Aller au contenu

flops

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    9

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par flops

  1. flops
    ainsi que le rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 10:54:26, on 03/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe C:\Program Files\Dell Photo AIO Printer 942\memcard.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe C:\Documents and Settings\laurence\Mes documents\hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe" O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Office2K\Office\OSA9.EXE O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.topsoftwarefeed.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.topsoftwarefeed.com/redirect.php (file missing) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
  2. flops
    salut a toi bruce lee encore merci pour ton aide... apres un long moment d'analyse voici le rapport d'AVG avec se's fichier infecter: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 10:44:29 03/12/2007 + Résultat de l'analyse: :mozilla.183:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.184:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.185:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.186:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.187:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.188:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.190:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.191:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.192:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.193:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.194:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.195:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.102:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.103:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.104:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.105:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.106:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.107:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.108:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.109:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.110:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.111:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.112:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.113:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.114:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.115:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.116:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.117:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.118:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.119:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.120:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.121:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.122:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.123:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.310:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.390:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.431:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.536:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.563:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.605:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.645:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.234:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.235:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.236:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.246:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.247:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.248:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.249:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.250:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.251:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.252:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.256:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.253:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé. :mozilla.254:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé. :mozilla.255:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé. :mozilla.158:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.159:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.220:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.221:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.222:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.223:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.224:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.16:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé. :mozilla.376:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. :mozilla.93:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.470:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé. :mozilla.471:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé. :mozilla.472:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé. :mozilla.473:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé. :mozilla.827:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.828:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.829:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.52:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.519:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.372:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.557:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.274:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. :mozilla.275:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. :mozilla.170:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.171:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.7:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé. :mozilla.49:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.50:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.51:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.341:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.342:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.343:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.344:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.345:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.346:