Aller au contenu

angus82

Membres
  • Compteur de contenus

    77
  • Inscription

  • Dernière visite

angus82's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. salut a tous j ai un petit problème d'écran qui se met en veille tout seul,alors que la tour reste allume. je vous poste mon rapport hijack this: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:13:28, on 22/03/2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8080.16413) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\IELowutil.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Users\JEROME\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S93C6.tmp" /EF "HKCU" O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe O4 - Global Startup: WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 5725 bytes Merci d'avance
  2. salut a tous je vous poste un log hijack this car le pc de mon pot est anormalement long. merci d avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:21:29, on 09/09/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\rstrui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Neuf\Kit\9props.exe C:\Program Files\SEC\Natural Color Pro\NCProTray.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\hp\kbd\kbd.exe C:\Windows\system32\taskeng.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragMonitorService.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jérôme\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0FWJB153\HiJackThis[1].exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SFR : téléphone portable, forfait téléphone mobile, sfr mobile adsl, opérateur de téléphonie mobile R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Desktop | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP Desktop | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [startCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S20A9.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\Neuf\Kit\9props.exe" /trayicon O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: NCProTray.lnk = ? O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 10941 bytes
  3. bonjour a tous j ai un gros probleme avec trend micro quand je l 'installe, systematiquement il plante et fait une"action de retrogradation" et me le desinstalle avant de l avoir completement installer j ai fait plein de manip avec l 'aide d'un conseiller de chez trend,rien a faire quelqu'un a la soluce?
  4. slt atous voila j ai un probleme avec la duree de ma pile sur la carte mere j' ai change le 25 mai 09 et elle a tenu jusqu a aujourd hui puis probleme de cmos cheksum error impossible de selectionne mon DD ,j ai change la pile et ca repart. ce n'est pas normal qu elle dure si peu de temps(carte mere HS,????) merci d'avance
  5. [ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ] -->- Recherche: C:\_OtMoveIt: trouvé !
  6. slt a toi j'aireboote le pc ,ca marche nickel un grand merci a toi tres bonne equipe ps :comment je fais pour mettre le post"resolu" ?
  7. [ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ] -->- Recherche: C:\fixnavi.txt: trouvé ! C:\cleannavi.txt: trouvé ! C:\lopR.txt: trouvé ! C:\TB.txt: trouvé ! C:\Lop SD: trouvé ! C:\_OtMoveIt: trouvé ! C:\Toolbar SD: trouvé ! C:\Documents and Settings\angus\Bureau\LopSD.exe: trouvé ! C:\Documents and Settings\angus\Bureau\Navilog1.exe: trouvé ! C:\Documents and Settings\angus\Bureau\HijackThis.exe: trouvé ! C:\Documents and Settings\angus\Bureau\ToolBarSD.exe: trouvé ! C:\Documents and Settings\angus\Bureau\hijackthis.log: trouvé ! C:\Program Files\Navilog1: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\angus\Bureau\LopSD.exe: supprimé ! C:\Documents and Settings\angus\Bureau\Navilog1.exe: supprimé ! C:\Documents and Settings\angus\Bureau\HijackThis.exe: supprimé ! C:\Documents and Settings\angus\Bureau\ToolBarSD.exe: supprimé ! C:\fixnavi.txt: supprimé ! C:\cleannavi.txt: supprimé ! C:\lopR.txt: supprimé ! C:\TB.txt: supprimé ! C:\Documents and Settings\angus\Bureau\hijackthis.log: supprimé ! C:\Lop SD: supprimé ! C:\_OtMoveIt: supprimé ! C:\Toolbar SD: supprimé ! C:\Program Files\Navilog1: supprimé ! Corbeille vidée! Fichiers temporaires nettoyés ! Sauvegarde du registre crée !
  8. Error: Unable to interpret <First> in the current context! ========== FILES ========== C:\Documents and Settings\angus\Application Data\Adobe\google.exe moved successfully. C:\Documents and Settings\angus\Application Data\AdobeUM\3.exe moved successfully. C:\WINDOWS\cmd32.exe moved successfully. E:\LOGICIELS\clpne dvd and cd\Clone CD_6 versions + Serials + Keygens\Clone CD 3.0.5.1 + Serial.zip moved successfully. E:\LOGICIELS\GDiVX1.9.9.5.exe moved successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\angus\LOCALS~1\Temp\IadHide3.dll scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\angus\LOCALS~1\Temp\Perflib_Perfdata_4c0.dat scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\angus\LOCALS~1\Temp\Perflib_Perfdata_670.dat scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_1348.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02142009_101328
  9. KASPERSKY ONLINE SCANNER 7 REPORT Saturday, February 14, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Friday, February 13, 2009 23:24:18 Records in database: 1794250 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ M:\ Scan statistics: Files scanned: 81826 Threat name: 7 Infected objects: 15 Suspicious objects: 0 Duration of the scan: 01:33:04 File name / Threat name / Threats count C:\Documents and Settings\angus\Application Data\Adobe\google.exe Infected: Trojan.Win32.Pakes.mmp 1 C:\Documents and Settings\angus\Application Data\AdobeUM\3.exe Infected: Trojan.Win32.Pakes.mmp 1 C:\Program Files\Trend Micro\Internet Security\Quarantine\12.tmp Infected: Trojan.Win32.Delf.emr 1 C:\Program Files\Trend Micro\Internet Security\Quarantine\64.tmp Infected: Trojan.Win32.Delf.emr 1 C:\Program Files\Trend Micro\Internet Security\Quarantine\65.tmp Infected: Trojan.Win32.Delf.emr 1 C:\Program Files\Trend Micro\Internet Security\Quarantine\A0022586.exe Infected: Trojan.Win32.Agent.bcn 1 C:\Program Files\Trend Micro\Internet Security\Quarantine\A0022607.exe Infected: Trojan.Win32.Agent.bcn 1 C:\Program Files\Trend Micro\Internet Security\Quarantine\A0022608.exe Infected: Trojan.Win32.Agent.bcn 1 C:\Program Files\Trend Micro\Internet Security\Quarantine\EC7.tmp Infected: Trojan.Win32.Delf.emr 1 C:\Program Files\Trend Micro\Internet Security\Quarantine\svhoost.exe Infected: Trojan.Win32.Agent.bcn 1 C:\WINDOWS\cmd32.exe Infected: Trojan.Win32.Pakes.mmp 1 E:\LOGICIELS\clpne dvd and cd\Clone CD_6 versions + Serials + Keygens\Clone CD 3.0.5.1 + Serial.zip Infected: Backdoor.Win32.Agobot.qgj 1 E:\LOGICIELS\GDiVX1.9.9.5.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1 E:\LOGICIELS\GDiVX1.9.9.5.exe Infected: not-a-virus:AdWare.Win32.GigatechSuperBar 1 E:\LOGICIELS\GDiVX1.9.9.5.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bx 1
