Rapport à analyser gros bugs depuis hier
senjaman
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
est-ce qu'une âme généreuse pourrait regarder ça svp, merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:47, on 30/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\BOINC\boinc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://google.neo.cx/search.php?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://barredoutilsrfx.ourtoolbar.com/exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.neo.cx/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.neo.cx/volet.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\QQ\Africa2003\AddEmotion.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://oiseaudeparadis1984.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E960ACC-BF9B-4D7D-A969-E594CC40FC74}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED880319-2C83-49C3-8B13-5702F402CDD2}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
est-ce qu'une âme généreuse pourrait regarder ça svp, merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:47, on 30/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\BOINC\boinc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://google.neo.cx/search.php?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://barredoutilsrfx.ourtoolbar.com/exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.neo.cx/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.neo.cx/volet.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\QQ\Africa2003\AddEmotion.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://oiseaudeparadis1984.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E960ACC-BF9B-4D7D-A969-E594CC40FC74}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED880319-2C83-49C3-8B13-5702F402CDD2}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
A voir également:
- Rapport à analyser gros bugs depuis hier
- Plan rapport de stage - Guide
- Analyser disque dur externe - Guide
- Analyser clé usb - Guide
- Image analyser - Télécharger - Photo & Graphisme
- Analyser performance pc - Guide
7 réponses
slt tu as quel antvirus
car on voit avast, norton et bidefender
il n'en faut qu'un!
pour virer avast:
https://www.avast.com/fr-fr/uninstall-utility
pour virer bitdefender:
http://www.bitdefender.fr/KB333-fr--Desinstaller-BitDefender.html
pour virer norton
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
ensuite tu as boonty game à virer:
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
/!\ Déconnectes toi et fermes toutes applications en cours
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
car on voit avast, norton et bidefender
il n'en faut qu'un!
pour virer avast:
https://www.avast.com/fr-fr/uninstall-utility
pour virer bitdefender:
http://www.bitdefender.fr/KB333-fr--Desinstaller-BitDefender.html
pour virer norton
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
ensuite tu as boonty game à virer:
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
/!\ Déconnectes toi et fermes toutes applications en cours
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
F --------- Logfile of AD-Remover 1.0.5.5 by C_XX ---------
# OPTION: Scan
START at: 13:14:29 | 30/11/2008
ON: Microsoft Windows [version 6.0.6001] ( Windows Vista )
Internet Explorer: [7.0.6001.18000]
EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
USER: Congo David ( Current user is an administrator )
PC: CONGOPC
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ D:\ E:\ F:\ G:\ J:\
-
Systemdrive: C:\ (NTFS)
--------- [ RUNNING PROCESSES ] ---------
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
---------------------------- [~> 50]
+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND ..
+---------------------------------------------------------------------------+
Found ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND ..
+---------------------------------------------------------------------------+
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\ImageOle.GifAnimator"
"HKEY_CLASSES_ROOT\ImageOle.GifAnimator.1"
"HKEY_CLASSES_ROOT\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}"
"HKEY_CLASSES_ROOT\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND ..
+---------------------------------------------------------------------------+
[03/05/2008 17:52|d--------] C:\Program Files\BoontyGames
[03/05/2008 17:36|d--------] C:\Program Files\Common Files\BOONTY Shared
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY
[03/05/2008 17:52|d--------] C:\ProgramData\Microsoft\Windows\STARTM~1\Programs\BoontyGames
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\xowo03p5.default\prefs.js :
~~~~ Mozilla FireFox version 3.0.4 ~~~~
Start Page : "https://www.google.fr/?gws_rd=ssl"
+----------+
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\...\Run]
ISUSPM REG_SZ "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
(par d‚faut) REG_SZ
ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
+--[HKEY_LOCAL_MACHINE\...\Run]
JMB36X IDE Setup REG_SZ C:\Windows\RaidTool\xInsIDE.exe
SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
IAAnotif REG_SZ "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
NvSvc REG_SZ RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
COMODO Firewall Pro REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h
COMODO Internet Security REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://www.google.fr/
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://www.msn.com/
# OPTION: Scan
START at: 13:14:29 | 30/11/2008
ON: Microsoft Windows [version 6.0.6001] ( Windows Vista )
Internet Explorer: [7.0.6001.18000]
EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
USER: Congo David ( Current user is an administrator )
PC: CONGOPC
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ D:\ E:\ F:\ G:\ J:\
-
Systemdrive: C:\ (NTFS)
--------- [ RUNNING PROCESSES ] ---------
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
---------------------------- [~> 50]
+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND ..
