rapport à analyser gros bugs depuis hierFermé

Question

Bonjour,
est-ce qu'une âme généreuse pourrait regarder ça svp, merci d'avance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:47, on 30/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32undll32.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32undll32.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\BOINC\boinc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://google.neo.cx/search.php?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://barredoutilsrfx.ourtoolbar.com/exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.neo.cx/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.neo.cx/volet.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayerpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\QQ\Africa2003\AddEmotion.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix: 
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://oiseaudeparadis1984.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E960ACC-BF9B-4D7D-A969-E594CC40FC74}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED880319-2C83-49C3-8B13-5702F402CDD2}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:     C:\Windows\system32\guard32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

jlpjlp · Answer

slt tu as quel antvirus

car on voit avast, norton et bidefender




il n'en faut qu'un!

pour virer avast:
https://www.avast.com/fr-fr/uninstall-utility

pour virer bitdefender:
http://www.bitdefender.fr/KB333-fr--Desinstaller-BitDefender.html

pour virer norton
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924







ensuite tu as boonty game à virer:



Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau : 
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

/!\ Déconnectes toi et fermes toutes applications en cours 

&#9679; Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files ) 
&#9679; Double clique sur l'icône Ad-removersituée sur ton bureau 
&#9679; Au menu principal choisi l'option "A" 
&#9679; Postes le rapport qui apparait à la fin . 

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log ) 

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) 

Note : 

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. 
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. 
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

senjaman · Answer

F --------- Logfile of AD-Remover 1.0.5.5 by C_XX ---------
 
# OPTION: Scan
 
START at: 13:14:29 | 30/11/2008
ON: Microsoft Windows [version 6.0.6001] ( Windows Vista )
Internet Explorer: [7.0.6001.18000]
EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
USER: Congo David ( Current user is an administrator )
PC: CONGOPC
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ D:\ E:\ F:\ G:\ J:\ 
- 
Systemdrive: C:\ (NTFS)
 
--------- [ RUNNING PROCESSES ] --------- 

\SystemRoot\System32\smss.exe   
C:\Windows\system32\csrss.exe   
C:\Windows\system32\wininit.exe   
C:\Windows\system32\csrss.exe   
C:\Windows\system32\services.exe   
C:\Windows\system32\lsass.exe   
C:\Windows\system32\lsm.exe   
C:\Windows\system32\svchost.exe   
C:\Windows\system32\winlogon.exe   
C:\Windows\system32\svchost.exe   
C:\Windows\System32\svchost.exe   
C:\Windows\System32\svchost.exe   
C:\Windows\System32\svchost.exe   
C:\Windows\system32\svchost.exe   
C:\Windows\system32\SLsvc.exe   
C:\Windows\system32\svchost.exe   
C:\Windows\system32\svchost.exe   
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe   
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe   
C:\Program Files\Alwil Software\Avast4\ashServ.exe   
C:\Windows\System32\spoolsv.exe   
C:\Windows\system32\svchost.exe   
C:\Program Files\COMODO\Firewall\cmdagent.exe   
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe   
C:\Windows\system32	askeng.exe   
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe   
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe   
C:\Windows\system32\Dwm.exe   
C:\Windows\Explorer.EXE   
C:\Windows\system32\svchost.exe   
C:\Windows\system32\svchost.exe   
C:\Windows\System32\svchost.exe   
C:\Windows\system32\SearchIndexer.exe   
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe   
C:\Windows\system32	askeng.exe   
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe   
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe   
C:\Program Files\Alwil Software\Avast4\ashDisp.exe   
C:\Windows\System32undll32.exe   
C:\Windows\System32undll32.exe   
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe   
C:\Windows\ehome\ehtray.exe   
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe   
C:\Program Files\Windows Media Player\wmpnscfg.exe   
C:\Windows\ehome\ehmsas.exe   
C:\Program Files\Windows Media Player\wmpnetwk.exe   
C:\Windows\system32\SearchProtocolHost.exe   
C:\Windows\servicing\TrustedInstaller.exe   
C:\Windows\system32\SearchFilterHost.exe   
C:\Program Files\Mozilla Thunderbird	hunderbird.exe   
 
---------------------------- [~> 50] 


+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND ..
+---------------------------------------------------------------------------+

Found ! - "Boonty Games"

+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND ..
+---------------------------------------------------------------------------+

"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\ImageOle.GifAnimator"
"HKEY_CLASSES_ROOT\ImageOle.GifAnimator.1"
"HKEY_CLASSES_ROOT\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}"
"HKEY_CLASSES_ROOT\Typelib\{710993A2-4F87-41D7-B6FE-F5A20368465F}"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND ..
+---------------------------------------------------------------------------+

[03/05/2008 17:52|d--------] C:\Program Files\BoontyGames
[03/05/2008 17:36|d--------] C:\Program Files\Common Files\BOONTY Shared
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY
[03/05/2008 17:52|d--------] C:\ProgramData\Microsoft\Windows\STARTM~1\Programs\BoontyGames
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY

+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+

 
 