  10. Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1760 Windows 5.1.2600 Service Pack 3 13/02/2009 22:13:05 mbam-log-2009-02-13 (22-13-05).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 166941 Temps écoulé: 47 minute(s), 56 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:14:57, on 13/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\Program Files\ASUS\PC Probe II\Probe2.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\Western Digital Technologies\WD Win98 SE USB Disk Driver, v1.00.09\WD_SRT.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\DrvMon.exe C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\Program Files\Trend Micro\BM\TMBMSRV.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\Internet Security\TmPfw.exe C:\Program Files\Trend Micro\Internet Security\TmProxy.exe C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\angus\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.football365.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Barre d`outils de Trend Micro - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1 O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [WD_SRT] "C:\Program Files\Western Digital Technologies\WD Win98 SE USB Disk Driver, v1.00.09\WD_SRT.EXE" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: APC UPS Status.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1226401655968 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_1_0_4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Security Activity Dashboard Service - Trend Micro Inc. - C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe O23 - Service: Composant de commande centrale Trend Micro (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- End of file - 13024 bytes
  11. "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 13/02/2009|11:01 ) -----------\\ SUPPRESSION Supprime! - C:\DOCUME~1\angus\APPLIC~1\FunWebProducts\Data Supprime! - C:\Program Files\FunWebProducts\ScreenSaver Supprime! - C:\Program Files\FunWebProducts\Shared Supprime! - C:\Program Files\MyWebSearch\bar Supprime! - C:\DOCUME~1\angus\APPLIC~1\FunWebProducts Supprime! - C:\Program Files\FunWebProducts Supprime! - C:\Program Files\MyWebSearch -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.football365.fr/" "Search Page"="http://www.google.fr" "Search Bar"="http://www.google.fr/ie" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" "Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\angus\Bureau\Crack C:\DOCUME~1\angus\Bureau\Crack\keymaker.exe C:\DOCUME~1\angus\Bureau\Crack\Serial.txt C:\DOCUME~1\angus\Bureau\defragmenteur\Keygen C:\DOCUME~1\angus\Bureau\dvdfab\Crack C:\DOCUME~1\angus\Bureau\dvdfab\Crack\universal.dvdfab.platinum.5-patch.1.2.exe C:\DOCUME~1\angus\Favoris\Crackman World [Cracks]-[Gravure]-[Divx]-[Hack] Tutorial gravure securom new avec Alcohol 120%.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\APPZPLANET DOWNLOADS - WAREZ CRACKZ SERIALZ FULL APPZ GAMEZ REAL DIRECT DOWNLOAD ISO 1 FILE.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\Software cracks, serial numbers, keygens, patches. Present by TheBUGS.ws.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\Crackspider.net! Search cracks, crackz, serial numbers, keygens and patches for appz and games for pc,mac,pda software unlock c.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\NEW SERVER - Cerials.NET - Downloading - Viewing Serial.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\Welcome to crackspider.net! Search cracks, serial numbers, keygens and patches for appz and games.url C:\DOCUME~1\angus\Recent\!!_ FIFA 2009___crack and keygen.zip.lnk C:\DOCUME~1\angus\Recent\Ashampoo.Magical.Defrag.v2.34.Multilangages.Incl-Keygen.[emule-island.com].rar.lnk C:\DOCUME~1\angus\Recent\Crack Serial Fifa09.rar.lnk C:\DOCUME~1\angus\Recent\Crack.lnk C:\DOCUME~1\angus\Recent\FIFA09-Crack_Keygen.rar.lnk C:\DOCUME~1\angus\Recent\Registry.Mechanic.v7.0.0.1010.Multilangages.Incl-Keygen.[emule-island.com].rar.lnk C:\DOCUME~1\angus\Recent\[PC]Fifa09.crack.rar.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 13/02/2009|10:59 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 13/02/2009|11:02 - Option : [2] -----------\\ Fin du rapport a 11:02:37,60 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:04:30, on 13/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Trend Micro\BM\TMBMSRV.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\Internet Security\TmPfw.exe C:\Program Files\Trend Micro\Internet Security\TmProxy.exe C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\ASUS\PC Probe II\Probe2.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\Western Digital Technologies\WD Win98 SE USB Disk Driver, v1.00.09\WD_SRT.EXE C:\Documents and Settings\angus\Application Data\Adobe\sys.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\DrvMon.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\angus\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.football365.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Barre d`outils de Trend Micro - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1 O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [WD_SRT] "C:\Program Files\Western Digital Technologies\WD Win98 SE USB Disk Driver, v1.00.09\WD_SRT.EXE" O4 - HKLM\..\Run: [poli] C:\Documents and Settings\angus\Application Data\Adobe\sys.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: APC UPS Status.lnk = ? O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1226401655968 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_1_0_4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Security Activity Dashboard Service - Trend Micro Inc. - C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe O23 - Service: Composant de commande centrale Trend Micro (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- End of file - 12014 bytes