+---------------------------------------------------------------------------+
Found ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND ..
+---------------------------------------------------------------------------+
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\ImageOle.GifAnimator"
"HKEY_CLASSES_ROOT\ImageOle.GifAnimator.1"
"HKEY_CLASSES_ROOT\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}"
"HKEY_CLASSES_ROOT\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND ..
+---------------------------------------------------------------------------+
[03/05/2008 17:52|d--------] C:\Program Files\BoontyGames
[03/05/2008 17:36|d--------] C:\Program Files\Common Files\BOONTY Shared
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY
[03/05/2008 17:52|d--------] C:\ProgramData\Microsoft\Windows\STARTM~1\Programs\BoontyGames
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\xowo03p5.default\prefs.js :
~~~~ Mozilla FireFox version 3.0.4 ~~~~
Start Page : "https://www.google.fr/?gws_rd=ssl"
+----------+
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\...\Run]
ISUSPM REG_SZ "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
(par d‚faut) REG_SZ
ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
+--[HKEY_LOCAL_MACHINE\...\Run]
JMB36X IDE Setup REG_SZ C:\Windows\RaidTool\xInsIDE.exe
SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
IAAnotif REG_SZ "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
NvSvc REG_SZ RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
COMODO Firewall Pro REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h
COMODO Internet Security REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://www.google.fr/
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://www.msn.com/
F --------- Logfile of AD-Remover 1.0.5.5 by C_XX ---------
# OPTION: Clean
START at: 13:19:26 | 30/11/2008
ON: Microsoft Windows [version 6.0.6001] ( Windows Vista )
Internet Explorer: [7.0.6001.18000]
*** Limited to ***
Boonty/BoontyGames
******************
EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
USER: Congo David ( Current user is an administrator )
PC: CONGOPC
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ D:\ E:\ F:\ G:\ J:\
-
Systemdrive: C:\ (NTFS)
--------- [ RUNNING PROCESSES ] ---------
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------------------------- [~> 50]
(!) ---- IE start pages reset
+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+
Deleted successfully ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+
[03/05/2008 17:52|d--------] C:\Program Files\BoontyGames
[03/05/2008 17:36|d--------] C:\Program Files\Common Files\BOONTY Shared
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY
[03/05/2008 17:52|d--------] C:\ProgramData\Microsoft\Windows\STARTM~1\Programs\BoontyGames
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\...\Run]
ISUSPM REG_SZ "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
(par d‚faut) REG_SZ
ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
+--[HKEY_LOCAL_MACHINE\...\Run]
JMB36X IDE Setup REG_SZ C:\Windows\RaidTool\xInsIDE.exe
SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
IAAnotif REG_SZ "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
NvSvc REG_SZ RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
COMODO Firewall Pro REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h
COMODO Internet Security REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
# OPTION: Clean
START at: 13:19:26 | 30/11/2008
ON: Microsoft Windows [version 6.0.6001] ( Windows Vista )
Internet Explorer: [7.0.6001.18000]
*** Limited to ***
Boonty/BoontyGames
******************
EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
USER: Congo David ( Current user is an administrator )
PC: CONGOPC
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ D:\ E:\ F:\ G:\ J:\
-
Systemdrive: C:\ (NTFS)
--------- [ RUNNING PROCESSES ] ---------
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------------------------- [~> 50]
(!) ---- IE start pages reset
+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+
Deleted successfully ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+
[03/05/2008 17:52|d--------] C:\Program Files\BoontyGames
[03/05/2008 17:36|d--------] C:\Program Files\Common Files\BOONTY Shared
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY
[03/05/2008 17:52|d--------] C:\ProgramData\Microsoft\Windows\STARTM~1\Programs\BoontyGames
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\...\Run]
ISUSPM REG_SZ "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
(par d‚faut) REG_SZ
ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
+--[HKEY_LOCAL_MACHINE\...\Run]
JMB36X IDE Setup REG_SZ C:\Windows\RaidTool\xInsIDE.exe
SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
IAAnotif REG_SZ "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
NvSvc REG_SZ RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
COMODO Firewall Pro REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h
COMODO Internet Security REG_SZ "C:\Program Files\COMODO\Firewall\cfp.exe" -h
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question