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
 
...\xowo03p5.default\prefs.js :
 
~~~~ Mozilla FireFox version 3.0.4 ~~~~

Start Page :  "https://www.google.fr/?gws_rd=ssl"
 
+----------+ 

 
+---------------------------------------------------------------------------+ 

+--[HKEY_CURRENT_USER\...\Run] 

ISUSPM    REG_SZ    "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
(par d‚faut)    REG_SZ    
ehTray.exe    REG_SZ    C:\Windows\ehome\ehTray.exe
WMPNSCFG    REG_SZ    C:\Program Files\Windows Media Player\WMPNSCFG.exe
 
+--[HKEY_LOCAL_MACHINE\...\Run] 

JMB36X IDE Setup    REG_SZ    C:\Windows\RaidTool\xInsIDE.exe
SynTPEnh    REG_SZ    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
IAAnotif    REG_SZ    "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
avast!    REG_SZ    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
NvSvc    REG_SZ    RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
NvCplDaemon    REG_SZ    RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter    REG_SZ    RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
COMODO Firewall Pro    REG_SZ    "C:\Program Files\COMODO\Firewall\cfp.exe" -h
COMODO Internet Security    REG_SZ    "C:\Program Files\COMODO\Firewall\cfp.exe" -h
 
+--[HKEY_USERS\.DEFAULT\...\Run] 

 
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN] 

Start Page : hxxp://www.google.fr/
 
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN] 

Start Page : hxxp://www.msn.com/

jlpjlp · Answer

ok relance ad remover choisi l'option B et coche boonty  et colle le rapport de desinfection

senjaman · Answer

F --------- Logfile of AD-Remover 1.0.5.5 by C_XX ---------
 
# OPTION: Clean
 
START at: 13:19:26 | 30/11/2008 
ON: Microsoft Windows [version 6.0.6001] ( Windows Vista )
Internet Explorer: [7.0.6001.18000]
 
*** Limited to ***
 
Boonty/BoontyGames 
 
******************
 
EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
USER: Congo David ( Current user is an administrator )
PC: CONGOPC
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ D:\ E:\ F:\ G:\ J:\ 
- 
Systemdrive: C:\ (NTFS)
 
--------- [ RUNNING PROCESSES ] --------- 

\SystemRoot\System32\smss.exe  
C:\Windows\system32\csrss.exe  
C:\Windows\system32\wininit.exe  
C:\Windows\system32\csrss.exe  
C:\Windows\system32\services.exe  
C:\Windows\system32\lsass.exe  
C:\Windows\system32\lsm.exe  
C:\Windows\system32\svchost.exe  
C:\Windows\system32\winlogon.exe  
C:\Windows\system32\svchost.exe  
C:\Windows\System32\svchost.exe  
C:\Windows\System32\svchost.exe  
C:\Windows\System32\svchost.exe  
C:\Windows\system32\svchost.exe  
C:\Windows\system32\SLsvc.exe  
C:\Windows\system32\svchost.exe  
C:\Windows\system32\svchost.exe  
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe  
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe  
C:\Program Files\Alwil Software\Avast4\ashServ.exe  
C:\Windows\System32\spoolsv.exe  
C:\Windows\system32\svchost.exe  
C:\Program Files\COMODO\Firewall\cmdagent.exe  
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe  
C:\Windows\system32	askeng.exe  
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe  
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe  
C:\Windows\system32\Dwm.exe  
C:\Windows\Explorer.EXE  
C:\Windows\system32\svchost.exe  
C:\Windows\system32\svchost.exe  
C:\Windows\System32\svchost.exe  
C:\Windows\system32\SearchIndexer.exe  
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe  
C:\Windows\system32	askeng.exe  
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe  
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe  
C:\Program Files\Alwil Software\Avast4\ashDisp.exe  
C:\Windows\System32undll32.exe  
C:\Windows\System32undll32.exe  
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe  
C:\Windows\ehome\ehtray.exe  
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe  
C:\Program Files\Windows Media Player\wmpnscfg.exe  
C:\Windows\ehome\ehmsas.exe  
C:\Program Files\Windows Media Player\wmpnetwk.exe  
C:\Windows\servicing\TrustedInstaller.exe  
C:\Program Files\Mozilla Thunderbird	hunderbird.exe  
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe  
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe  
 
---------------------------- [~> 50] 

(!) ---- IE start pages reset

+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+

Deleted successfully ! - "Boonty Games" 

+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+

"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+

[03/05/2008 17:52|d--------] C:\Program Files\BoontyGames
[03/05/2008 17:36|d--------] C:\Program Files\Common Files\BOONTY Shared
[03/05/2008 17:36|d--------] C:\ProgramData\BOONTY
[03/05/2008 17:52|d--------] C:\ProgramData\Microsoft\Windows\STARTM~1\Programs\BoontyGames
 
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives. 


+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\...\Run] 

ISUSPM    REG_SZ    "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
(par d‚faut)    REG_SZ    
ehTray.exe    REG_SZ    C:\Windows\ehome\ehTray.exe
WMPNSCFG    REG_SZ    C:\Program Files\Windows Media Player\WMPNSCFG.exe
 
+--[HKEY_LOCAL_MACHINE\...\Run] 

JMB36X IDE Setup    REG_SZ    C:\Windows\RaidTool\xInsIDE.exe
SynTPEnh    REG_SZ    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
IAAnotif    REG_SZ    "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
avast!    REG_SZ    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
NvSvc    REG_SZ    RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
NvCplDaemon    REG_SZ    RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter    REG_SZ    RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
COMODO Firewall Pro    REG_SZ    "C:\Program Files\COMODO\Firewall\cfp.exe" -h
COMODO Internet Security    REG_SZ    "C:\Program Files\COMODO\Firewall\cfp.exe" -h
 
+--[HKEY_USERS\.DEFAULT\...\Run] 

 
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN] 

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
 
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN] 

Start Page : hxxp://fr.msn.com/

jlpjlp · Answer

ok tu as gardé qu'un antivirus?

encore des soucis?

senjaman · Answer

ouais ça à l'air d'aller merci
pour norton j'arrivais pas à le virer complétement avec windows donc thanks

jlpjlp · Answer

tu peux desinstaller ad remover via ton panneau de configuration


si plus de souci c'est bon!!!

Rapport à analyser gros bugs depuis hier

7 réponses

Discussions similaires

Newsletters