J'ai un grop probléme dans mon exploitation!
SHEN et SAB
-
cyril -
cyril -
MOn ORDI n'avance plus du tout, j'ai donc passé le scan adware6;
La configuration de notre pc est WINDOWS 2000NT, nous avons retiré tout ce qu'on pouvait retirer d'aprés ce que nous avons pu identifier sur le rapport adware6, y compris tous nos fichiers perso.
Seulement des logiciels comme Uléad et Réal One Player continuent de s'installer AUTOMATIQUEMENT lors de la mise en route de l'ordi. En dépit de cette supression massive( plus de 350 fichiers).Il en reste et ils sont dans les fichiers Windows. Donc on sait pas quoi faire tout les deux.
On voudrait reconfigurer notre disque dur mais nous ne connaissons pas la marche à suivre. Pouvez vous, s'il vous plait nous aiguiller?
Nous tranmettons plus bas le rapport délivré par Ad ware et vous sommes gré de votre aide précieuse. Sab et Shen.
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :samedi 1 mai 2004 23:51:00
Created with Ad-aware Personal, free for private use.
Using reference-file :01R300 28.04.2004
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
01-05-2004 23:51:00 - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 01-05-2004 20:56:56
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:03
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:05
BasePriority : Normal
FileSize : 87 KB
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contr
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Syst
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:05
Last modified : 19/06/2003 19:05:04
#:4 [lsass.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:05
BasePriority : Normal
FileSize : 38 KB
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Ex
InternalName : lsasrv.dll and lsass.exe
OriginalFilename : lsasrv.dll and lsass.exe
ProductName : Syst
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:05
Last modified : 24/03/2004 01:37:02
#:5 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:10
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:18
Last modified : 16/12/1999
#:6 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:10
BasePriority : Normal
FileSize : 44 KB
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
OriginalFilename : spoolss.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 07/01/2004 13:26:34
Last accessed : 01/05/2004 20:57:10
Last modified : 19/06/2003 19:05:04
#:7 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 01-05-2004 20:57:10
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:18
Last modified : 16/12/1999
#:8 [regsvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:11
BasePriority : Normal
FileSize : 66 KB
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
OriginalFilename : REGSVC.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 25/03/2004 17:01:39
Last accessed : 01/05/2004 20:57:11
Last modified : 19/06/2003 19:05:04
#:9 [mstask.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:11
BasePriority : Normal
FileSize : 118 KB
FileVersion : 4.71.2195.6704
ProductVersion : 4.71.2195.6704
Copyright : Copyright (C) Microsoft Corp. 1997
CompanyName : Microsoft Corporation
FileDescription : Moteur du Planificateur de t
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Planificateur de t
Created on : 25/03/2004 16:52:58
Last accessed : 01/05/2004 20:57:11
Last modified : 19/06/2003 19:05:04
#:10 [stisvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:12
BasePriority : Normal
FileSize : 60 KB
FileVersion : 5.00.2195.6656
ProductVersion : 5.00.2195.6656
Copyright : Copyright (C) Microsoft Corp. 1996-1997
CompanyName : Microsoft Corporation
FileDescription : Moniteur de p
InternalName : STIMON
OriginalFilename : STIMON.EXE
ProductName : Syst
Created on : 25/03/2004 17:05:40
Last accessed : 01/05/2004 20:57:12
Last modified : 19/06/2003 19:05:04
#:11 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ThreadCreationTime : 01-05-2004 20:57:13
BasePriority : Normal
FileSize : 192 KB
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
Copyright : Copyright (C) Microsoft Corp. 1995-1999
CompanyName : Microsoft Corporation
FileDescription : Infrastructure de gestion Windows
InternalName : WINMGMT
ProductName : Infrastructure de gestion Windows
Created on : 25/03/2004 17:11:04
Last accessed : 01/05/2004 20:57:28
Last modified : 19/06/2003 19:05:04
#:12 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:18
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:18
Last modified : 16/12/1999
#:13 [explorer.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 01-05-2004 20:57:23
BasePriority : Normal
FileSize : 238 KB
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Syst
Created on : 25/03/2004 16:34:59
Last accessed : 01/05/2004 20:57:33
Last modified : 19/06/2003 19:05:04
#:14 [sysupd.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 01-05-2004 20:57:32