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.347:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.679:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé. :mozilla.680:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé. :mozilla.53:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.54:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.55:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.56:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.57:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.58:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.59:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\laurence\Cookies\laurence@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\laurence\Cookies\laurence@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.15:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.17:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.18:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.19:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.20:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\laurence\Cookies\laurence@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.90:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.91:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.732:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé. :mozilla.735:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé. :mozilla.70:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.71:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.72:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.100:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.101:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.95:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.96:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.97:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.98:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.99:C:\Documents and Settings\laurence\Application Data\Mozilla\Firefox\Profiles\wis0ticl.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. Fin du rapport
  3. flops
    pouvez vous vous me confirmer si le virus est partit car moi de mon coter il est plus la merci a toi bruce lee :P
  4. flops
    salut bruce lee merci de ton aide voila le contenu: ComboFix 07-11-19.4C - laurence 2007-12-02 13:00:18.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.139 [GMT 1:00] Running from: C:\Documents and Settings\laurence\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\laurence\Bureau\CFScript.txt * Created a new restore point FILE C:\DOCUME~1\laurence\Favoris\Online Security Test.url C:\WINDOWS\system32\zcwlnic.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\DOCUME~1\laurence\Favoris\Online Security Test.url C:\WINDOWS\system32\zcwlnic.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-02 to 2007-12-02 )))))))))))))))))))))))))))))))))))) . 2007-12-01 16:17 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Talkback 2007-12-01 13:47 4,830 --a------ C:\WINDOWS\SYSTEM32\tmp.reg 2007-12-01 13:46 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe 2007-12-01 13:46 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe 2007-12-01 13:46 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe 2007-12-01 13:46 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe 2007-12-01 13:42 <REP> d-------- C:\Program Files\Navilog1 2007-12-01 11:34 51,712 --a------ C:\WINDOWS\SYSTEM32\e404d.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-02 11:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2007-12-01 07:26 --------- d-----w C:\Program Files\eMule 2007-10-15 11:38 --------- d-----w C:\Program Files\Google 2007-10-13 16:46 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-07 10:56 --------- d-----w C:\Documents and Settings\laurence\Application Data\Lavasoft 2007-04-14 13:53 40 ----a-w C:\Documents and Settings\laurence\language.dat 2006-01-05 11:13 774,144 ----a-w C:\Program Files\RngInterstitial.dll . ((((((((((((((((((((((((((((( snapshot@2007-12-01_13.55.13.87 ))))))))))))))))))))))))))))))))))))))))) . + 2007-12-02 12:03:54 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6b8.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E8249E69-A809-4544-832F-64EB65747A92}] C:\Program Files\Video Add-on\isfmdl.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00] "Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [2004-12-21 18:17] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55] "ASUS SmartDoctor"="C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe" [2005-03-24 18:28] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-23 13:16] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42] "DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 01:02] "Dell Photo AIO Printer 942"="C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe" [2004-08-31 15:19] "DellMCM"="C:\Program Files\Dell Photo AIO Printer 942\memcard.exe" [2004-07-27 15:08] "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 18:36] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-14 14:49] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-14 14:46] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-10-14 14:50] "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 12:00 C:\WINDOWS\SYSTEM32\RUNDLL32.EXE] "nwiz"="nwiz.exe" [2005-02-24 00:32 C:\WINDOWS\SYSTEM32\nwiz.exe] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [] "NvMediaCenter"="RUNDLL32.exe" [2004-08-05 12:00 C:\WINDOWS\SYSTEM32\RUNDLL32.EXE] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43] "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-11-01 17:28] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [] "LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26] "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33] "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 17:22] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 15:32] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 15:32] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-03 15:15] "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2005-04-25 13:45] [hklm\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{d66c22b6-2217-4d1a-9a90-1a54de1fc706}"= C:\WINDOWS\system32\zcwlnic.dll [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=MsgPlusLoader.dll R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-11-01 20:57:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2005-04-20 21:15:11 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job" . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-02 13:04:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-02 13:05:34 - machine was rebooted C:\ComboFix2.txt ... 2007-12-01 14:18 C:\ComboFix3.txt ... 2007-12-01 13:55 . --- E O F ---
