:\Program Files\WinRAR
[18/08/2004|08:29] C:\Program Files\XEROX
[12/08/2006|18:22] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[14/08/2008|10:48] C:\Program Files\Fichiers communs\Adobe
[18/08/2005|19:19] C:\Program Files\Fichiers communs\Adobe Systems Shared
[19/09/2005|17:59] C:\Program Files\Fichiers communs\Ahead
[24/08/2004|11:15] C:\Program Files\Fichiers communs\AOL
[25/08/2007|11:43] C:\Program Files\Fichiers communs\BOONTY Shared
[12/11/2004|09:40] C:\Program Files\Fichiers communs\cnnuesub
[24/09/2004|13:20] C:\Program Files\Fichiers communs\Designer
[23/08/2004|18:42] C:\Program Files\Fichiers communs\Hewlett-Packard
[23/08/2004|18:40] C:\Program Files\Fichiers communs\HP
[12/08/2005|17:59] C:\Program Files\Fichiers communs\InstallShield
[18/08/2004|08:57] C:\Program Files\Fichiers communs\Java
[24/08/2004|13:33] C:\Program Files\Fichiers communs\Logitech
[12/11/2007|09:29] C:\Program Files\Fichiers communs\McAfee
[22/03/2007|17:59] C:\Program Files\Fichiers communs\Microsoft Shared
[18/08/2004|08:29] C:\Program Files\Fichiers communs\MSSoap
[13/08/2008|22:00] C:\Program Files\Fichiers communs\NewSoft
[11/09/2004|18:01] C:\Program Files\Fichiers communs\Nikon
[18/08/2004|09:04] C:\Program Files\Fichiers communs\Nullsoft
[13/08/2008|20:40] C:\Program Files\Fichiers communs\PAC207
[11/07/2005|09:37] C:\Program Files\Fichiers communs\Real
[18/08/2004|08:29] C:\Program Files\Fichiers communs\Services
[18/08/2004|09:02] C:\Program Files\Fichiers communs\Sonic
[18/08/2004|09:01] C:\Program Files\Fichiers communs\Sonic Shared
[18/08/2004|08:29] C:\Program Files\Fichiers communs\SpeechEngines
[07/11/2004|16:35] C:\Program Files\Fichiers communs\SWF Studio
[15/08/2008|17:01] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2008|11:07] C:\Program Files\Fichiers communs\System
[20/01/2008|16:47] C:\Program Files\Fichiers communs\Thraex Software
[16/08/2005|20:08] C:\Program Files\Fichiers communs\Vbox
[27/10/2008|11:49] C:\Program Files\Fichiers communs\Wise Installation Wizard
[06/07/2008|12:33] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 63 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-07 16:15:24
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 12

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:31][D:5]-> C:\DOCUME~1\DANIEL~1\LOCALS~1\Temp
[F:101][D:0]-> C:\DOCUME~1\DANIEL~1\Cookies
[F:2635][D:8]-> C:\DOCUME~1\DANIEL~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 07/03/2009|16:02 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 07/03/2009|16:16 - Option : [2]

--------------------\\ Fin du rapport a 16:16:47
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
7 mars 2009 à 18:42
ça y est le rapport malwarebytes est terminé,je te le joins ci-dessou:qu'en penses tu.?
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1825
Windows 5.1.2600 Service Pack 3