  12. -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz ) BIOS : BIOS Date: 06/26/08 15:10:24 Ver: 08.00.12 USER : angus ( Administrator ) BOOT : Normal boot Antivirus : Trend Micro Internet Security Pro 17.0.1367 (Activated) Firewall : Pare-feu personnel Trend Micro 5.5 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:68 Go (Free:51 Go) D:\ (Local Disk) - NTFS - Total:149 Go (Free:64 Go) E:\ (Local Disk) - NTFS - Total:74 Go (Free:50 Go) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) M:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 13/02/2009|10:58 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\DOCUME~1\angus\APPLIC~1\FunWebProducts C:\DOCUME~1\angus\APPLIC~1\FunWebProducts\Data C:\DOCUME~1\angus\APPLIC~1\FunWebProducts\Data\angus C:\Program Files\FunWebProducts C:\Program Files\FunWebProducts\ScreenSaver C:\Program Files\FunWebProducts\Shared C:\Program Files\FunWebProducts\ScreenSaver\Images C:\Program Files\FunWebProducts\ScreenSaver\Images\05A66E70.urr C:\Program Files\MyWebSearch C:\Program Files\MyWebSearch\bar C:\Program Files\MyWebSearch\bar\History C:\Program Files\MyWebSearch\bar\Settings C:\Program Files\MyWebSearch\bar\History\search3 C:\Program Files\MyWebSearch\bar\Settings\setting2.htm C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak C:\Program Files\MyWebSearch\bar\Settings\settings.dat C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.football365.fr/" "Search Page"="http://www.google.fr" "Search Bar"="http://www.google.fr/ie" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\angus\Bureau\Crack C:\DOCUME~1\angus\Bureau\Crack\keymaker.exe C:\DOCUME~1\angus\Bureau\Crack\Serial.txt C:\DOCUME~1\angus\Bureau\defragmenteur\Keygen C:\DOCUME~1\angus\Bureau\dvdfab\Crack C:\DOCUME~1\angus\Bureau\dvdfab\Crack\universal.dvdfab.platinum.5-patch.1.2.exe C:\DOCUME~1\angus\Favoris\Crackman World [Cracks]-[Gravure]-[Divx]-[Hack] Tutorial gravure securom new avec Alcohol 120%.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\APPZPLANET DOWNLOADS - WAREZ CRACKZ SERIALZ FULL APPZ GAMEZ REAL DIRECT DOWNLOAD ISO 1 FILE.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\Software cracks, serial numbers, keygens, patches. Present by TheBUGS.ws.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\Crackspider.net! Search cracks, crackz, serial numbers, keygens and patches for appz and games for pc,mac,pda software unlock c.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\NEW SERVER - Cerials.NET - Downloading - Viewing Serial.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\Welcome to crackspider.net! Search cracks, serial numbers, keygens and patches for appz and games.url C:\DOCUME~1\angus\Recent\!!_ FIFA 2009___crack and keygen.zip.lnk C:\DOCUME~1\angus\Recent\Ashampoo.Magical.Defrag.v2.34.Multilangages.Incl-Keygen.[emule-island.com].rar.lnk C:\DOCUME~1\angus\Recent\Crack Serial Fifa09.rar.lnk C:\DOCUME~1\angus\Recent\Crack.lnk C:\DOCUME~1\angus\Recent\FIFA09-Crack_Keygen.rar.lnk C:\DOCUME~1\angus\Recent\Registry.Mechanic.v7.0.0.1010.Multilangages.Incl-Keygen.[emule-island.com].rar.lnk C:\DOCUME~1\angus\Recent\[PC]Fifa09.crack.rar.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 13/02/2009|10:59 - Option : [1] -----------\\ Fin du rapport a 10:59:28,62
  13. Search Navipromo version 3.7.2 commencé le 13/02/2009 à 10:43:30,62 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 07.02.2009 à 10h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz ) BIOS : BIOS Date: 06/26/08 15:10:24 Ver: 08.00.12 USER : angus ( Administrator ) BOOT : Normal boot Antivirus : Trend Micro Internet Security Pro 17.0.1367 (Activated) Firewall : Pare-feu personnel Trend Micro 5.5 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:68 Go (Free:51 Go) D:\ (Local Disk) - NTFS - Total:149 Go (Free:64 Go) E:\ (Local Disk) - NTFS - Total:74 Go (Free:50 Go) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) M:\ (CD or DVD) Recherche executé en mode normal *** Recherche Programmes installés *** Favorit *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\angus\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\angus\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\angus\menudm~1\progra~1" *** *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * gnc.exe absent, Recherche non effectuee dans "C:\WINDOWS\system32" ! * Recherche dans "C:\Documents and Settings\angus\locals~1\applic~1" * gnc.exe absent, Recherche non effectuee dans "C:\Documents and Settings\angus\locals~1\applic~1" ! *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! HKEY_CURRENT_USER\Software\Lanconfig [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "akgcc"="\"c:\\documents and settings\\angus\\local settings\\application data\\akgcc.exe\" akgcc" *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\angus\locals~1\applic~1" : akgcc.exe trouvé ! akgcc.dat trouvé ! akgcc_nav.dat trouvé ! akgcc_navps.dat trouvé ! 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : Clean Navipromo version 3.7.2 commencé le 13/02/2009 à 10:44:24,59 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 07.02.2009 à 10h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz ) BIOS : BIOS Date: 06/26/08 15:10:24 Ver: 08.00.12 USER : angus ( Administrator ) BOOT : Normal boot Antivirus : Trend Micro Internet Security Pro 17.0.1367 (Activated) Firewall : Pare-feu personnel Trend Micro 5.5 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:68 Go (Free:51 Go) D:\ (Local Disk) - NTFS - Total:149 Go (Free:64 Go) E:\ (Local Disk) - NTFS - Total:74 Go (Free:50 Go) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) M:\ (CD or DVD) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\angus\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\angus\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\angus\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\angus\menudm~1\progra~1" *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\angus\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\angus\locals~1\applic~1" * akgcc.exe trouvé ! Copie akgcc.exe réalisée avec succès ! akgcc.exe supprimé ! akgcc.dat trouvé ! Copie akgcc.dat réalisée avec succès ! akgcc.dat supprimé ! akgcc_nav.dat trouvé ! Copie akgcc_nav.dat réalisée avec succès ! akgcc_nav.dat supprimé ! akgcc_navps.dat trouvé ! Copie akgcc_navps.dat réalisée avec succès ! akgcc_navps.dat supprimé ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent !
  14. --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz ) BIOS : BIOS Date: 06/26/08 15:10:24 Ver: 08.00.12 USER : angus ( Administrator ) BOOT : Normal boot Antivirus : Trend Micro Internet Security Pro 17.0.1367 (Activated) Firewall : Pare-feu personnel Trend Micro 5.5 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:68 Go (Free:52 Go) D:\ (Local Disk) - NTFS - Total:149 Go (Free:64 Go) E:\ (Local Disk) - NTFS - Total:74 Go (Free:50 Go) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) M:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( 13/02/2009|10:37 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\angus\LOCALS~1\Temp\nsx18.tmp Supprime! - C:\DOCUME~1\angus\Cookies\[email protected][1].txt Supprime! - C:\DOCUME~1\angus\Cookies\[email protected][1].txt Supprime! - C:\DOCUME~1\angus\Cookies\[email protected][1].txt Supprime! - C:\DOCUME~1\angus\Cookies\[email protected][2].txt Supprime! - C:\DOCUME~1\angus\Cookies\[email protected][2].txt Supprime! - C:\DOCUME~1\angus\Cookies\[email protected][1].txt Supprime! - C:\DOCUME~1\angus\Cookies\[email protected][2].txt Supprime! - C:\DOCUME~1\angus\Cookies\[email protected][1].txt \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [04/12/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [18/12/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [09/01/2009|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ashampoo [04/10/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI [29/10/2008|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CMUV [03/02/2009|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite [05/02/2009|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts [09/10/2008|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [13/02/2009|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [29/12/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [18/12/2008|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe [01/01/2009|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com [04/02/2009|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [11/02/2009|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [18/12/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [04/12/2008|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [05/11/2008|12:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trend Micro [21/12/2008|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk [04/10/2008|01:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [15/01/2009|09:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [15/01/2009|18:21] C:\DOCUME~1\angus\APPLIC~1\AccurateRip [13/02/2009|00:55] C:\DOCUME~1\angus\APPLIC~1\Adobe [04/02/2009|23:10] C:\DOCUME~1\angus\APPLIC~1\AdobeUM [23/12/2008|14:38] C:\DOCUME~1\angus\APPLIC~1\Ahead [12/02/2009|16:26] C:\DOCUME~1\angus\APPLIC~1\ArcSoft [04/10/2008|01:31] C:\DOCUME~1\angus\APPLIC~1\ATI [19/01/2009|13:28] C:\DOCUME~1\angus\APPLIC~1\Canon [03/02/2009|11:48] C:\DOCUME~1\angus\APPLIC~1\DAEMON Tools [03/02/2009|12:02] C:\DOCUME~1\angus\APPLIC~1\DAEMON Tools Lite [05/02/2009|11:49] C:\DOCUME~1\angus\APPLIC~1\DAEMON Tools Pro [12/02/2009|16:18] C:\DOCUME~1\angus\APPLIC~1\dvdcss [07/10/2008|20:15] C:\DOCUME~1\angus\APPLIC~1\FunWebProducts [10/10/2008|12:05] C:\DOCUME~1\angus\APPLIC~1\Google [04/10/2008|01:12] C:\DOCUME~1\angus\APPLIC~1\Identities [12/02/2009|16:02] C:\DOCUME~1\angus\APPLIC~1\InstallShield [04/02/2009|17:47] C:\DOCUME~1\angus\APPLIC~1\Leadertech [04/10/2008|01:34] C:\DOCUME~1\angus\APPLIC~1\Macromedia [04/12/2008|13:28] C:\DOCUME~1\angus\APPLIC~1\Microsoft [21/10/2008|09:28] C:\DOCUME~1\angus\APPLIC~1\Mozilla [21/01/2009|16:26] C:\DOCUME~1\angus\APPLIC~1\Nero [12/02/2009|16:11] C:\DOCUME~1\angus\APPLIC~1\Panasonic [21/01/2009|16:17] C:\DOCUME~1\angus\APPLIC~1\Simple Star [11/10/2008|18:07] C:\DOCUME~1\angus\APPLIC~1\vlc [02/02/2009|16:09] C:\DOCUME~1\angus\APPLIC~1\Vso [15/01/2009|09:30] C:\DOCUME~1\angus\APPLIC~1\Yahoo! [15/01/2009|20:02] C:\DOCUME~1\angus\APPLIC~1\???????sAppData [04/10/2008|01:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [04/10/2008|01:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [04/10/2008|01:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [13/02/2009 10:27][--ah-----] C:\WINDOWS\tasks\SA.DAT [24/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13/02/2009|00:55] C:\Program Files\Adobe [31/10/2008|11:54] C:\Program Files\Alcohol Soft [13/11/2008|13:23] C:\Program Files\APC [12/02/2009|16:06] C:\Program