  5. flops
    allo?
  6. flops
    persoonne
  7. flops
    merci pour la bienvenue et pour ton aide
  8. flops
    3eme rapport: ComboFix 07-11-19.4C - laurence 2007-12-01 13:49:18.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.160 [GMT 1:00] Running from: C:\Documents and Settings\laurence\Bureau\ComboFix.exe * Created a new restore point . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\laurence\Menu Démarrer\Programmes\Outerinfo C:\Documents and Settings\laurence\Menu Démarrer\Programmes\Outerinfo\Terms.lnk C:\Documents and Settings\laurence\Menu Démarrer\Programmes\Outerinfo\Uninstall.lnk C:\Program Files\outerinfo C:\Program Files\outerinfo\OinUninstall.exe C:\Program Files\outerinfo\outerinfo.ico C:\Program Files\outerinfo\Terms.rtf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_WINDOWS_LOG ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-01 to 2007-12-01 )))))))))))))))))))))))))))))))))))) . 2007-12-01 13:42 <REP> d-------- C:\Program Files\Navilog1 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-01 07:26 --------- d-----w C:\Program Files\eMule 2007-11-30 18:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2007-10-15 11:38 --------- d-----w C:\Program Files\Google 2007-10-13 16:46 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-07 10:56 --------- d-----w C:\Documents and Settings\laurence\Application Data\Lavasoft 2007-04-14 13:53 40 ----a-w C:\Documents and Settings\laurence\language.dat 2006-01-05 11:13 774,144 ----a-w C:\Program Files\RngInterstitial.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E8249E69-A809-4544-832F-64EB65747A92}] C:\Program Files\Video Add-on\isfmdl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EFAF6EA3-615D-4F83-8748-2F7A576FCEA6}"= C:\Program Files\Video Add-on\ictmdl.dll [ ] [HKEY_CLASSES_ROOT\clsid\{efaf6ea3-615d-4f83-8748-2f7a576fcea6}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EFAF6EA3-615D-4F83-8748-2F7A576FCEA6}"= C:\Program Files\Video Add-on\ictmdl.dll [ ] [HKEY_CLASSES_ROOT\clsid\{efaf6ea3-615d-4f83-8748-2f7a576fcea6}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00] "Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [2004-12-21 18:17] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55] "ASUS SmartDoctor"="C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe" [2005-03-24 18:28] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-23 13:16] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42] "DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 01:02] "Dell Photo AIO Printer 942"="C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe" [2004-08-31 15:19] "DellMCM"="C:\Program Files\Dell Photo AIO Printer 942\memcard.exe" [2004-07-27 15:08] "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 18:36] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-14 14:49] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-14 14:46] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-10-14 14:50] "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 12:00 C:\WINDOWS\SYSTEM32\RUNDLL32.EXE] "nwiz"="nwiz.exe" [2005-02-24 00:32 C:\WINDOWS\SYSTEM32\nwiz.exe] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [] "NvMediaCenter"="RUNDLL32.exe" [2004-08-05 12:00 C:\WINDOWS\SYSTEM32\RUNDLL32.EXE] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43] "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-11-01 17:28] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [] "LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26] "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33] "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 17:22] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 15:32] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 15:32] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-03 15:15] "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2005-04-25 13:45] [hklm\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{d66c22b6-2217-4d1a-9a90-1a54de1fc706}"= C:\WINDOWS\system32\zcwlnic.dll [2007-11-14 13:03 12800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "E404Helper"= {58a06fa7-a4e1-46fb-bd3b-1f5c73cd6939} - e404d.dll [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=MsgPlusLoader.dll R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - D:\Autorun.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-11-01 20:57:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2005-04-20 21:15:11 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job" . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-01 13:54:44 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-01 13:55:44 - machine was rebooted . --- E O F --- SmitFraudFix v2.256 Rapport fait à 13:59:33,50, 01/12/2007 Executé à partir de C:\Documents and Settings\laurence\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe C:\Program Files\Dell Photo AIO Printer 942\memcard.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\Navilog1\catchme.exe C:\WINDOWS\system32\CSCRIPT.EXE »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\laurence »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\laurence\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\laurence\Favoris C:\DOCUME~1\laurence\Favoris\Online Security Test.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG"'>http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG"'>http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG"'>http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG"'>http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG"'>http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG" "SubscribedURL"="http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG" "FriendlyName"="" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{d66c22b6-2217-4d1a-9a90-1a54de1fc706}"="edgers" [HKEY_CLASSES_ROOT\CLSID\{d66c22b6-2217-4d1a-9a90-1a54de1fc706}\InProcServer32] @="C:\WINDOWS\system32\zcwlnic.