BasePriority : Normal
FileSize : 129 KB
Created on : 20/04/2004 22:54:37
Last accessed : 01/05/2004 21:08:00
Last modified : 28/04/2004 17:34:26
#:15 [internat.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:33
BasePriority : Normal
FileSize : 20 KB
FileVersion : 5.00.2920.0000
ProductVersion : 5.00.2920.0000
Copyright : Copyright (C) Microsoft Corp. 1994-1999
CompanyName : Microsoft Corporation
FileDescription : Application d'indication de langue du clavier
InternalName : INTERNAT
OriginalFilename : INTERNAT.EXE
ProductName : Syst
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:33
Last modified : 16/12/1999
#:16 [rundll32.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:33
BasePriority : Normal
FileSize : 9 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Ex
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Syst
Created on : 16/12/1999
Last accessed : 01/05/2004 21:04:48
Last modified : 16/12/1999
#:17 [dslmon.exe]
FilePath : C:\Program Files\SAGEM\SAGEM F@st 800-840\
ThreadCreationTime : 01-05-2004 20:57:35
BasePriority : Normal
FileSize : 940 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2000
FileDescription : ADIMON MFC Application
InternalName : DSLMON
OriginalFilename : ADIMON.EXE
ProductName : DSLMON Application
Created on : 09/03/2004 16:36:56
Last accessed : 01/05/2004 20:57:35
Last modified : 01/07/2003 13:10:36
#:18 [lanceur.exe]
FilePath : C:\Program Files\Club-Internet\Lanceur\
ThreadCreationTime : 01-05-2004 21:16:05
BasePriority : Normal
FileSize : 2652 KB
FileVersion : 5, 0, 1, 1
ProductVersion : 5, 0, 1, 1
Copyright : Copyright (C) T-Online France 2002 - 2003
CompanyName : T-ONLINE France
FileDescription : Lanceur V5.0.1.1
InternalName : Lanceur V5.0.1.0
OriginalFilename : lanceur.exe
ProductName : Lanceur V5.0.1.1
Created on : 09/03/2004 16:45:54
Last accessed : 01/05/2004 21:16:05
Last modified : 09/10/2003 10:23:06
#:19 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 01-05-2004 21:20:59
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Syst
Created on : 30/08/2002 17:24:06
Last accessed : 01/05/2004 21:20:59
Last modified : 30/08/2002 17:24:06
#:20 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 01-05-2004 21:50:52
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 01/05/2004 00:35:03
Last accessed : 01/05/2004 21:13:02
Last modified : 12/07/2003 19:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions\msbb
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\180solutions
GMSoft Dialer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\GMsoft\Dialers
IBIS Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{26E8361F-BCE7-4F75-A347-98C88B418321}
IBIS Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HAUTO_UNINSTALL
IBIS Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Typelib\{26E8361F-BCE7-4F75-A347-98C88B418328}
SafeSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : safesearch.safesearchbho
SafeSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : safesearch.safesearchbho.1
SafeSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{c2faa6e5-2c71-4567-bd0d-64e3c670fdcf}
StopPop Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{000020DD-C72E-4113-AF77-DD56626C6C42}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\twaintec
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TwaintecDll.TwaintecDllObj.1
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{690BCCB4-6B83-4203-AE77-038C116594EC}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : vx2.vx2obj
WebHancer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{C89435B0-CDFE-11D3-976A-00E02913A9E0}
WebHancer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\webHancer
WebHancer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Bridge.brdg
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Bridge.brdg.1
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{DDAF2479-6F00-4599-998A-3ED75686C6D0}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao.1
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}
BroadCastPC Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\RUN
Value : RVP
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 28
Objects found so far: 28
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINNT/Downloaded Program Files/bridge.dll
WinFavorites Object recognized!
Type : File
Data : bridge.dll
Object : c:\winnt\downloaded program files\
FileSize : 56 KB
FileVersion : 1, 0, 0, 117
ProductVersion : 1, 0, 0, 117
Copyright : Copyright 2003
FileDescription : bridge Module
InternalName : bridge
OriginalFilename : bridge.DLL
ProductName : bridge Module
Created on : 19/03/2004 09:46:30
Last accessed : 01/05/2004 21:14:05
Last modified : 19/03/2004 09:46:30
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINNT/Downloaded Program Files/CONFLICT.1/jao.dll
WinFavorites Object recognized!