07/03/2009 18:32:54
mbam-log-2009-03-07 (18-32-54).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 240832
Temps écoulé: 1 hour(s), 46 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
7 mars 2009 à 16:27
OK
Fais un nouvel Hijackthis stp.
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
7 mars 2009 à 19:16
voici le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:15:17, on 07/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Securitoo\av_fw\fswsclds.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Commander Pro\UPServ.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Commander Pro\UPS.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\cidaemon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9799CB34-770B-1AA1-FC0A-E947DCCCB3D9} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Else pure remote sign] C:\Documents and Settings\All Users\Application Data\MP3 FILM ELSE PURE\Iso Fast.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [32 Meta] C:\DOCUME~1\DANIEL~1\APPLIC~1\OKAYCD~1\KindEach.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: UPSmart - Unknown owner - C:\Program Files\Commander Pro\UPServ.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25 > mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009
7 mars 2009 à 19:23
au fait comme tu me l'as conseillé, j'ai installé firefox 3
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230 > mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009
7 mars 2009 à 19:25
Je ne me souviens pas te l'avoir conseillé mais c'est bien ;-)
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
7 mars 2009 à 18:44
ça se présente bien.
Fais un nouvel Hijackthis, qu'on regarde si tout est propre.
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
7 mars 2009 à 19:34
ok c'est fait que dois-je faire maintenant
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
7 mars 2009 à 19:21
Boonty est une source d'ennuis, il serait préférable de le supprimer :

Clique sur Démarrer --> Exécuter
Tape : Services.msc puis OK
Choisis le mode "Etendu" (onglets inférieurs)
Grâce à la barre de défilement (à droite) recherche le service suivant:

Boonty Games

Quand le service est trouvé, pointe dessus, double-clique (bouton gauche).
Dans la fenêtre suivante qui apparait, sous l'onglet Général clique sur le bouton Arrêter,
puis déroule le Type de Démarrage pour le modifier en Désactivé
Clique sur Appliquer puis OK.

Ensuite supprime le dossier "boonty shared" qui se trouve ici : C:\program files\fichiers communs\


Tuto si besoin : https://www.zebulon.fr/dossiers/windows/31-services.html
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
7 mars 2009 à 19:38
As-tu encore des anomalies ?
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
7 mars 2009 à 20:02
non, je n'ai plus d'anomalies et je te remercie surtout de ta patience et de tes conseils
Cordialement Mireille
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
7 mars 2009 à 20:04
Nettoie ton registre :

* Télécharge CCleaner.
(attention à l'installation penser à DECOCHER l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner).

https://www.pcastuces.com/logitheque/ccleaner.htm
https://www.commentcamarche.net/telecharger/ 168 ccleaner

Installe le dans un répertoire dédié.

Décoche pendant l'installation

--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour

* Lance Ccleaner pour un nettoyage complet :

Déconnecte-toi et ferme toutes les applications en cours
* va dans "nettoyeur" : fait analyse puis nettoyage
* va dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

Tutorial ici :
https://kerio.probb.fr/
https://www.malekal.com/tutoriel-ccleaner/
ET
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
8 mars 2009 à 10:33
Ca y est, j'ai nettoyé avec ccleaner.
Ce matin je n'ai pas eu de fenêtre de publicité, juste un message qui disait que Firefox en a bloqué une.
Aurait-on réussi à tout corriger ?

Mireille
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
8 mars 2009 à 10:35
Je l'espère, observe un peu ce qui se passe au cours des prochains jours et n'hésite pas à le signaler si tu as des problèmes.
Si tout va bien :

Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :

Télécharge toolscleaner sur ton Bureau :
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de ton disque dur (C:\)...colle le dans ta réponse
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
8 mars 2009 à 10:36
Oh zut je viens d'en avoir une (fenêtre de pub) !!! A l'instant, "888.com le poker pour votre plaisir".
Est ce que ça peut être lié au navigateur orange qui se réactive tout le temps, alors que je voudrais utiliser Firefox ?
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25 > mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009
8 mars 2009 à 10:51
bonjour,
mon anti virus est Mac Afee, je pense qu'il est bien ?
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
8 mars 2009 à 10:42
Télécharge de AD-Remover de Cyrildu17 / C_XX) sur ton Bureau.

http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

- Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Au menu principal, choisis l'option "A".
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note :

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

0
le bombé Messages postés 678 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 3 mai 2012 645
8 mars 2009 à 10:44
bonjour,

