Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

affichage de pop up et connexion internet instable.

kroooo

Par kroooo
dans Analyses et éradication malwares

 Partager

Messages recommandés

kroooo Junior Member

kroooo

Posté(e)
  • Auteur
Posté(e)

Voila le nouvo log :P

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:46:02, on 2007/11/25

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\NECMFK\necmfk.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\conime.exe

C:\Program Files\Apoint2K\HidFind.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe

C:\Program Files\Logitech\QuickCam10\COCIManager.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Hijackthis\HiJackThis\HijackThis.exe

 

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: &BIGLOBEツールバー - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: &BIGLOBEツールバー - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: Norton ツールバーの表示 - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NECMFK] C:\Program Files\necmfk\necmfk.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [iME JPN 2007 Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - ESC Trusted Zone: http://*.update.microsoft.com

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe

O23 - Service: NT Meter - Unknown owner - C:\Windows\System32\NTMETER.EXE

O23 - Service: ReadSector (ReadSctService) - Unknown owner - C:\Smdata\READSCTSERVICE.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

 

--

End of file - 7339 bytes

 

Comment je comprend rien moi xD!

Bisous

Zonk Godlike Member

Zonk

Posté(e)
Posté(e) (modifié)

Ca ne fera pas de miracle ,mais

lance Hijackthis "do a system scan only" et coche la cases devant la ligne suivante:

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)

 

Ferme les fenêtres et clique sur "fix Checked"

et refait un autre HJT :P

édit: et attendre A. pour le reste :P

Modifié par Zonk
Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

  • Redémarre ton ordinateur
  • Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
  • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
  • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
  • Choisis ton compte.

Déroule la liste des instructions ci-dessous :

  • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

N.B.:

- Le fichier SDFIX_README.htm (dans le dossier SDFix) contient la liste des malwares pris en compte par l'outil.

@++

kroooo Junior Member

kroooo

Posté(e)
  • Auteur
Posté(e)

Alors, j'ai fait ce que tu m'as dit de faire...j'ai coche la case et fixe checked...

mais j'ai pas l'impression que j'ai reussi a le supprimer?

Enfin c'etait peut-etre pale but...

Est-ce-que ca a change quelque chose?

Voila le nouvo Log:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:14:45, on 2007/11/26

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\NECMFK\necmfk.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Apoint2K\HidFind.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\system32\conime.exe

C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe

C:\Program Files\Logitech\QuickCam10\COCIManager.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Hijackthis\HiJackThis\HijackThis.exe

 

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: &BIGLOBEツールバー - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: &BIGLOBEツールバー - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: Norton ツールバーの表示 - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NECMFK] C:\Program Files\necmfk\necmfk.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [iME JPN 2007 Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - ESC Trusted Zone: http://*.update.microsoft.com

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll

O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\system32\urlmon.dll

O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll

O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}

O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}

O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}

O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll

O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}

O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll

O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll

O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll

O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}

O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}

O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe

O23 - Service: NT Meter - Unknown owner - C:\Windows\System32\NTMETER.EXE

O23 - Service: ReadSector (ReadSctService) - Unknown owner - C:\Smdata\READSCTSERVICE.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

 

--

End of file - 9179 bytes

 

Merci:)

Bisous

kroooo Junior Member

kroooo

Posté(e)
  • Auteur
Posté(e) (modifié)

:P j'ai telecharge SDFix et fait tout ce que tu m'as dit de faire....

mais quand j'ai redemarre mon ordi en mode sans echec, le programme n'a pas voulu se lancer!

La fenetre commencait a s'ouvrir mais elle disparaissait immediatement...

Donc je n'ai pa pu faire le scan... :P:P

 

:P :P ( pour une personne qui comprendra dsl )

Modifié par kroooo
Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

Excuse-moi, j'ai perdu de vue qu'il s'agissait d'un Vista... :P

SDFix ne fonctionne effectivement pas sous ce système.

