Aller au contenu

Yosra

Membres
  • Compteur de contenus

    9
  • Inscription

  • Dernière visite

Tout ce qui a été posté par Yosra

  1. Merci infiniment pour ton aide Falkra
  2. Voila!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:19:01, on 15/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\crypserv.exe c:\altera\61\quartus\bin\jtagserver.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe c:\orant\bin\oracle73.exe C:\ORANT\BIN\TNSLSNR.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\USB Disk Security\USBGuard.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Documents and Settings\YOYOOOTH\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [uSB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O15 - Trusted Zone: *.line6.net O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Altera JTAG Server (JTAGServer) - Unknown owner - c:\altera\61\quartus\bin\jtagserver.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: OracleServiceORCL - Oracle Corporation - c:\orant\bin\oracle73.exe O23 - Service: OracleStartORCL - Unknown owner - c:\orant\bin\strtdb73.exe O23 - Service: OracleTNSListener - Unknown owner - C:\ORANT\BIN\TNSLSNR.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 11432 bytes
  3. C'est bon pour HiJackThis Par contre, je n'i pas pu trouver le fichier C:\windows\system32\NetService.vbs ce n'est même pas un fichier caché
  4. Voila: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:56:12, on 14/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\crypserv.exe c:\altera\61\quartus\bin\jtagserver.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe c:\orant\bin\oracle73.exe C:\ORANT\BIN\TNSLSNR.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\USB Disk Security\USBGuard.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\YOYOOOTH\Bureau\OTMoveIt2.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\YOYOOOTH\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\NetService.vbs O4 - HKLM\..\Run: [uSB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Key Generator\pmsngr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O15 - Trusted Zone: *.line6.net O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Altera JTAG Server (JTAGServer) - Unknown owner - c:\altera\61\quartus\bin\jtagserver.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: OracleServiceORCL - Oracle Corporation - c:\orant\bin\oracle73.exe O23 - Service: OracleStartORCL - Unknown owner - c:\orant\bin\strtdb73.exe O23 - Service: OracleTNSListener - Unknown owner - C:\ORANT\BIN\TNSLSNR.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 11762 bytes
  5. Le fichier NOTEPAD.exe existe bien sous C:\WINDOWS, quant à OTMoveIt2, il donne le résultat suivant: File/Folder C:\Program Files\Key Generator not found. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09142008_182915 J'ai cherché Key Generator sous C:\Program Files mais il n'existe effectivement pas
  6. Salut Falkra J'ai effectué le scan avec SmitFraudFix mais lors de la recherche des fichiers infectés il y a eu plusieurs lignes disant que le chemin d'accès aux fichiers était incorrect, et le scan s'est terminé avec l'apparition d'une fenêtre disant que "Windowsne trouve pas '%systemRoot%\notepad.exe'... Voici le rapport: SmitFraudFix v2.349 Rapport fait à 14:21:21,87, 13/09/2008 Executé à partir de C:\Documents and Settings\YOYOOOTH\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\crypserv.exe c:\altera\61\quartus\bin\jtagserver.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe c:\orant\bin\oracle73.exe C:\ORANT\BIN\TNSLSNR.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\USB Disk Security\USBGuard.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\YOYOOOTH\Bureau\SmitfraudFix\Policies.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» %SystemRoot% »»»»»»»»»»»»»»»»»»»»»»»» %SystemRoot%\system »»»»»»»»»»»»»»»»»»»»»»»» %SystemRoot%\Web »»»»»»»»»»»»»»»»»»»»»»»» %SystemRoot%\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\YOYOOOTH »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\YOYOOOTH\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\YOYOOOTH\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! AntiXPVSTFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Intel® PRO/Wireless 2200BG Network Connection - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.2.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{07438F6C-C55E-4C6E-A284-3C62F814A410}: DhcpNameServer=192.168.2.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{07438F6C-C55E-4C6E-A284-3C62F814A410}: DhcpNameServer=192.168.2.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Le problème c'est que Gmer après avoir effectué le scan ne veut pas générer de rapport. Je ne comprends pas où est le pb.