Quelle est votre anti-virus?
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
8 mars 2009 à 11:10
voici le rapport de toolscleaner[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\cleannavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\Lop SD: trouvé !
C:\SmitFraudfix: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dépannage\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dépannage\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Daniel Gouard\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Daniel Gouard\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Daniel Gouard\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\Daniel Gouard\Mes documents\pp\2\AOM\HISTORY\UNITS\avenger.txt: trouvé !
C:\Downloads\HijackThis: trouvé !
C:\Downloads\hijackthis\HijackThis.exe: trouvé !
C:\Downloads\hijackthis\hijackthis.log: trouvé !
C:\Program Files\HJTInstall.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dépannage\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Daniel Gouard\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Daniel Gouard\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\Daniel Gouard\Bureau\HJTInstall.exe: supprimé !
C:\Downloads\hijackthis\HijackThis.exe: supprimé !
C:\Program Files\HJTInstall.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\cleannavi.txt: supprimé !
C:\lopR.txt: supprimé !
C:\Documents and Settings\Daniel Gouard\Mes documents\pp\2\AOM\HISTORY\UNITS\avenger.txt: supprimé !
C:\Downloads\hijackthis\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Lop SD: supprimé !
C:\SmitFraudfix: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dépannage\HijackThis: supprimé !
C:\Downloads\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25 > mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009
8 mars 2009 à 12:00
voici le rapport Ad-Remover
------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

Updated by C_XX on 07/03/2009 at 21:40

Start at: 11:49:53 | 08/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: DF54J71J
Current User: Daniel Gouard - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 64

+-----------------| Boonty/Boonty Games Elements Found:

Service: Boonty Games
.
HKCR\boontybox
HKLM\Software\Boonty
HKLM\Software\Classes\boontybox
HKLM\System\ControlSet001\Services\Boonty Games
HKLM\System\CurrentControlSet\Services\Boonty Games
HKLM\System\ControlSet003\Services\Boonty Games
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Luxor 2_is1
.
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Found:

.

+-----------------| Infected Poker Softwares Elements Found:

.

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

HKCR\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKU\S-1-5-18\Software\SWEETIE
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\35F8F48CFBC340946AF151B8E2105C1B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\430B9074095998B438236F5FB1ED75CB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\80719E8EA720305459C0EE8389E9CAFB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A8B8696B937B0D04B8796ADECB6EC106
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B084A05F467835D4394CCF76723438C1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E6E39982D5828024DA11899256779137
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F1B496B301445D115AA4000972A8B18B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\10db51.msi
C:\WINDOWS\Installer\10db56.msi
C:\Program Files\Macrogaming

+-----------------| Other Adwares Found:

.
HKLM\Software\Trymedia Systems
.
C:\Program Files\Conduit
C:\Documents and Settings\Daniel Gouard\Cookies\daniel_gouard@atdmt[1].txt

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: vtsuc2pp.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Prefs.js) FOUND: user_pref("weboftrust.search.mahalo.style", "#content-container a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; margin-right: 5px; }");
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_USERS\S-1-5-21-3078723372-213729002-905058401-1006\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~7485 Bytes] - C:\Ad-Report-Scan-08.03.2009.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 11:52:38 | 08/03/2009
.
+-----------------| E.O.F - 118 Lines
.

------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

Updated by C_XX on 07/03/2009 at 21:40

Start at: 11:49:53 | 08/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: DF54J71J
Current User: Daniel Gouard - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 64

+-----------------| Boonty/Boonty Games Elements Found:

Service: Boonty Games
.
HKCR\boontybox
HKLM\Software\Boonty
HKLM\Software\Classes\boontybox
HKLM\System\ControlSet001\Services\Boonty Games
HKLM\System\CurrentControlSet\Services\Boonty Games
HKLM\System\ControlSet003\Services\Boonty Games
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Luxor 2_is1
.
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Found:

.

+-----------------| Infected Poker Softwares Elements Found:

.