Type : File
Data : jao.dll
Object : c:\winnt\downloaded program files\conflict.1\
FileSize : 36 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2004
FileDescription : jao Module
InternalName : jao
OriginalFilename : jao.DLL
ProductName : jao Module
Created on : 17/03/2004 09:45:54
Last accessed : 01/05/2004 21:08:31
Last modified : 17/03/2004 09:45:54
Possible browser hijack attempt : {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (http://www2.flingstone.com/cab/2000xp/cdtinc/bridge.cab)
Possible Browser Hijack attempt Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
180Solutions Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : msbb
180Solutions Object recognized!
Type : File
Data : msbb.exe
Object : c:\program files\n-case\
WinFavorites Object recognized!
Type : RegValue
Data : c:\winnt\downloaded program files\conflict.1\jao.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINNT\Downloaded Program Files\CONFLICT.1\jao.dll
WinFavorites Object recognized!
Type : RegValue
Data : c:\winnt\downloaded program files\bridge.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINNT\Downloaded Program Files\bridge.dll
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000020DD-C72E-4113-AF77-DD56626C6C42}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 8
Objects found so far: 39
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
GMSoft Dialer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\GMSoft
GMSoft Dialer Object recognized!
Type : File
Data : wk_2.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 10:40:56
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 10:40:56
GMSoft Dialer Object recognized!
Type : File
Data : wk_3.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 10:41:22
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 10:41:22
GMSoft Dialer Object recognized!
Type : File
Data : wk_4.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 12:45:51
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 12:45:51
GMSoft Dialer Object recognized!
Type : File
Data : wk_5.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 12:46:24
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 12:46:24
GMSoft Dialer Object recognized!
Type : File
Data : wk_6.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 17:20:44
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 17:20:44
GMSoft Dialer Object recognized!
Type : File
Data : wk_7.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 17:21:06
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 17:21:06
GMSoft Dialer Object recognized!
Type : File
Data : wk_8.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 23:28:56
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 23:28:56
GMSoft Dialer Object recognized!
Type : File
Data : wk_85.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 14:01:03
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 14:01:03
GMSoft Dialer Object recognized!
Type : File
Data : wk_86.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 16:23:02
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 16:23:02
GMSoft Dialer Object recognized!
Type : File
Data : wk_87.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 16:23:20
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 16:23:20
GMSoft Dialer Object recognized!
Type : File
Data : wk_88.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 12:40:49
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 12:40:49
GMSoft Dialer Object recognized!
Type : File
Data : wk_89.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 12:40:59
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 12:40:59
GMSoft Dialer Object recognized!
Type : File
Data : wk_8a.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 14:01:48
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 14:01:48
GMSoft Dialer Object recognized!
Type : File
Data : wk_8b.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 16:39:50
Last accessed : 01/05/2004 21:52:12
Last modified : 01/05/2004 16:39:50
GMSoft Dialer Object recognized!
Type : File
Data : wk_8c.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 16:40:00
Last accessed : 01/05/2004 21:52:12
Last modified : 01/05/2004 16:40:00
GMSoft Dialer Object recognized!
Type : File
Data : wk_9.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 23:29:39
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 23:29:39
GMSoft Dialer Object recognized!
Type : File
Data : wk_a.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 16:32:29
Last accessed : 01/05/2004 21:52:12
Last modified : 01/05/2004 16:32:29
GMSoft Dialer Object recognized!
Type : File
Data : wk_b.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 18:23:09
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 18:23:09
GMSoft Dialer Object recognized!
Type : File
Data : wk_c.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 16:32:36
Last accessed : 01/05/2004 21:52:12
Last modified : 01/05/2004 16:32:36
GMSoft Dialer Object recognized!
Type : File
Data : wk_c6.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 29/04/2004 16:10:39
Last accessed : 01/05/2004 21:09:04
Last modified : 29/04/2004 16:10:39
GMSoft Dialer Object recognized!
Type : File
Data : wk_c7.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 29/04/2004 16:11:10
Last accessed : 01/05/2004 21:09:04
Last modified : 29/04/2004 16:11:10
IBIS Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\STO
SafeSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00000000-0000-0000-0000-000000000001}
VX2.BetterInternet Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : ALCHEM
VX2.BetterInternet Object recognized!
Type : File
Data : dummy.htm
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 28/04/2004 17:05:18
Last accessed : 01/05/2004 21:09:04
Last modified : 28/04/2004 17:05:18
VX2.BetterInternet Object recognized!