Files\ArcSoft [09/01/2009|01:22] C:\Program Files\Ashampoo [23/01/2009|15:14] C:\Program Files\ASUS [04/10/2008|01:28] C:\Program Files\ATI Technologies [04/10/2008|10:21] C:\Program Files\Canon [04/10/2008|01:04] C:\Program Files\ComPlus Applications [15/10/2008|09:56] C:\Program Files\DVD Decrypter [09/01/2009|13:18] C:\Program Files\DVDFab 5 [21/12/2008|10:42] C:\Program Files\DVDFab Platinum 4 [05/02/2009|12:10] C:\Program Files\Electronic Arts [13/02/2009|05:17] C:\Program Files\eMule [15/01/2009|19:36] C:\Program Files\Exact Audio Copy [12/02/2009|16:07] C:\Program Files\Fichiers communs [08/10/2008|02:06] C:\Program Files\FunWebProducts [09/10/2008|12:17] C:\Program Files\Google [29/12/2008|15:09] C:\Program Files\Grisoft [13/02/2009|00:56] C:\Program Files\InstallShield Installation Information [04/10/2008|09:42] C:\Program Files\Intel [02/01/2009|23:28] C:\Program Files\Intel Corporation [11/02/2009|22:02] C:\Program Files\Internet Explorer [23/10/2008|14:24] C:\Program Files\Logitech [01/01/2009|12:01] C:\Program Files\ma-config.com [04/10/2008|01:17] C:\Program Files\Marvell [08/10/2008|02:06] C:\Program Files\Messenger [18/10/2008|14:31] C:\Program Files\Micro Application [07/02/2009|10:45] C:\Program Files\Micros [04/10/2008|01:08] C:\Program Files\microsoft frontpage [04/10/2008|16:57] C:\Program Files\Microsoft Office [04/10/2008|16:57] C:\Program Files\Microsoft Visual Studio [04/10/2008|16:57] C:\Program Files\Microsoft Works [04/10/2008|16:57] C:\Program Files\Microsoft.NET [15/01/2009|19:45] C:\Program Files\Monkey's Audio [05/10/2008|21:52] C:\Program Files\Movie Maker [13/02/2009|00:58] C:\Program Files\Mozilla Firefox [18/12/2008|15:03] C:\Program Files\MSBuild [05/10/2008|21:52] C:\Program Files\msn [04/10/2008|01:08] C:\Program Files\msn gaming zone [07/10/2008|11:55] C:\Program Files\MSXML 4.0 [02/01/2009|11:52] C:\Program Files\MyWebSearch [21/01/2009|16:26] C:\Program Files\Nero [13/02/2009|00:56] C:\Program Files\NETGEAR XE104 Powerline Encryption Utility [04/10/2008|01:08] C:\Program Files\netmeeting [04/12/2008|09:55] C:\Program Files\NOS [20/11/2008|16:51] C:\Program Files\OrangeHSS [05/10/2008|21:50] C:\Program Files\Outlook Express [12/02/2009|16:04] C:\Program Files\Panasonic [29/10/2008|14:51] C:\Program Files\ProgDVB [04/10/2008|01:16] C:\Program Files\Realtek [18/12/2008|15:01] C:\Program Files\Reference Assemblies [25/01/2009|20:00] C:\Program Files\Registry Mechanic [20/11/2008|15:52] C:\Program Files\Securitoo [04/10/2008|01:06] C:\Program Files\Services en ligne [14/12/2008|12:22] C:\Program Files\Smart Projects [23/12/2008|13:48] C:\Program Files\SpeedFan [04/12/2008|09:03] C:\Program Files\TomTom DesktopSuite [04/12/2008|10:07] C:\Program Files\TomTom HOME [05/11/2008|12:16] C:\Program Files\Trend Micro [04/10/2008|01:12] C:\Program Files\Uninstall Information [01/01/2009|12:04] C:\Program Files\Veetle [11/10/2008|18:05] C:\Program Files\VideoLAN [25/01/2009|19:57] C:\Program Files\Western Digital Technologies [15/01/2009|18:33] C:\Program Files\Winamp [05/10/2008|21:50] C:\Program Files\Windows Media Player [04/10/2008|01:08] C:\Program Files\Windows NT [04/10/2008|01:06] C:\Program Files\WindowsUpdate [04/10/2008|01:50] C:\Program Files\WinRAR [04/10/2008|01:51] C:\Program Files\WinZip [04/10/2008|01:08] C:\Program Files\xerox [15/01/2009|09:30] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [13/02/2009|00:55] C:\Program Files\Fichiers communs\Adobe [18/12/2008|17:47] C:\Program Files\Fichiers communs\Ahead [12/02/2009|16:09] C:\Program Files\Fichiers communs\ArcSoft [04/10/2008|01:26] C:\Program Files\Fichiers communs\ATI Technologies [04/10/2008|16:57] C:\Program Files\Fichiers communs\DESIGNER [20/11/2008|15:50] C:\Program Files\Fichiers communs\France Telecom [04/10/2008|01:22] C:\Program Files\Fichiers communs\InstallShield [18/12/2008|18:24] C:\Program Files\Fichiers communs\LightScribe [11/11/2008|12:22] C:\Program Files\Fichiers communs\Microsoft Shared [04/10/2008|01:05] C:\Program Files\Fichiers communs\MSSoap [18/12/2008|16:51] C:\Program Files\Fichiers communs\Nero [04/10/2008|02:59] C:\Program Files\Fichiers communs\ODBC [04/10/2008|01:05] C:\Program Files\Fichiers communs\Services [21/01/2009|16:10] C:\Program Files\Fichiers communs\Simple Star Shared [04/10/2008|02:59] C:\Program Files\Fichiers communs\SpeechEngines [05/10/2008|21:50] C:\Program Files\Fichiers communs\System --------------------\\ Process ( 57 