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

HKCR\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKU\S-1-5-18\Software\SWEETIE
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\35F8F48CFBC340946AF151B8E2105C1B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\430B9074095998B438236F5FB1ED75CB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\80719E8EA720305459C0EE8389E9CAFB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A8B8696B937B0D04B8796ADECB6EC106
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B084A05F467835D4394CCF76723438C1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E6E39982D5828024DA11899256779137
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F1B496B301445D115AA4000972A8B18B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\10db51.msi
C:\WINDOWS\Installer\10db56.msi
C:\Program Files\Macrogaming

+-----------------| Other Adwares Found:

.
HKLM\Software\Trymedia Systems
.
C:\Program Files\Conduit
C:\Documents and Settings\Daniel Gouard\Cookies\daniel_gouard@atdmt[1].txt

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: vtsuc2pp.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Prefs.js) FOUND: user_pref("weboftrust.search.mahalo.style", "#content-container a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; margin-right: 5px; }");
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_USERS\S-1-5-21-3078723372-213729002-905058401-1006\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~7485 Bytes] - C:\Ad-Report-Scan-08.03.2009.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 11:52:38 | 08/03/2009
.
+-----------------| E.O.F - 118 Lines
.

------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

Updated by C_XX on 07/03/2009 at 21:40

Start at: 11:49:53 | 08/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: DF54J71J
Current User: Daniel Gouard - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 64

+-----------------| Boonty/Boonty Games Elements Found:

Service: Boonty Games
.
HKCR\boontybox
HKLM\Software\Boonty
HKLM\Software\Classes\boontybox
HKLM\System\ControlSet001\Services\Boonty Games
HKLM\System\CurrentControlSet\Services\Boonty Games
HKLM\System\ControlSet003\Services\Boonty Games
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Luxor 2_is1
.
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Found:

.

+-----------------| Infected Poker Softwares Elements Found:

.

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

HKCR\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKU\S-1-5-18\Software\SWEETIE
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\35F8F48CFBC340946AF151B8E2105C1B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\430B9074095998B438236F5FB1ED75CB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\80719E8EA720305459C0EE8389E9CAFB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A8B8696B937B0D04B8796ADECB6EC106
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B084A05F467835D4394CCF76723438C1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E6E39982D5828024DA11899256779137
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F1B496B301445D115AA4000972A8B18B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\10db51.msi
C:\WINDOWS\Installer\10db56.msi
C:\Program Files\Macrogaming

+-----------------| Other Adwares Found:

.
HKLM\Software\Trymedia Systems
.
C:\Program Files\Conduit
C:\Documents and Settings\Daniel Gouard\Cookies\daniel_gouard@atdmt[1].txt

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: vtsuc2pp.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Prefs.js) FOUND: user_pref("weboftrust.search.mahalo.style", "#content-container a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; margin-right: 5px; }");
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_USERS\S-1-5-21-3078723372-213729002-905058401-1006\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~7485 Bytes] - C:\Ad-Report-Scan-08.03.2009.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 11:52:38 | 08/03/2009
.
+-----------------| E.O.F - 118 Lines
.

------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

Updated by C_XX on 07/03/2009 at 21:40

Start at: 11:49:53 | 08/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: DF54J71J
Current User: Daniel Gouard - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 64

+-----------------| Boonty/Boonty Games Elements Found:

Service: Boonty Games
.
HKCR\boontybox
HKLM\Software\Boonty
HKLM\Software\Classes\boontybox
HKLM\System\ControlSet001\Services\Boonty Games
HKLM\System\CurrentControlSet\Services\Boonty Games
HKLM\System\ControlSet003\Services\Boonty Games
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Luxor 2_is1
.
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Found:

.

+-----------------| Infected Poker Softwares Elements Found:

.