Type : File
Data : twaintec.ini
Object : c:\docume~1\ibm\locals~1\temp\
FileSize : 224 KB
Created on : 28/04/2004 17:16:59
Last accessed : 01/05/2004 21:09:04
Last modified : 12/12/2003 06:45:14
VX2.BetterInternet Object recognized!
Type : File
Data : twtini.cab
Object : c:\docume~1\ibm\locals~1\temp\
FileSize : 85 KB
Created on : 28/04/2004 17:16:56
Last accessed : 01/05/2004 21:09:04
Last modified : 28/04/2004 21:07:41
VX2.BetterInternet Object recognized!
Type : File
Data : twtini.inf
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 28/04/2004 17:16:59
Last accessed : 01/05/2004 21:09:04
Last modified : 12/12/2003 06:51:04
VX2.BetterInternet Object recognized!
Type : File
Data : twtini.inf
Object : c:\winnt\inf\
Created on : 28/04/2004 17:16:59
Last accessed : 01/05/2004 21:09:04
Last modified : 12/12/2003 06:51:04
VX2.BetterInternet Object recognized!
Type : File
Data : twaintec.dll
Object : c:\winnt\
FileSize : 136 KB
FileVersion : 0, 1, 4, 19
ProductVersion : 0, 1, 4, 19
Copyright : Copyright
CompanyName : Twain Tech
FileDescription : www.twain-tech.com
InternalName : Twaintec
OriginalFilename : Twaintec.dll
ProductName : Twaintec
Created on : 28/04/2004 17:07:19
Last accessed : 01/05/2004 21:08:20
Last modified : 11/02/2004 15:30:52
VX2.BetterInternet Object recognized!
Type : File
Data : twaintec.ini
Object : c:\winnt\
FileSize : 251 KB
Created on : 28/04/2004 17:16:59
Last accessed : 01/05/2004 21:52:12
Last modified : 30/04/2004 00:11:57
WebHancer Object recognized!
Type : File
Data : whagent.inf
Object : c:\winnt\
FileSize : 4 KB
Created on : 29/01/2004 07:32:16
Last accessed : 01/05/2004 21:09:16
Last modified : 29/01/2004 07:32:16
WebHancer Object recognized!
Type : File
Data : whinstaller.exe
Object : c:\winnt\
FileSize : 32 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Installer
InternalName : whInstaller
OriginalFilename : whInstaller.exe
ProductName : webHancer Customer Companion
Created on : 29/01/2004 07:30:26
Last accessed : 01/05/2004 21:09:16
Last modified : 29/01/2004 07:30:26
WebHancer Object recognized!
Type : File
Data : whinstaller.ini
Object : c:\winnt\
Created on : 28/04/2004 19:46:31
Last accessed : 01/05/2004 21:09:16
Last modified : 29/04/2004 08:53:43
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4FDBDBAD-FEFE-4C4C-9CC1-1181052AFB12}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{B88A3AF1-4F1B-4400-8FFB-3FCB108CE115}
BroadCastPC Object recognized!
Type : Folder
Object : c:\docume~1\ibm\locals~1\temp\9.exe
BroadCastPC Object recognized!
Type : File
Data : 9.exe
Object : c:\docume~1\ibm\locals~1\temp\9.exe\
FileSize : 70 KB
Created on : 28/04/2004 17:22:16
Last accessed : 01/05/2004 21:09:16
Last modified : 28/04/2004 17:22:21
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 40
Objects found so far: 79
23:52:23 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:01:22:329
Objects scanned :41385
Objects identified :79
Objects ignored :0
New objects :79
La configuration de notre pc est WINDOWS 2000NT, nous avons retiré tout ce qu'on pouvait retirer d'aprés ce que nous avons pu identifier sur le rapport adware6, y compris tous nos fichiers perso.
Seulement des logiciels comme Uléad et Réal One Player continuent de s'installer AUTOMATIQUEMENT lors de la mise en route de l'ordi. En dépit de cette supression massive( plus de 350 fichiers).Il en reste et ils sont dans les fichiers Windows. Donc on sait pas quoi faire tout les deux.
On voudrait reconfigurer notre disque dur mais nous ne connaissons pas la marche à suivre. Pouvez vous, s'il vous plait nous aiguiller?
Nous tranmettons plus bas le rapport délivré par Ad ware et vous sommes gré de votre aide précieuse. Sab et Shen.