 

Télécharge Deckard's System Scanner (DSS) sur ton bureau.

Tu dois possèder les droits administrateurs pour le lancer.

  • Ferme toutes les applications en cours (fenêtres internet etc...)
  • Double-clique sur dss.exe et clique sur ok au message qui s'affiche.
  • Lorsque le scan est terminé, deux fichiers texte vont s'ouvrir.
  • Poste le contenu du rapport nommé main.txt
  • Si tu ne vois pas le rapport, tu le trouvera dans le dossier suivant > C:\Deckard\System Scanner

kroooo Junior Member

kroooo

Posté(e)
  • Auteur
Posté(e)

Voila le fichier main apres le scan:)

Comme j'ai eu deux fichiers texte qui ont apparu a la fin du scan, je poste les deux!

Le premier: main.txt

 

Deckard's System Scanner v20071014.68

Run by Caroline on 2007-11-27 18:54:42

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

Backed up registry hives.

Performed disk cleanup.

 

Total Physical Memory: 894 MiB (1024 MiB recommended).

 

 

-- HijackThis (run as Caroline.exe) --------------------------------------------

 

logfile has no content; running clone.

-- HijackThis Clone ------------------------------------------------------------

 

 

Emulating logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2007-11-27 18:56:40

Platform: Windows Vista (6.00.6000)

MSIE: Internet Explorer (7.00.6000.16386)

Boot mode: Normal

 

Running processes:

C:\Windows\System32\taskeng.exe

C:\Windows\System32\dwm.exe

C:\Windows\explorer.exe

C:\Program Files\Common Files\microsoft shared\IME12\IMEJP\IMJPCMNT.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\NECMFK\necmfk.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files\NETGEAR\WG111v2\WG111v2.exe

C:\Program Files\Apoint2K\HidFind.exe

C:\Program Files\Apoint2K\ApntEx.exe

C:\Windows\System32\conime.exe

C:\Windows\System32\wbem\unsecapp.exe

C:\Program Files\Logitech\QuickCam10\COCIManager.exe

C:\Program Files\Common Files\microsoft shared\IME12\IMEJP\IMJPCMNT.EXE

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe

C:\Users\Caroline\Desktop\dss.exe

C:\Hijackthis\HiJackThis\Caroline.exe

C:\Windows\System32\SearchFilterHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEJAJP/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEJAJP/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEJAJP/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nec8.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: &BIGLOBEツールバー - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: &BIGLOBEツールバー - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: Norton ツールバーの表示 - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NECMFK] C:\Program Files\necmfk\necmfk.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [iME JPN 2007 Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')

O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\System32\Ati2evxx.exe

O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe

O23 - Service: NT Meter - Unknown owner - C:\Windows\System32\NTMETER.EXE

O23 - Service: ReadSector (ReadSctService) - Unknown owner - C:\SMDATA\READSCTSERVICE.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

 

 

--

End of file - 9731 bytes

 

-- HijackThis Fixed Entries (C:\HIJACK~1\HIJACK~1\backups\) --------------------

 

backup-20071125-215819-645 O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)

backup-20071125-215848-841 O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)

backup-20071126-191424-238 O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)

 

-- File Associations -----------------------------------------------------------

 

All associations okay.

 

 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 

S3 USBAAPL (Apple Mobile USB Driver) - c:\windows\system32\drivers\usbaapl.sys <Not Verified; Apple, Inc.; Apple Mobile Device USB Driver>

 

 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>

R2 NT Meter - c:\windows\system32\ntmeter.exe

R2 ReadSctService (ReadSector) - c:\smdata\readsctservice.exe <Not Verified; ; 使用開始日ユーティリティ専用 セクタ読み込みサービス>

 

 

-- Device Manager: Disabled ----------------------------------------------------

 

No disabled devices found.