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

HKCR\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKU\S-1-5-18\Software\SWEETIE
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\35F8F48CFBC340946AF151B8E2105C1B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\430B9074095998B438236F5FB1ED75CB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\80719E8EA720305459C0EE8389E9CAFB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A8B8696B937B0D04B8796ADECB6EC106
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B084A05F467835D4394CCF76723438C1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E6E39982D5828024DA11899256779137
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F1B496B301445D115AA4000972A8B18B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\10db51.msi
C:\WINDOWS\Installer\10db56.msi
C:\Program Files\Macrogaming

+-----------------| Other Adwares Found:

.
HKLM\Software\Trymedia Systems
.
C:\Program Files\Conduit
C:\Documents and Settings\Daniel Gouard\Cookies\daniel_gouard@atdmt[1].txt

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: vtsuc2pp.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Prefs.js) FOUND: user_pref("weboftrust.search.mahalo.style", "#content-container a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; margin-right: 5px; }");
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_USERS\S-1-5-21-3078723372-213729002-905058401-1006\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~7485 Bytes] - C:\Ad-Report-Scan-08.03.2009.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 11:52:38 | 08/03/2009
.
+-----------------| E.O.F - 118 Lines
.

------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

Updated by C_XX on 07/03/2009 at 21:40

Start at: 11:49:53 | 08/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: DF54J71J
Current User: Daniel Gouard - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 64

+-----------------| Boonty/Boonty Games Elements Found:

Service: Boonty Games
.
HKCR\boontybox
HKLM\Software\Boonty
HKLM\Software\Classes\boontybox
HKLM\System\ControlSet001\Services\Boonty Games
HKLM\System\CurrentControlSet\Services\Boonty Games
HKLM\System\ControlSet003\Services\Boonty Games
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Luxor 2_is1
.
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Found:

.

+-----------------| Infected Poker Softwares Elements Found:

.

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

HKCR\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKU\S-1-5-18\Software\SWEETIE
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\35F8F48CFBC340946AF151B8E2105C1B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\430B9074095998B438236F5FB1ED75CB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\80719E8EA720305459C0EE8389E9CAFB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A8B8696B937B0D04B8796ADECB6EC106
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B084A05F467835D4394CCF76723438C1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E6E39982D5828024DA11899256779137
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F1B496B301445D115AA4000972A8B18B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\10db51.msi
C:\WINDOWS\Installer\10db56.msi
C:\Program Files\Macrogaming

+-----------------| Other Adwares Found:

.
HKLM\Software\Trymedia Systems
.
C:\Program Files\Conduit
C:\Documents and Settings\Daniel Gouard\Cookies\daniel_gouard@atdmt[1].txt

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: vtsuc2pp.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Prefs.js) FOUND: user_pref("weboftrust.search.mahalo.style", "#content-container a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; margin-right: 5px; }");
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_USERS\S-1-5-21-3078723372-213729002-905058401-1006\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~7485 Bytes] - C:\Ad-Report-Scan-08.03.2009.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 11:52:38 | 08/03/2009
.
+-----------------| E.O.F - 118 Lines
.

------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

Updated by C_XX on 07/03/2009 at 21:40

Start at: 11:49:53 | 08/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: DF54J71J
Current User: Daniel Gouard - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 64

+-----------------| Boonty/Boonty Games Elements Found:

Service: Boonty Games
.
HKCR\boontybox
HKLM\Software\Boonty
HKLM\Software\Classes\boontybox
HKLM\System\ControlSet001\Services\Boonty Games
HKLM\System\CurrentControlSet\Services\Boonty Games
HKLM\System\ControlSet003\Services\Boonty Games
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Luxor 2_is1
.
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Found:

.

+-----------------| Infected Poker Softwares Elements Found:

.

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

HKCR\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKU\S-1-5-18\Software\SWEETIE
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\35F8F48CFBC340946AF151B8E2105C1B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\430B9074095998B438236F5FB1ED75CB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\80719E8EA720305459C0EE8389E9CAFB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A8B8696B937B0D04B8796ADECB6EC106
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B084A05F467835D4394CCF76723438C1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E6E39982D5828024DA11899256779137
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F1B496B301445D115AA4000972A8B18B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\10db51.msi
C:\WINDOWS\Installer\10db56.msi
C:\Program Files\Macrogaming

+-----------------| Other Adwares Found:

.
HKLM\Software\Trymedia Systems
.
C:\Program Files\Conduit
C:\Documents and Settings\Daniel Gouard\Cookies\daniel_gouard@atdmt[1].txt