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :samedi 1 mai 2004 23:51:00
Created with Ad-aware Personal, free for private use.
Using reference-file :01R300 28.04.2004
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
01-05-2004 23:51:00 - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 01-05-2004 20:56:56
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:03
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:05
BasePriority : Normal
FileSize : 87 KB
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contr
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Syst
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:05
Last modified : 19/06/2003 19:05:04
#:4 [lsass.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:05
BasePriority : Normal
FileSize : 38 KB
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Ex
InternalName : lsasrv.dll and lsass.exe
OriginalFilename : lsasrv.dll and lsass.exe
ProductName : Syst
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:05
Last modified : 24/03/2004 01:37:02
#:5 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:10
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:18
Last modified : 16/12/1999
#:6 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:10
BasePriority : Normal
FileSize : 44 KB
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
OriginalFilename : spoolss.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 07/01/2004 13:26:34
Last accessed : 01/05/2004 20:57:10
Last modified : 19/06/2003 19:05:04
#:7 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 01-05-2004 20:57:10
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:18
Last modified : 16/12/1999
#:8 [regsvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:11
BasePriority : Normal
FileSize : 66 KB
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
OriginalFilename : REGSVC.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 25/03/2004 17:01:39
Last accessed : 01/05/2004 20:57:11
Last modified : 19/06/2003 19:05:04
#:9 [mstask.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:11
BasePriority : Normal
FileSize : 118 KB
FileVersion : 4.71.2195.6704
ProductVersion : 4.71.2195.6704
Copyright : Copyright (C) Microsoft Corp. 1997
CompanyName : Microsoft Corporation
FileDescription : Moteur du Planificateur de t
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Planificateur de t
Created on : 25/03/2004 16:52:58
Last accessed : 01/05/2004 20:57:11
Last modified : 19/06/2003 19:05:04
#:10 [stisvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:12
BasePriority : Normal
FileSize : 60 KB
FileVersion : 5.00.2195.6656
ProductVersion : 5.00.2195.6656
Copyright : Copyright (C) Microsoft Corp. 1996-1997
CompanyName : Microsoft Corporation
FileDescription : Moniteur de p
InternalName : STIMON
OriginalFilename : STIMON.EXE
ProductName : Syst
Created on : 25/03/2004 17:05:40
Last accessed : 01/05/2004 20:57:12
Last modified : 19/06/2003 19:05:04
#:11 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ThreadCreationTime : 01-05-2004 20:57:13
BasePriority : Normal
FileSize : 192 KB
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
Copyright : Copyright (C) Microsoft Corp. 1995-1999
CompanyName : Microsoft Corporation
FileDescription : Infrastructure de gestion Windows
InternalName : WINMGMT
ProductName : Infrastructure de gestion Windows
Created on : 25/03/2004 17:11:04
Last accessed : 01/05/2004 20:57:28
Last modified : 19/06/2003 19:05:04
#:12 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:18
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:18
Last modified : 16/12/1999
#:13 [explorer.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 01-05-2004 20:57:23
BasePriority : Normal
FileSize : 238 KB
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Syst
Created on : 25/03/2004 16:34:59
Last accessed : 01/05/2004 20:57:33
Last modified : 19/06/2003 19:05:04
#:14 [sysupd.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 01-05-2004 20:57:32
BasePriority : Normal
FileSize : 129 KB
Created on : 20/04/2004 22:54:37
Last accessed : 01/05/2004 21:08:00
Last modified : 28/04/2004 17:34:26
#:15 [internat.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:33
BasePriority : Normal
FileSize : 20 KB
FileVersion : 5.00.2920.0000
ProductVersion : 5.00.2920.0000
Copyright : Copyright (C) Microsoft Corp. 1994-1999
CompanyName : Microsoft Corporation
FileDescription : Application d'indication de langue du clavier
InternalName : INTERNAT
OriginalFilename : INTERNAT.EXE
ProductName : Syst
Created on : 16/12/1999
Last accessed : 01/05/2004 20:57:33
Last modified : 16/12/1999
#:16 [rundll32.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 01-05-2004 20:57:33
BasePriority : Normal
FileSize : 9 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Ex
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Syst
Created on : 16/12/1999
Last accessed : 01/05/2004 21:04:48