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-13 10:38:50 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections C:\DOCUME~1\angus\LOCALS~1\APPLIC~1\akgcc.dat C:\DOCUME~1\angus\LOCALS~1\APPLIC~1\akgcc.exe C:\DOCUME~1\angus\LOCALS~1\APPLIC~1\akgcc_nav.dat C:\DOCUME~1\angus\LOCALS~1\APPLIC~1\akgcc_navps.dat ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\angus\Bureau\Crack C:\DOCUME~1\angus\Bureau\Crack\keymaker.exe C:\DOCUME~1\angus\Bureau\Crack\Serial.txt C:\DOCUME~1\angus\Bureau\defragmenteur\Keygen C:\DOCUME~1\angus\Bureau\dvdfab\Crack C:\DOCUME~1\angus\Bureau\dvdfab\Crack\universal.dvdfab.platinum.5-patch.1.2.exe C:\DOCUME~1\angus\Favoris\Crackman World [Cracks]-[Gravure]-[Divx]-[Hack] Tutorial gravure securom new avec Alcohol 120%.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\APPZPLANET DOWNLOADS - WAREZ CRACKZ SERIALZ FULL APPZ GAMEZ REAL DIRECT DOWNLOAD ISO 1 FILE.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\Software cracks, serial numbers, keygens, patches. Present by TheBUGS.ws.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\Crackspider.net! Search cracks, crackz, serial numbers, keygens and patches for appz and games for pc,mac,pda software unlock c.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\NEW SERVER - Cerials.NET - Downloading - Viewing Serial.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\Welcome to crackspider.net! Search cracks, serial numbers, keygens and patches for appz and games.url C:\DOCUME~1\angus\Recent\!!_ FIFA 2009___crack and keygen.zip.lnk C:\DOCUME~1\angus\Recent\Ashampoo.Magical.Defrag.v2.34.Multilangages.Incl-Keygen.[emule-island.com].rar.lnk C:\DOCUME~1\angus\Recent\Crack Serial Fifa09.rar.lnk C:\DOCUME~1\angus\Recent\Crack.lnk C:\DOCUME~1\angus\Recent\FIFA09-Crack_Keygen.rar.lnk C:\DOCUME~1\angus\Recent\Registry.Mechanic.v7.0.0.1010.Multilangages.Incl-Keygen.[emule-island.com].rar.lnk C:\DOCUME~1\angus\Recent\[PC]Fifa09.crack.rar.lnk [F:97][D:10]-> C:\DOCUME~1\angus\LOCALS~1\Temp [F:374][D:0]-> C:\DOCUME~1\angus\Cookies [F:5511][D:10]-> C:\DOCUME~1\angus\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 13/02/2009|10:35 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 13/02/2009|10:39 - Option : [2] --------------------\\ Fin du rapport a 10:39:26
  15. --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz ) BIOS : BIOS Date: 06/26/08 15:10:24 Ver: 08.00.12 USER : angus ( Administrator ) BOOT : Normal boot Antivirus : Trend Micro Internet Security Pro 17.0.1367 (Activated) Firewall : Pare-feu personnel Trend Micro 5.5 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:68 Go (Free:52 Go) D:\ (Local Disk) - NTFS - Total:149 Go (Free:64 Go) E:\ (Local Disk) - NTFS - Total:74 Go (Free:50 Go) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) M:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( 13/02/2009|10:32 ) --------------------\\ Listing des dossiers dans APPLIC~1 [04/12/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [18/12/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [09/01/2009|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ashampoo [04/10/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI [29/10/2008|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CMUV [03/02/2009|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite [05/02/2009|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts [09/10/2008|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [13/02/2009|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [29/12/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [18/12/2008|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe [01/01/2009|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com [04/02/2009|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [11/02/2009|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [18/12/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [04/12/2008|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [05/11/2008|12:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trend Micro [21/12/2008|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk [04/10/2008|01:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [15/01/2009|09:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [15/01/2009|18:21] C:\DOCUME~1\angus\APPLIC~1\AccurateRip [13/02/2009|00:55] C:\DOCUME~1\angus\APPLIC~1\Adobe [04/02/2009|23:10] C:\DOCUME~1\angus\APPLIC~1\AdobeUM [23/12/2008|14:38] C:\DOCUME~1\angus\APPLIC~1\Ahead [12/02/2009|16:26] C:\DOCUME~1\angus\APPLIC~1\ArcSoft [04/10/2008|01:31] C:\DOCUME~1\angus\APPLIC~1\ATI [19/01/2009|13:28] C:\DOCUME~1\angus\APPLIC~1\Canon [03/02/2009|11:48] C:\DOCUME~1\angus\APPLIC~1\DAEMON Tools [03/02/2009|12:02] C:\DOCUME~1\angus\APPLIC~1\DAEMON Tools Lite [05/02/2009|11:49] C:\DOCUME~1\angus\APPLIC~1\DAEMON Tools Pro [12/02/2009|16:18] C:\DOCUME~1\angus\APPLIC~1\dvdcss [07/10/2008|20:15] C:\DOCUME~1\angus\APPLIC~1\FunWebProducts [10/10/2008|12:05] C:\DOCUME~1\angus\APPLIC~1\Google [04/10/2008|01:12] C:\DOCUME~1\angus\APPLIC~1\Identities [12/02/2009|16:02] C:\DOCUME~1\angus\APPLIC~1\InstallShield [04/02/2009|17:47] C:\DOCUME~1\angus\APPLIC~1\Leadertech [04/10/2008|01:34] C:\DOCUME~1\angus\APPLIC~1\Macromedia [04/12/2008|13:28] C:\DOCUME~1\angus\APPLIC~1\Microsoft [21/10/2008|09:28] C:\DOCUME~1\angus\APPLIC~1\Mozilla [21/01/2009|16:26] C:\DOCUME~1\angus\APPLIC~1\Nero [12/02/2009|16:11] C:\DOCUME~1\angus\APPLIC~1\Panasonic [21/01/2009|16:17] C:\DOCUME~1\angus\APPLIC~1\Simple Star [11/10/2008|18:07] C:\DOCUME~1\angus\APPLIC~1\vlc [02/02/2009|16:09] C:\DOCUME~1\angus\APPLIC~1\Vso [15/01/2009|09:30] C:\DOCUME~1\angus\APPLIC~1\Yahoo! [15/01/2009|20:02] C:\DOCUME~1\angus\APPLIC~1\???????sAppData [04/10/2008|01:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [04/10/2008|01:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [04/10/2008|01:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [13/02/2009 10:27][--ah-----] C:\WINDOWS\tasks\SA.DAT [24/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13/02/2009|00:55] C:\Program Files\Adobe [31/10/2008|11:54] C:\Program Files\Alcohol Soft [13/11/2008|13:23] C:\Program Files\APC [12/02/2009|16:06] C:\Program Files\ArcSoft [09/01/2009|01:22] C:\Program Files\Ashampoo [23/01/2009|15:14] C:\Program Files\ASUS [04/10/2008|01:28] C:\Program Files\ATI Technologies [04/10/2008|10:21] C:\Program Files\Canon [04/10/2008|01:04] C:\Program Files\ComPlus Applications [15/10/2008|09:56] C:\Program Files\DVD Decrypter [09/01/2009|13:18] C:\Program Files\DVDFab 5 [21/12/2008|10:42] C:\Program Files\DVDFab Platinum 4 [05/02/2009|12:10] C:\Program Files\Electronic Arts [13/02/2009|05:17] C:\Program Files\eMule [15/01/2009|19:36] C:\Program Files\Exact Audio Copy [12/02/2009|16:07] C:\Program Files\Fichiers communs [08/10/2008|02:06] C:\Program Files\FunWebProducts [09/10/2008|12:17] C:\Program Files\Google [29/12/2008|15:09] C:\Program Files\Grisoft [13/02/2009|00:56] C:\Program Files\InstallShield Installation Information [04/10/2008|09:42] C:\Program Files\Intel [02/01/2009|23:28] C:\Program Files\Intel Corporation [11/02/2009|22:02] C:\Program Files\Internet Explorer [23/10/2008|14:24] C:\Program Files\Logitech [01/01/2009|12:01] C:\Program Files\ma-config.com [04/10/2008|01:17] C:\Program Files\Marvell [08/10/2008|02:06] C:\Program Files\Messenger [18/10/2008|14:31] C:\Program Files\Micro Application [07/02/2009|10:45] C:\Program Files\Micros [04/10/2008|01:08] C:\Program Files\microsoft frontpage [04/10/2008|16:57] C:\Program Files\Microsoft Office [04/10/2008|16:57] C:\Program Files\Microsoft Visual Studio [04/10/2008|16:57] C:\Program Files\Microsoft Works [04/10/2008|16:57] C:\Program Files\Microsoft.NET [15/01/2009|19:45] C:\Program Files\Monkey's Audio [05/10/2008|21:52] C:\Program Files\Movie Maker [13/02/2009|00:58] C:\Program Files\Mozilla Firefox [18/12/2008|15:03] C:\Program Files\MSBuild [05/10/2008|21:52] C:\Program Files\msn [04/10/2008|01:08] C:\Program Files\msn gaming zone [07/10/2008|11:55] C:\Program Files\MSXML 4.0 [02/01/2009|11:52] C:\Program Files\MyWebSearch [21/01/2009|16:26] C:\Program Files\Nero [13/02/2009|00:56] C:\Program Files\NETGEAR XE104 Powerline Encryption Utility [04/10/2008|01:08] C:\Program Files\netmeeting [04/12/2008|09:55] C:\Program Files\NOS [20/11/2008|16:51] C:\Program Files\OrangeHSS [05/10/2008|21:50] C:\Program Files\Outlook Express [12/02/2009|16:04] C:\Program Files\Panasonic [29/10/2008|14:51] C:\Program Files\ProgDVB [04/10/2008|01:16] C:\Program Files\Realtek [18/12/2008|15:01] C:\Program Files\Reference Assemblies [25/01/2009|20:00] C:\Program Files\Registry Mechanic [20/11/2008|15:52] C:\Program Files\Securitoo [04/10/2008|01:06] C:\Program Files\Services en ligne [14/12/2008|12:22] C:\Program Files\Smart Projects [23/12/2008|13:48] C:\Program Files\SpeedFan [04/12/2008|09:03] C:\Program Files\TomTom DesktopSuite [04/12/2008|10:07] C:\Program Files\TomTom HOME [05/11/2008|12:16] C:\Program