 

 

-- Scheduled Tasks -------------------------------------------------------------

 

2007-11-27 18:56:01 256 --a------ C:\Windows\Tasks\Windows Live Toolbar の更新プログラムを確認します.job

 

 

-- Files created between 2007-10-27 and 2007-11-27 -----------------------------

 

2007-11-22 18:10:10 0 d-------- C:\Users\All Users\Avira

2007-11-22 13:07:35 0 d-------- C:\Hijackthis

2007-11-21 20:16:41 0 d-------- C:\Program Files\Veoh Networks

2007-11-06 16:06:39 0 d-------- C:\Program Files\iPod

2007-11-06 16:06:34 0 d-------- C:\Program Files\iTunes

2007-11-06 16:02:56 0 d-------- C:\Program Files\QuickTime

2007-11-06 14:54:38 0 d-------- C:\Program Files\Norton Security Scan

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-11-21 20:19:11 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-11-19 22:02:11 395468 --a------ C:\Windows\system32\perfh011.dat

2007-11-19 22:02:11 104024 --a------ C:\Windows\system32\perfc011.dat

2007-11-14 21:39:16 0 d-------- C:\Users\Caroline\AppData\Roaming\LimeWire

2007-11-14 18:08:34 0 d-------- C:\Program Files\Windows Mail

2007-10-24 06:26:43 0 d-------- C:\Program Files\Norton 360

2007-10-23 20:22:50 0 d-------- C:\Users\Caroline\AppData\Roaming\DivX

2007-10-23 20:22:08 0 d-------- C:\Program Files\DivX

2007-10-23 20:21:49 0 d-------- C:\Program Files\Common Files\PX Storage Engine

2007-10-23 20:21:37 0 d-------- C:\Program Files\Common Files

2007-10-23 19:20:11 0 d-------- C:\Users\Caroline\AppData\Roaming\Talkback

2007-10-23 19:20:03 0 d-------- C:\Users\Caroline\AppData\Roaming\Mozilla

2007-10-23 19:13:17 0 d-------- C:\Users\Caroline\AppData\Roaming\Leadertech

2007-10-23 19:05:36 0 d-------- C:\Program Files\DVD Genie

2007-10-22 22:01:44 0 d-------- C:\Program Files\FairUse Wizard 2

2007-10-22 21:29:59 0 d-------- C:\Program Files\SlySoft

2007-10-17 06:42:44 174 --ahs---- C:\Program Files\desktop.ini

2007-10-16 20:41:29 0 d-------- C:\Users\Caroline\AppData\Roaming\Google

2007-10-16 20:40:21 0 d-------- C:\Users\Caroline\AppData\Roaming\Adobe

2007-10-16 20:37:44 0 d-------- C:\Users\Caroline\AppData\Roaming\U3

2007-10-16 20:29:48 0 d-------- C:\Program Files\Common Files\Adobe

2007-10-16 20:23:14 0 d-------- C:\Program Files\Google

2007-10-12 05:41:16 0 d-------- C:\Program Files\Windows Calendar

2007-10-11 17:46:53 0 d-------- C:\Program Files\Symantec

2007-10-09 21:24:22 0 d-------- C:\Program Files\Common Files\Apple

2007-10-09 21:16:27 0 d-------- C:\Program Files\Apple Software Update

2007-10-09 19:56:38 0 d-------- C:\Program Files\Common Files\logishrd

2007-09-28 17:07:52 3596288 --a------ C:\Windows\system32\qt-dx331.dll

2007-09-28 17:05:50 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>

2007-09-28 17:05:50 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>

2007-09-28 17:05:40 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivXョ>

2007-09-28 17:05:40 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivXR>

2007-09-28 17:05:40 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivXR>

2007-09-28 17:05:40 739840 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivXR>

2007-09-28 17:05:08 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]

C:\Program Files\ContextTool\ContextTool-2.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007/06/19 04:54]

"NECMFK"="C:\Program Files\necmfk\necmfk.exe" [2006/11/28 12:26]

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006/07/11 09:12]