Last modified : 16/12/1999
#:17 [dslmon.exe]
FilePath : C:\Program Files\SAGEM\SAGEM F@st 800-840\
ThreadCreationTime : 01-05-2004 20:57:35
BasePriority : Normal
FileSize : 940 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2000
FileDescription : ADIMON MFC Application
InternalName : DSLMON
OriginalFilename : ADIMON.EXE
ProductName : DSLMON Application
Created on : 09/03/2004 16:36:56
Last accessed : 01/05/2004 20:57:35
Last modified : 01/07/2003 13:10:36
#:18 [lanceur.exe]
FilePath : C:\Program Files\Club-Internet\Lanceur\
ThreadCreationTime : 01-05-2004 21:16:05
BasePriority : Normal
FileSize : 2652 KB
FileVersion : 5, 0, 1, 1
ProductVersion : 5, 0, 1, 1
Copyright : Copyright (C) T-Online France 2002 - 2003
CompanyName : T-ONLINE France
FileDescription : Lanceur V5.0.1.1
InternalName : Lanceur V5.0.1.0
OriginalFilename : lanceur.exe
ProductName : Lanceur V5.0.1.1
Created on : 09/03/2004 16:45:54
Last accessed : 01/05/2004 21:16:05
Last modified : 09/10/2003 10:23:06
#:19 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 01-05-2004 21:20:59
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Syst
Created on : 30/08/2002 17:24:06
Last accessed : 01/05/2004 21:20:59
Last modified : 30/08/2002 17:24:06
#:20 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 01-05-2004 21:50:52
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 01/05/2004 00:35:03
Last accessed : 01/05/2004 21:13:02
Last modified : 12/07/2003 19:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions\msbb
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\180solutions
GMSoft Dialer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\GMsoft\Dialers
IBIS Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{26E8361F-BCE7-4F75-A347-98C88B418321}
IBIS Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HAUTO_UNINSTALL
IBIS Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Typelib\{26E8361F-BCE7-4F75-A347-98C88B418328}
SafeSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : safesearch.safesearchbho
SafeSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : safesearch.safesearchbho.1
SafeSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{c2faa6e5-2c71-4567-bd0d-64e3c670fdcf}
StopPop Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{000020DD-C72E-4113-AF77-DD56626C6C42}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\twaintec
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TwaintecDll.TwaintecDllObj.1
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{690BCCB4-6B83-4203-AE77-038C116594EC}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : vx2.vx2obj
WebHancer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{C89435B0-CDFE-11D3-976A-00E02913A9E0}
WebHancer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\webHancer
WebHancer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Bridge.brdg
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Bridge.brdg.1
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{DDAF2479-6F00-4599-998A-3ED75686C6D0}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao.1
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}
BroadCastPC Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\RUN
Value : RVP
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 28
Objects found so far: 28
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINNT/Downloaded Program Files/bridge.dll
WinFavorites Object recognized!
Type : File
Data : bridge.dll
Object : c:\winnt\downloaded program files\
FileSize : 56 KB
FileVersion : 1, 0, 0, 117
ProductVersion : 1, 0, 0, 117
Copyright : Copyright 2003
FileDescription : bridge Module
InternalName : bridge
OriginalFilename : bridge.DLL
ProductName : bridge Module
Created on : 19/03/2004 09:46:30
Last accessed : 01/05/2004 21:14:05
Last modified : 19/03/2004 09:46:30
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINNT/Downloaded Program Files/CONFLICT.1/jao.dll
WinFavorites Object recognized!
Type : File
Data : jao.dll
Object : c:\winnt\downloaded program files\conflict.1\
FileSize : 36 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2004
FileDescription : jao Module
InternalName : jao
OriginalFilename : jao.DLL
ProductName : jao Module
Created on : 17/03/2004 09:45:54
Last accessed : 01/05/2004 21:08:31
Last modified : 17/03/2004 09:45:54
Possible browser hijack attempt : {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (http://www2.flingstone.com/cab/2000xp/cdtinc/bridge.cab)
Possible Browser Hijack attempt Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
180Solutions Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : msbb
180Solutions Object recognized!
Type : File
Data : msbb.exe
Object : c:\program files\n-case\
WinFavorites Object recognized!
Type : RegValue
Data : c:\winnt\downloaded program files\conflict.1\jao.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINNT\Downloaded Program Files\CONFLICT.1\jao.dll
WinFavorites Object recognized!