Files\Trend Micro [04/10/2008|01:12] C:\Program Files\Uninstall Information [01/01/2009|12:04] C:\Program Files\Veetle [11/10/2008|18:05] C:\Program Files\VideoLAN [25/01/2009|19:57] C:\Program Files\Western Digital Technologies [15/01/2009|18:33] C:\Program Files\Winamp [05/10/2008|21:50] C:\Program Files\Windows Media Player [04/10/2008|01:08] C:\Program Files\Windows NT [04/10/2008|01:06] C:\Program Files\WindowsUpdate [04/10/2008|01:50] C:\Program Files\WinRAR [04/10/2008|01:51] C:\Program Files\WinZip [04/10/2008|01:08] C:\Program Files\xerox [15/01/2009|09:30] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [13/02/2009|00:55] C:\Program Files\Fichiers communs\Adobe [18/12/2008|17:47] C:\Program Files\Fichiers communs\Ahead [12/02/2009|16:09] C:\Program Files\Fichiers communs\ArcSoft [04/10/2008|01:26] C:\Program Files\Fichiers communs\ATI Technologies [04/10/2008|16:57] C:\Program Files\Fichiers communs\DESIGNER [20/11/2008|15:50] C:\Program Files\Fichiers communs\France Telecom [04/10/2008|01:22] C:\Program Files\Fichiers communs\InstallShield [18/12/2008|18:24] C:\Program Files\Fichiers communs\LightScribe [11/11/2008|12:22] C:\Program Files\Fichiers communs\Microsoft Shared [04/10/2008|01:05] C:\Program Files\Fichiers communs\MSSoap [18/12/2008|16:51] C:\Program Files\Fichiers communs\Nero [04/10/2008|02:59] C:\Program Files\Fichiers communs\ODBC [04/10/2008|01:05] C:\Program Files\Fichiers communs\Services [21/01/2009|16:10] C:\Program Files\Fichiers communs\Simple Star Shared [04/10/2008|02:59] C:\Program Files\Fichiers communs\SpeechEngines [05/10/2008|21:50] C:\Program Files\Fichiers communs\System --------------------\\ Process ( 60 Processes ) IEXPLORE.EXE ~ [PID:3068] iexplore.exe ~ [PID:5568] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\angus\LOCALS~1\Temp\nsx18.tmp C:\DOCUME~1\angus\Cookies\[email protected][1].txt C:\DOCUME~1\angus\Cookies\[email protected][1].txt C:\DOCUME~1\angus\Cookies\[email protected][1].txt C:\DOCUME~1\angus\Cookies\[email protected][2].txt C:\DOCUME~1\angus\Cookies\[email protected][2].txt C:\DOCUME~1\angus\Cookies\[email protected][1].txt C:\DOCUME~1\angus\Cookies\[email protected][2].txt C:\DOCUME~1\angus\Cookies\[email protected][1].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-13 10:34:30 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections C:\DOCUME~1\angus\LOCALS~1\APPLIC~1\akgcc.dat C:\DOCUME~1\angus\LOCALS~1\APPLIC~1\akgcc.exe C:\DOCUME~1\angus\LOCALS~1\APPLIC~1\akgcc_nav.dat C:\DOCUME~1\angus\LOCALS~1\APPLIC~1\akgcc_navps.dat ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\angus\Bureau\Crack C:\DOCUME~1\angus\Bureau\Crack\keymaker.exe C:\DOCUME~1\angus\Bureau\Crack\Serial.txt C:\DOCUME~1\angus\Bureau\defragmenteur\Keygen C:\DOCUME~1\angus\Bureau\dvdfab\Crack C:\DOCUME~1\angus\Bureau\dvdfab\Crack\universal.dvdfab.platinum.5-patch.1.2.exe C:\DOCUME~1\angus\Favoris\Crackman World [Cracks]-[Gravure]-[Divx]-[Hack] Tutorial gravure securom new avec Alcohol 120%.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\APPZPLANET DOWNLOADS - WAREZ CRACKZ SERIALZ FULL APPZ GAMEZ REAL DIRECT DOWNLOAD ISO 1 FILE.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\Software cracks, serial numbers, keygens, patches. Present by TheBUGS.ws.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\Crackspider.net! Search cracks, crackz, serial numbers, keygens and patches for appz and games for pc,mac,pda software unlock c.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\NEW SERVER - Cerials.NET - Downloading - Viewing Serial.url C:\DOCUME~1\angus\Favoris\GRAVURE DVD\informatique\crack\Welcome to crackspider.net! Search cracks, serial numbers, keygens and patches for appz and games.url C:\DOCUME~1\angus\Recent\!!_ FIFA 2009___crack and keygen.zip.lnk C:\DOCUME~1\angus\Recent\Ashampoo.Magical.Defrag.v2.34.Multilangages.Incl-Keygen.[emule-island.com].rar.lnk C:\DOCUME~1\angus\Recent\Crack Serial Fifa09.rar.lnk C:\DOCUME~1\angus\Recent\Crack.lnk C:\DOCUME~1\angus\Recent\FIFA09-Crack_Keygen.rar.lnk C:\DOCUME~1\angus\Recent\Registry.Mechanic.v7.0.0.1010.Multilangages.Incl-Keygen.[emule-island.com].rar.lnk C:\DOCUME~1\angus\Recent\[PC]Fifa09.crack.rar.lnk [F:103][D:11]-> C:\DOCUME~1\angus\LOCALS~1\Temp [F:381][D:0]-> C:\DOCUME~1\angus\Cookies [F:5479][D:10]-> C:\DOCUME~1\angus\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 13/02/2009|10:35 - Option : [1] --------------------\\ Fin du rapport a 10:35:12
×
×
  • Créer...