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: vtsuc2pp.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Prefs.js) FOUND: user_pref("weboftrust.search.mahalo.style", "#content-container a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; margin-right: 5px; }");
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_USERS\S-1-5-21-3078723372-213729002-905058401-1006\..\Internet Explorer\Main]

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.orange.fr

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~7485 Bytes] - C:\Ad-Report-Scan-08.03.2009.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 11:52:38 | 08/03/2009
.
+-----------------| E.O.F - 118 Lines
.
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
8 mars 2009 à 12:03
Relance "Ad-remover" : au menu principal choisi l'option "B" .

A l'écran de sélection ( comme montré ici )

http://sd-1.archive-host.com/membres/up/16506160323759868/Capturer-ADR.JPG


choisis le chiffre à gauche de ces lignes en validant par ENTREE à chaque fois :

Suppression Boonty
Suppression Sweetim
Suppression autres Adwares


Puis choisis "S", le programme va travailler,

Poste le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )


Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
0
le bombé Messages postés 678 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 3 mai 2012 645
8 mars 2009 à 12:35
Quel cinema, pour de malheureuses fenêtres de pub!!!!
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
8 mars 2009 à 12:49
oui en effet mais voici le rapport
------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------

Updated by C_XX on 07/03/2009 at 21:40

*** LIMITED TO ***

Boonty/BoontyGames
Sweetim
Other Adwares

******************

Start at: 12:30:19 | 08/03/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: DF54J71J
Current User: Daniel Gouard - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 67

(!) ---- IE start pages/Tabs reset

+-----------------| Boonty/Boonty Games Elements Deleted :

Service: "Boonty Games"
.
HKCR\boontybox
HKLM\Software\Boonty
HKLM\System\ControlSet003\Services\Boonty Games
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Luxor 2_is1
.
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Sweetim Elements Deleted :

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCR\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCR\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKU\S-1-5-18\Software\SWEETIE
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\35F8F48CFBC340946AF151B8E2105C1B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\430B9074095998B438236F5FB1ED75CB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\80719E8EA720305459C0EE8389E9CAFB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A8B8696B937B0D04B8796ADECB6EC106
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B084A05F467835D4394CCF76723438C1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E6E39982D5828024DA11899256779137
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F1B496B301445D115AA4000972A8B18B
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\10db51.msi
C:\WINDOWS\Installer\10db56.msi
C:\Program Files\Macrogaming

+-----------------| Other Adwares Deleted:

.
HKLM\Software\Trymedia Systems
.
C:\Program Files\Conduit
C:\Documents and Settings\Daniel Gouard\Cookies\daniel_gouard@atdmt[1].txt

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+-----------------| Added Scan :

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: vtsuc2pp.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+-[HKEY_USERS\S-1-5-21-3078723372-213729002-905058401-1006\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~7528 Bytes] - C:\Ad-Report-Clean-08.03.2009.log
[~7707 Bytes] - C:\Ad-Report-Scan-08.03.2009.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 12:38:32 | 08/03/2009
.
+-----------------| E.O.F - 117 Lines
.
0
toptitbal Messages postés 25709 Date d'inscription samedi 8 juillet 2006 Statut Contributeur sécurité Dernière intervention 4 mars 2010 2 230
8 mars 2009 à 13:54
Si le bombé veut prendre la suite, je n'y vois aucun inconvénient....
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25
8 mars 2009 à 14:08
j'ai peut-être fait une erreur en répondant mais j'ai pris le 1er message et envoyé le rapport, je n'ai pas vérifié si c'était vous, excusez moi.Je n'ai pas l'habitude
0
mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009 25 > mireille22 Messages postés 51 Date d'inscription samedi 7 mars 2009 Statut Membre Dernière intervention 4 août 2009
8 mars 2009 à 15:48
je voulais vous remercier pour votre aide , cela fait plusieurs heures que je n'ai plus de publicités intempestives.
Encore un grand merci
Mireille
0