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{d66c22b6-2217-4d1a-9a90-1a54de1fc706}\InProcServer32] @="C:\WINDOWS\system32\zcwlnic.dll" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="MsgPlusLoader.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: ADI USB Remote NDIS Network Device #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.30.1 DNS Server Search Order: 0.0.0.0 Description: ADI USB Remote NDIS Network Device #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.30.1 DNS Server Search Order: 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin 2eme rapport:SmitFraudFix v2.256 Rapport fait à 13:59:33,50, 01/12/2007 Executé à partir de C:\Documents and Settings\laurence\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe C:\Program Files\Dell Photo AIO Printer 942\memcard.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\Navilog1\catchme.exe C:\WINDOWS\system32\CSCRIPT.EXE »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\laurence »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\laurence\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\laurence\Favoris C:\DOCUME~1\laurence\Favoris\Online Security Test.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG" "SubscribedURL"="http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG" "FriendlyName"="" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{d66c22b6-2217-4d1a-9a90-1a54de1fc706}"="edgers" [HKEY_CLASSES_ROOT\CLSID\{d66c22b6-2217-4d1a-9a90-1a54de1fc706}\InProcServer32] @="C:\WINDOWS\system32\zcwlnic.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{d66c22b6-2217-4d1a-9a90-1a54de1fc706}\InProcServer32] @="C:\WINDOWS\system32\zcwlnic.dll" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="MsgPlusLoader.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: ADI USB Remote NDIS Network Device #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.30.1 DNS Server Search Order: 0.0.0.0 Description: ADI USB Remote NDIS Network Device #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.30.1 DNS Server Search Order: 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin 1er rapport Search Navipromo version 3.3.6 commencé le 01/12/2007 à 13:59:20,28 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2900.2180 *** Recherche Programmes installés *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\laurence\Application Data *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1 *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Aucun fichier trouvé dans : - C:\WINDOWS\system32 - C:\DOCUME~1\LAURENCE\LOCALS~1\APPLIC~1 *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\WINDOWS\system32 * * Recherche dans C:\DOCUME~1\LAURENCE\LOCALS~1\APPLIC~1 * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : 3)Recherche Certificats : Certificat Egroup absent ! *** Analyse terminée le 01/12/2007 à 14:00:01,34 *** 2eme rapport: SmitFraudFix v2.256 Rapport fait à 14:01:43,64, 01/12/2007 Executé à partir de C:\Documents and Settings\laurence\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe C:\Program Files\Dell Photo AIO Printer 942\memcard.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\CSCRIPT.EXE »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\laurence »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\laurence\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\laurence\Favoris C:\DOCUME~1\laurence\Favoris\Online Security Test.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG" "SubscribedURL"="http://underground.turboblog.fr/./photos/uncategorized/skyline007.JPG" "FriendlyName"="" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{d66c22b6-2217-4d1a-9a90-1a54de1fc706}"="edgers" [HKEY_CLASSES_ROOT\CLSID\{d66c22b6-2217-4d1a-9a90-1a54de1fc706}\InProcServer32] @="C:\WINDOWS\system32\zcwlnic.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{d66c22b6-2217-4d1a-9a90-1a54de1fc706}\InProcServer32] @="C:\WINDOWS\system32\zcwlnic.dll" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="MsgPlusLoader.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: ADI USB Remote NDIS Network Device #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.30.1 DNS Server Search Order: 0.0.0.0 Description: ADI USB Remote NDIS Network Device #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.30.1 DNS Server Search Order: 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\..\{77BD98D0-4229-4431-AE1B-867603E8DC88}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\..\{955386A5-9961-4487-85E2-F23D68A1BEB1}: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  9. flops
    salut je suis infecter par ce malware et malgrer votre procedure inl est encore la. merci d'avance Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:20:16, on 01/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe C:\Program Files\Dell Photo AIO Printer 942\memcard.exe C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe C:\PROGRA~1\IZArc\IZArc.exe C:\DOCUME~1\laurence\LOCALS~1\Temp\ARCC\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: (no name) - {E8249E69-A809-4544-832F-64EB65747A92} - C:\Program Files\Video Add-on\isfmdl.dll (file missing) O3 - Toolbar: IE Custom Tools - {EFAF6EA3-615D-4F83-8748-2F7A576FCEA6} - C:\Program Files\Video Add-on\ictmdl.dll (file missing) O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe" O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [quwsvbbxaf] c:\windows\system32\quwsvbbxaf.exe quwsvbbxaf O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Outerinfo] "C:\Program Files\Outerinfo\Outerinfo.exe" O4 - HKCU\..\Run: [OuterinfoUpdate] "C:\Program Files\Outerinfo\OuterinfoUpdate.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\payer adult friend finder Web hottest videos personal player.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Office2K\Office\OSA9.EXE O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.topsoftwarefeed.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.topsoftwarefeed.com/redirect.php (file missing) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O21 - SSODL: E404Helper - {58a06fa7-a4e1-46fb-bd3b-1f5c73cd6939} - e404d.dll (file missing) O22 - SharedTaskScheduler: edgers - {d66c22b6-2217-4d1a-9a90-1a54de1fc706} - C:\WINDOWS\system32\zcwlnic.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O24 - Desktop Component 0: (no name) - http://underground.turboblog.fr/./photos/u.../skyline007.JPG -- End of file - 11429 bytes
×
×
  • Créer...