Type : RegValue
Data : c:\winnt\downloaded program files\bridge.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINNT\Downloaded Program Files\bridge.dll
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000020DD-C72E-4113-AF77-DD56626C6C42}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 8
Objects found so far: 39
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
GMSoft Dialer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\GMSoft
GMSoft Dialer Object recognized!
Type : File
Data : wk_2.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 10:40:56
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 10:40:56
GMSoft Dialer Object recognized!
Type : File
Data : wk_3.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 10:41:22
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 10:41:22
GMSoft Dialer Object recognized!
Type : File
Data : wk_4.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 12:45:51
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 12:45:51
GMSoft Dialer Object recognized!
Type : File
Data : wk_5.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 12:46:24
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 12:46:24
GMSoft Dialer Object recognized!
Type : File
Data : wk_6.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 17:20:44
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 17:20:44
GMSoft Dialer Object recognized!
Type : File
Data : wk_7.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 17:21:06
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 17:21:06
GMSoft Dialer Object recognized!
Type : File
Data : wk_8.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 23:28:56
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 23:28:56
GMSoft Dialer Object recognized!
Type : File
Data : wk_85.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 14:01:03
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 14:01:03
GMSoft Dialer Object recognized!
Type : File
Data : wk_86.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 16:23:02
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 16:23:02
GMSoft Dialer Object recognized!
Type : File
Data : wk_87.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 16:23:20
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 16:23:20
GMSoft Dialer Object recognized!
Type : File
Data : wk_88.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 12:40:49
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 12:40:49
GMSoft Dialer Object recognized!
Type : File
Data : wk_89.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 12:40:59
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 12:40:59
GMSoft Dialer Object recognized!
Type : File
Data : wk_8a.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 14:01:48
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 14:01:48
GMSoft Dialer Object recognized!
Type : File
Data : wk_8b.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 16:39:50
Last accessed : 01/05/2004 21:52:12
Last modified : 01/05/2004 16:39:50
GMSoft Dialer Object recognized!
Type : File
Data : wk_8c.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 16:40:00
Last accessed : 01/05/2004 21:52:12
Last modified : 01/05/2004 16:40:00
GMSoft Dialer Object recognized!
Type : File
Data : wk_9.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 30/04/2004 23:29:39
Last accessed : 01/05/2004 21:09:04
Last modified : 30/04/2004 23:29:39
GMSoft Dialer Object recognized!
Type : File
Data : wk_a.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 16:32:29
Last accessed : 01/05/2004 21:52:12
Last modified : 01/05/2004 16:32:29
GMSoft Dialer Object recognized!
Type : File
Data : wk_b.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 18:23:09
Last accessed : 01/05/2004 21:09:04
Last modified : 01/05/2004 18:23:09
GMSoft Dialer Object recognized!
Type : File
Data : wk_c.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 01/05/2004 16:32:36
Last accessed : 01/05/2004 21:52:12
Last modified : 01/05/2004 16:32:36
GMSoft Dialer Object recognized!
Type : File
Data : wk_c6.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 29/04/2004 16:10:39
Last accessed : 01/05/2004 21:09:04
Last modified : 29/04/2004 16:10:39
GMSoft Dialer Object recognized!
Type : File
Data : wk_c7.tmp
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 29/04/2004 16:11:10
Last accessed : 01/05/2004 21:09:04
Last modified : 29/04/2004 16:11:10
IBIS Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\STO
SafeSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00000000-0000-0000-0000-000000000001}
VX2.BetterInternet Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : ALCHEM
VX2.BetterInternet Object recognized!
Type : File
Data : dummy.htm
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 28/04/2004 17:05:18
Last accessed : 01/05/2004 21:09:04
Last modified : 28/04/2004 17:05:18
VX2.BetterInternet Object recognized!
Type : File
Data : twaintec.ini
Object : c:\docume~1\ibm\locals~1\temp\
FileSize : 224 KB
Created on : 28/04/2004 17:16:59
Last accessed : 01/05/2004 21:09:04
Last modified : 12/12/2003 06:45:14
VX2.BetterInternet Object recognized!
Type : File
Data : twtini.cab
Object : c:\docume~1\ibm\locals~1\temp\
FileSize : 85 KB
Created on : 28/04/2004 17:16:56
Last accessed : 01/05/2004 21:09:04
Last modified : 28/04/2004 21:07:41
VX2.BetterInternet Object recognized!