"RtHDVCpl"="RtHDVCpl.exe" [2006/11/20 06:13 C:\Windows\RtHDVCpl.exe]

"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2006/12/09 11:44]

"IME JPN 2007 Migration"="C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.exe" [2006/10/26 06:54]

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007/01/09 22:59]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007/03/13 19:43]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006/06/26 01:46]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006/06/26 02:34]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007/05/11 02:06]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007/10/19 20:16]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007/11/02 18:36]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007/01/19 04:54]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007/10/16 20:23]

"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007/11/13 15:48]

"@"="" []

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

NETGEAR WG111v2 Smart Wizard..lnk - C:\Program Files\Common Files\VistaRunApp.exe [2007/01/06 6:09:26]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"=2 (0x2)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

@="IEEE 1394 Bus host controllers"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

@="SBP2 IEEE 1394 Devices"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

@="SecurityDevices"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient

LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum

LocalServiceNoNetwork PLA DPS BFE mpssvc

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84ade6f4-7bb1-11dc-940e-000d5e9100f4}]

Auto\command- AdobeR.exe e

AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84ade6f7-7bb1-11dc-940e-000d5e9100f4}]

AutoRun\command- G:\LaunchU3.exe -a

 

*Newly Created Service* - COMHOST

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]

C:\Windows\system32\unregmp2.exe /ShowWMP

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

 

 

 

-- End of Deckard's System Scanner: finished at 2007-11-27 18:58:54 ------------

Et le deuxieme: extra.txt

 

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

 

-- System Information ----------------------------------------------------------

 

MicrosoftR Windows Vista? Home Basic (build 6000)

Architecture: X86; Language: Japanese

 

CPU 0: Intel® Celeron® M CPU 410 @ 1.46GHz

Percentage of Memory in Use: 63%

Physical Memory (total/avail): 893.5 MiB / 321.73 MiB

Pagefile Memory (total/avail): 2059.36 MiB / 1101.38 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1899.5 MiB

 

C: is Fixed (NTFS) - 40 GiB total, 26.92 GiB free.

D: is Fixed (NTFS) - 30.53 GiB total, 19.2 GiB free.

E: is CDROM (No Media)

 

\\.\PHYSICALDRIVE0 - FUJITSU MHW2080BH ATA Device - 74.53 GiB - 3 partitions

\PARTITION0 (bootable) - インストールできるファイル システム - 40 GiB - C:

\PARTITION1 - インストールできるファイル システム - 30.53 GiB - D:

\PARTITION2 - Unknown - 4 GiB

 

 

 

-- Security Center -------------------------------------------------------------

 

AUOptions is scheduled to auto-install.

Windows Internal Firewall is disabled.

 

FW: Norton 360 v2007 (SYMANTEC Corporation)

AV: Norton 360 v2007 (SYMANTEC Corperation)

AS: Avira AntiVir PersonalEdition v 7.0.0.249

(Avira GmbH)

AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

AS: Norton 360 v2007 (Symantec Corporation)

 

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 

-- Environment Variables -------------------------------------------------------

 

ALLUSERSPROFILE=C:\ProgramData

APPDATA=C:\Users\Caroline\AppData\Roaming

CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip

CommonProgramFiles=C:\Program Files\Common Files

COMPUTERNAME=CAROLINE-PC

ComSpec=C:\Windows\system32\cmd.exe

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Users\Caroline

LOCALAPPDATA=C:\Users\Caroline\AppData\Local

LOGONSERVER=\\CAROLINE-PC

NUMBER_OF_PROCESSORS=1

OS=Windows_NT

Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel

PROCESSOR_LEVEL=6

PROCESSOR_REVISION=0e08

ProgramData=C:\ProgramData

ProgramFiles=C:\Program Files

PROMPT=$P$G

PUBLIC=C:\Users\Public

QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip

RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

SystemDrive=C:

SystemRoot=C:\Windows

TEMP=C:\Users\Caroline\AppData\Local\Temp

TMP=C:\Users\Caroline\AppData\Local\Temp

USERDOMAIN=Caroline-PC

USERNAME=Caroline

USERPROFILE=C:\Users\Caroline

windir=C:\Windows

 

 

-- User Profiles ---------------------------------------------------------------

 

Caroline

 

 

-- Add/Remove Programs ---------------------------------------------------------

 

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

--> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}

--> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}

--> MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}

--> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

--> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

--> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}

--> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 8.1.0 - Francais --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}

Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log

AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}

Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}

Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}

ATI Catalyst Control Center Ex --> MsiExec.exe /I{55993F5B-3183-3C7A-2B1A-60AA6D8271C8}

AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}

BIGLOBEツールバー V4.3 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{83CA9C42-60E0-4678-B0CE-3EAC155932CC}

ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}

DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER

DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe"

DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"

FairUse Wizard 2 --> "C:\Program Files\FairUse Wizard 2\UnInstall_14333.exe"

GearDrvs --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}

Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

HijackThis 2.0.2 --> "C:\HIJACK~1\HIJACK~1\HijackThis.exe" /uninstall

iTunes --> MsiExec.exe /I{E3FEE4E7-4488-4A3F-A6BD-13745936EADB}

Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

LimeWire 4.12.14 --> "C:\Program Files\LimeWire\uninstall.exe"

LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U

Logicool® Camera ドライバ --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}

Logitech QuickCam --> MsiExec.exe /X{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}

Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}

Microsoft Office Excel MUI (Japanese) 2007 --> MsiExec.exe /X{90120000-0016-0411-0000-0000000FF1CE}

Microsoft Office IME (Japanese) 2007 --> MsiExec.exe /X{90120000-0028-0411-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Japanese) 2007 --> MsiExec.exe /X{90120000-001A-0411-0000-0000000FF1CE}

Microsoft Office Personal 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PERSONALR /dll OSETUP.DLL

Microsoft Office Personal 2007 --> MsiExec.exe /X{91120000-0033-0000-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (Japanese) 2007 --> MsiExec.exe /X{90120000-001F-0411-0000-0000000FF1CE}

Microsoft Office Proofing (Japanese) 2007 --> MsiExec.exe /X{90120000-002C-0411-0000-0000000FF1CE}

Microsoft Office Shared MUI (Japanese) 2007 --> MsiExec.exe /X{90120000-006E-0411-0000-0000000FF1CE}

Microsoft Office Word MUI (Japanese) 2007 --> MsiExec.exe /X{90120000-001B-0411-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Mozilla Firefox (2.0.0.9) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

NETGEAR WG111v2 wireless USB 2.0 adapter --> C:\Program Files\InstallShield Installation Information\{E0F252A6-DE85-4E93-A93B-DFC3537B3965}\setup.exe -runfromtemp -l0x0409

Norton 360 --> MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}

Norton 360 --> MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}

Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}

Norton 360 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X

Norton 360 Help --> MsiExec.exe /I{1CA941F1-5006-487E-9FD4-09F812A7D6B8}

Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}

Norton Confidential Web Authentification Component --> MsiExec.exe /I{3074EB89-1BCA-4AEF-AFF4-EFB4634C1923}

Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}

Norton Security Scan --> MsiExec.exe /I{DA15D535-5E1D-4076-B520-8571346D6238}

NX PAD Driver --> C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE

Outils Club Internet --> "C:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe"

QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}

Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista --> C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -l0x0011 -removeonly

Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x11 -removeonly

Roxio Easy Media Creator Home --> MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}

Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Excel 2007 (KB936509) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {A00724F5-82C4-4924-B707-0E5A84B52471}

Security Update for Office 2007 (KB934062) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}

Security Update for Office 2007 (KB936514) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {C7A78F7F-EF32-4477-BAD7-3439EA7571BF}

Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}

SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}

SuppSoft --> MsiExec.exe /I{022DA2C3-81C7-4003-A6BC-1BB147B20097}

Symantec Technical Support Controls --> MsiExec.exe /I{92B1B3CC-EC78-45B8-96D0-8B3F11495864}

SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}

UMVPLStandalone --> MsiExec.exe /X{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}

Update for Office 2007 (KB932080) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}

Update for Office 2007 (KB934391) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}

Update for Outlook 2007 (KB937608) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {CBB2454D-193F-4523-8A31-FEB343B7C30E}

Update for Outlook 2007 Junk Email Filter (kb943559) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {2BE2B020-CE6A-4AD1-8291-2B881CF923B6}

Update for Word 2007 (KB934173) --> msiexec /package {91120000-0033-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}

VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409

Videora iPod Converter 2.19 --> C:\Program Files\Red Kawa\Video Converter\uninstaller.exe

Windows Live Messenger --> MsiExec.exe /I{4021D88F-E224-402F-919E-B3F053B57724}

Windows Live OneCare safety scanner --> "C:\Program Files\Windows Live Safety Center\UnInstall.exe"

Windows Live OneCare safety scanner --> MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}

Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}

Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {81747AE5-11B1-4D0B-93C6-6CE4C191C1C7}

Windows Live Toolbar --> MsiExec.exe /X{81747AE5-11B1-4D0B-93C6-6CE4C191C1C7}

Windows Live Toolbar RSS フィード検出 (Windows Live Toolbar) --> MsiExec.exe /X{46826287-608F-4809-AB53-9E11C575D811}

 

 

-- Application Event Log -------------------------------------------------------

 

Event Record #/Type6360 / Success

Event Submitted/Written: 11/27/2007 06:48:32 PM

Event ID/Source: 12001 / usnjsvc

Event Description:

The Messenger Sharing USN Journal Reader service started successfully.

 

Event Record #/Type6354 / Success

Event Submitted/Written: 11/27/2007 05:41:21 PM

Event ID/Source: 5617 / WinMgmt

Event Description:

 

 

Event Record #/Type6353 / Success

Event Submitted/Written: 11/27/2007 05:41:20 PM

Event ID/Source: 5615 / WinMgmt

Event Description:

 

 

Event Record #/Type6350 / Success

Event Submitted/Written: 11/27/2007 05:41:16 PM

Event ID/Source: 902 / Software Licensing Service

Event Description:

ソフトウェア ライセンス サービスが開始されました。

 

Event Record #/Type6321 / Success

Event Submitted/Written: 11/27/2007 05:31:15 PM

Event ID/Source: 5617 / WinMgmt

Event Description:

 

 

 

 

-- Security Event Log ----------------------------------------------------------

 

No Errors/Warnings found.

 

 

-- System Event Log ------------------------------------------------------------

 

Event Record #/Type23967 / Error

Event Submitted/Written: 11/27/2007 06:57:23 PM

Event ID/Source: 10010 / DCOM

Event Description:

{DC0C2640-1415-4644-875C-6F4D769839BA}

 

Event Record #/Type23966 / Warning

Event Submitted/Written: 11/27/2007 06:57:12 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%Caroline-PC27 リアルタイム保護エージェントで、変更が検出されました。これらの変更を行ったソフトウェアに潜在的リスクがないか分析することをお勧めします。これらのプログラムの動作方法に関する情報を使用して、これらのプログラムの実行を許可するか、コンピュータから削除するかを選択できます。プログラムまたはソフトウェア発行者を信頼できる場合のみ、変更を許可してください。%Caroline-PC27 は許可された変更を元に戻せません。

 

詳細については、次を参照してください:

%Caroline-PC275

 

スキャン ID: {F86535C0-A00E-4833-8353-0B8B050AAE73}

 

ユーザー: Caroline-PC\Caroline

 

名前: %Caroline-PC271

 

ID: %Caroline-PC272

 

重大度 ID: %Caroline-PC273

 