Type : File
Data : twtini.inf
Object : c:\docume~1\ibm\locals~1\temp\
Created on : 28/04/2004 17:16:59
Last accessed : 01/05/2004 21:09:04
Last modified : 12/12/2003 06:51:04
VX2.BetterInternet Object recognized!
Type : File
Data : twtini.inf
Object : c:\winnt\inf\
Created on : 28/04/2004 17:16:59
Last accessed : 01/05/2004 21:09:04
Last modified : 12/12/2003 06:51:04
VX2.BetterInternet Object recognized!
Type : File
Data : twaintec.dll
Object : c:\winnt\
FileSize : 136 KB
FileVersion : 0, 1, 4, 19
ProductVersion : 0, 1, 4, 19
Copyright : Copyright
CompanyName : Twain Tech
FileDescription : www.twain-tech.com
InternalName : Twaintec
OriginalFilename : Twaintec.dll
ProductName : Twaintec
Created on : 28/04/2004 17:07:19
Last accessed : 01/05/2004 21:08:20
Last modified : 11/02/2004 15:30:52
VX2.BetterInternet Object recognized!
Type : File
Data : twaintec.ini
Object : c:\winnt\
FileSize : 251 KB
Created on : 28/04/2004 17:16:59
Last accessed : 01/05/2004 21:52:12
Last modified : 30/04/2004 00:11:57
WebHancer Object recognized!
Type : File
Data : whagent.inf
Object : c:\winnt\
FileSize : 4 KB
Created on : 29/01/2004 07:32:16
Last accessed : 01/05/2004 21:09:16
Last modified : 29/01/2004 07:32:16
WebHancer Object recognized!
Type : File
Data : whinstaller.exe
Object : c:\winnt\
FileSize : 32 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Installer
InternalName : whInstaller
OriginalFilename : whInstaller.exe
ProductName : webHancer Customer Companion
Created on : 29/01/2004 07:30:26
Last accessed : 01/05/2004 21:09:16
Last modified : 29/01/2004 07:30:26
WebHancer Object recognized!
Type : File
Data : whinstaller.ini
Object : c:\winnt\
Created on : 28/04/2004 19:46:31
Last accessed : 01/05/2004 21:09:16
Last modified : 29/04/2004 08:53:43
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4FDBDBAD-FEFE-4C4C-9CC1-1181052AFB12}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{B88A3AF1-4F1B-4400-8FFB-3FCB108CE115}
BroadCastPC Object recognized!
Type : Folder
Object : c:\docume~1\ibm\locals~1\temp\9.exe
BroadCastPC Object recognized!
Type : File
Data : 9.exe
Object : c:\docume~1\ibm\locals~1\temp\9.exe\
FileSize : 70 KB
Created on : 28/04/2004 17:22:16
Last accessed : 01/05/2004 21:09:16
Last modified : 28/04/2004 17:22:21
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 40
Objects found so far: 79
23:52:23 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:01:22:329
Objects scanned :41385
Objects identified :79
Objects ignored :0
New objects :79
A voir également:
- J'ai un grop probléme dans mon exploitation!
- Comment connaitre son système d'exploitation - Guide
- Build du système d'exploitation - Guide
- Système d'exploitation freedos - Forum Windows 10
- Le fournisseur de temps vmictimeprovider a indiqué que le matériel et l'environnement d'exploitation actuels ne sont pas pris en charge et ont été arrêtés. ce comportement est attendu de vmictimeprovider dans des environnements invités non hyperv. il peut également être attendu du fournisseur actuel dans l'environnement d'exploitation utilisé. - Forum Windows 10
- C'est quoi Freedos ? - Forum Windows
2 réponses
Salut,
Pour réinstallation ici :
http://poloastucien.free.fr/
tout de suite après prière d'appliquer ceci sous peine de nouveaux problèmes :
http://assiste.free.fr/p/frameset/06_37.php
Jo
Pour réinstallation ici :
http://poloastucien.free.fr/
tout de suite après prière d'appliquer ceci sous peine de nouveaux problèmes :
http://assiste.free.fr/p/frameset/06_37.php
Jo
bonjour,je vous fais part de mon probleme ,je sais que jai 2 virus ,je sais pas comment m'en defaire ,mais le gros probleme ,je suis tjrs deconnecter ou l'ordi gele ,tout arrete et ca repart tres vite.Jai windows xp .J'espere que vs comprenez mon probleme.Un gros merci a l'avance .Au plaisir merci bcp