カテゴリ ID: %Caroline-PC274

 

見つかったパス: %Caroline-PC276

 

警告の種類: %Caroline-PC278

 

検出の種類: 1.1.1505.02

 

Event Record #/Type23965 / Warning

Event Submitted/Written: 11/27/2007 06:57:12 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%Caroline-PC27 リアルタイム保護エージェントで、変更が検出されました。これらの変更を行ったソフトウェアに潜在的リスクがないか分析することをお勧めします。これらのプログラムの動作方法に関する情報を使用して、これらのプログラムの実行を許可するか、コンピュータから削除するかを選択できます。プログラムまたはソフトウェア発行者を信頼できる場合のみ、変更を許可してください。%Caroline-PC27 は許可された変更を元に戻せません。

 

詳細については、次を参照してください:

%Caroline-PC275

 

スキャン ID: {4278456D-8E19-4715-B87F-ADCA3CBBF5D1}

 

ユーザー: Caroline-PC\Caroline

 

名前: %Caroline-PC271

 

ID: %Caroline-PC272

 

重大度 ID: %Caroline-PC273

 

カテゴリ ID: %Caroline-PC274

 

見つかったパス: %Caroline-PC276

 

警告の種類: %Caroline-PC278

 

検出の種類: 1.1.1505.02

 

Event Record #/Type23964 / Warning

Event Submitted/Written: 11/27/2007 06:57:12 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%Caroline-PC27 リアルタイム保護エージェントで、変更が検出されました。これらの変更を行ったソフトウェアに潜在的リスクがないか分析することをお勧めします。これらのプログラムの動作方法に関する情報を使用して、これらのプログラムの実行を許可するか、コンピュータから削除するかを選択できます。プログラムまたはソフトウェア発行者を信頼できる場合のみ、変更を許可してください。%Caroline-PC27 は許可された変更を元に戻せません。

 

詳細については、次を参照してください:

%Caroline-PC275

 

スキャン ID: {96CAF06B-D837-421D-ADA6-F532F576B6BE}

 

ユーザー: Caroline-PC\Caroline

 

名前: %Caroline-PC271

 

ID: %Caroline-PC272

 

重大度 ID: %Caroline-PC273

 

カテゴリ ID: %Caroline-PC274

 

見つかったパス: %Caroline-PC276

 

警告の種類: %Caroline-PC278

 

検出の種類: 1.1.1505.02

 

Event Record #/Type23963 / Warning

Event Submitted/Written: 11/27/2007 06:57:12 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%Caroline-PC27 リアルタイム保護エージェントで、変更が検出されました。これらの変更を行ったソフトウェアに潜在的リスクがないか分析することをお勧めします。これらのプログラムの動作方法に関する情報を使用して、これらのプログラムの実行を許可するか、コンピュータから削除するかを選択できます。プログラムまたはソフトウェア発行者を信頼できる場合のみ、変更を許可してください。%Caroline-PC27 は許可された変更を元に戻せません。

 

詳細については、次を参照してください:

%Caroline-PC275

 

スキャン ID: {9FD7595B-E8F0-423F-A5AB-F308F06BBB1C}

 

ユーザー: Caroline-PC\Caroline

 

名前: %Caroline-PC271

 

ID: %Caroline-PC272

 

重大度 ID: %Caroline-PC273

 

カテゴリ ID: %Caroline-PC274

 

見つかったパス: %Caroline-PC276

 

警告の種類: %Caroline-PC278

 

検出の種類: 1.1.1505.02

 

 

 

-- End of Deckard's System Scanner: finished at 2007-11-27 18:58:54 ------------

 

Quoi qu'apparemment ya plus de trucs en japonais donc... jsais pa si ca pourra aider:s

Zonk Godlike Member

Zonk

Posté(e)
Posté(e)
Up !

Ça fait quelques jours que je n'ai pas vu l'homme de l'espace...il devrait revenir bientôt des astres :P

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...