  7. J'ai relancé Lop S&D, lancé la suppression et voila ce que ça donne : --------------------\\ Lop S&D 4.2.4-2 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® M processor 1.70GHz ) BIOS : Ver 1.00PARTTBLh USER : YOYOOOTH ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.7.1098 [VPS 080910-0] 4.7.1098 (Activated) "C:\Lop SD" ( MAJ : 08-09-2008|21:40 ) Option : [2] ( 11/09/2008| 1:50 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\YOYOOOTH\APPLIC~1\BitDownload\Data Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk Supprime! - C:\DOCUME~1\YOYOOOTH\APPLIC~1\Torrent101\Data Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Torrent101\Torrent101.lnk Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Torrent101\Uninstall Torrent101.lnk Supprime! - C:\Program Files\Torrent101\settings.ini Supprime! - C:\Program Files\Torrent101\settings.stp Supprime! - C:\Program Files\Torrent101\SkinCrafterDll.dll Supprime! - C:\Program Files\Torrent101\Skins Supprime! - C:\Program Files\Torrent101\Support Supprime! - C:\Program Files\Torrent101\Torrent101.exe Supprime! - C:\Program Files\Torrent101\Torrent101.TRC Supprime! - C:\Program Files\Torrent101\Torrent101_1.TRC Supprime! - C:\Program Files\Torrent101\TorrentManager.dll Supprime! - C:\Program Files\Torrent101\unins000.dat Supprime! - C:\Program Files\Torrent101\unins000.exe Supprime! - C:\Program Files\Torrent101\ZM Supprime! - C:\DOCUME~1\YOYOOOTH\Cookies\yoyoooth@advertstream[1].txt Supprime! - C:\DOCUME~1\YOYOOOTH\Cookies\yoyoooth@advertising[2].txt Supprime! - C:\DOCUME~1\YOYOOOTH\APPLIC~1\BitDownload Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload Supprime! - C:\Program Files\BitDownload Supprime! - C:\DOCUME~1\YOYOOOTH\APPLIC~1\Torrent101 Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Torrent101 Supprime! - C:\Program Files\Torrent101 Supprime! - C:\DOCUME~1\YOYOOOTH\APPLIC~1\ACEMOR~1 Supprime! - C:\Program Files\ACEMOR~1 - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [07/08/2005|22:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer [08/08/2005|05:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [08/08/2005|05:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [07/08/2005|22:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec [15/06/2008|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [09/08/2006|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [24/06/2007|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [28/12/2007|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth [19/09/2006|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [08/06/2006|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [07/08/2005|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi [07/08/2005|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [10/03/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [02/06/2007|04:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Line 6 [19/06/2008|15:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com [07/06/2006|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [22/05/2006|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/09/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PowerAMC 12 [10/05/2006|01:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [08/08/2005|05:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [18/07/2007|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [01/06/2007|01:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonoma Wire Works [01/08/2006|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [25/12/2006|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [14/04/2008|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [04/07/2007|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! [04/07/2007|15:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [07/08/2005|22:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer [08/08/2005|05:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [08/08/2005|05:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [07/08/2005|22:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [08/08/2005|05:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [08/08/2005|05:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [15/06/2008|15:50] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Adobe [08/05/2008|13:32] C:\DOCUME~1\YOYOOOTH\APPLIC~1\AdobeUM [10/12/2006|21:37] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Ahead [09/08/2006|15:19] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Apple Computer [28/01/2007|13:59] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Autodesk [21/08/2007|18:56] C:\DOCUME~1\YOYOOOTH\APPLIC~1\BitTorrent [21/08/2007|03:43] C:\DOCUME~1\YOYOOOTH\APPLIC~1\bsplayer [21/07/2007|15:44] C:\DOCUME~1\YOYOOOTH\APPLIC~1\dvdcss [20/09/2006|23:12] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Google [08/05/2006|22:39] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Help [21/09/2006|23:32] C:\DOCUME~1\YOYOOOTH\APPLIC~1\HP [08/08/2005|05:32] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Identities [01/11/2006|23:58] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Image Zone Express [08/05/2006|19:55] C:\DOCUME~1\YOYOOOTH\APPLIC~1\InterVideo [19/11/2006|16:13] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Leadertech [02/06/2007|04:40] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Line 6 [07/07/2006|18:14] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Macromedia [22/11/2006|21:40] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Media Player Classic [14/03/2008|00:20] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Microsoft [09/01/2007|00:31] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Mozilla [10/12/2006|18:43] C:\DOCUME~1\YOYOOOTH\APPLIC~1\NetMedia Providers [10/07/2007|16:33] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Notepad++ [01/02/2007|23:44] C:\DOCUME~1\YOYOOOTH\APPLIC~1\PLSQL Developer [10/12/2006|18:43] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Publish Providers [20/03/2008|02:32] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Real [02/08/2007|23:42] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Samsung [20/08/2008|11:02] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Skype [19/11/2006|16:14] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Sonic [10/12/2006|18:42] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Sony [13/01/2007|18:26] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Sun [09/05/2006|18:18] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Symantec [25/11/2006|11:48] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Syntrillium [23/06/2007|09:34] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Teleca [09/05/2006|18:24] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Template [10/01/2008|13:49] C:\DOCUME~1\YOYOOOTH\APPLIC~1\U3 [18/02/2007|17:21] C:\DOCUME~1\YOYOOOTH\APPLIC~1\vlc --------------------\\ Tâches planifiées dans %SystemRoot%\tasks [11/09/2008 01:40][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 10:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [23/06/2007|13:33] C:\Program Files\ACAD2000 [11/11/2007|00:50] C:\Program Files\Adobe [17/12/2006|23:59] C:\Program Files\AGEIA Technologies [01/08/2006|16:28] C:\Program Files\Alwil Software [07/08/2005|21:41] C:\Program Files\Analog Devices [21/05/2006|18:57] C:\Program Files\AngelPotion Video Codec V1 [24/06/2007|11:32] C:\Program Files\AnswerWorks 4.0 [23/06/2007|13:33] C:\Program Files\Apoint2K [07/08/2005|21:41] C:\Program Files\ATI Technologies [24/06/2007|12:43] C:\Program Files\AutoCAD 2004 [28/01/2007|13:56] C:\Program Files\Autodesk [24/06/2007|11:22] C:\Program Files\Autodesk Architectural Desktop 2004 [03/11/2006|22:44] C:\Program Files\BitTorrent [01/04/2008|15:35] C:\Program Files\Borland [04/03/2007|15:26] C:\Program Files\Cain [10/03/2008|22:21] C:\Program Files\CCleaner [19/08/2006|18:18] C:\Program Files\Collectorz.com [02/06/2007|04:42] C:\Program Files\Common Files [08/08/2005|05:32] C:\Program Files\ComPlus Applications [25/11/2006|11:54] C:\Program Files\coolpro2 [21/08/2007|03:50] C:\Program Files\DAEMON Tools [01/06/2008|13:01] C:\Program Files\Design Explorer 99 SE [24/02/2007|13:11] C:\Program Files\DFX [21/08/2007|03:33] C:\Program Files\DivX [21/05/2006|18:56] C:\Program Files\DivXCodec [28/05/2006|21:14] C:\Program Files\Dolby [03/11/2006|21:38] C:\Program Files\Easy Internet signup [18/08/2006|00:34] C:\Program Files\EasyPHP1-8 [10/07/2007|02:09] C:\Program Files\Eidos [11/09/2008|01:43] C:\Program Files\eMule [01/06/2008|12:54] C:\Program Files\Fichiers communs [17/12/2007|18:03] C:\Program Files\FLV Player [28/07/2006|01:19] C:\Program Files\Foreignword [14/10/2006|18:20] C:\Program Files\GetData [01/11/2006|22:44] C:\Program Files\Google [27/05/2006|14:39] C:\Program Files\Guitar Pro 3 Demo [05/08/2008|18:26] C:\Program Files\Guitar Pro 5 [07/08/2005|22:06] C:\Program Files\Hewlett-Packard [07/01/2007|17:26] C:\Program Files\Hijackthis [08/06/2006|11:23] C:\Program Files\Hp [23/12/2007|16:47] C:\Program Files\HPQ [05/01/2007|18:20] C:\Program Files\Image-Line [01/06/2008|12:54] C:\Program Files\InstallShield Installation Information [24/12/2007|21:37] C:\Program Files\Intel [15/08/2008|15:58] C:\Program Files\Internet Explorer [24/12/2007|21:37] C:\Program Files\InterVideo [07/08/2005|22:09] C:\Program Files\iPod [07/08/2005|22:09] C:\Program Files\iTunes [28/08/2007|23:15] C:\Program Files\IVT Corporation [17/07/2008|12:13] C:\Program Files\Java [21/08/2007|03:43] C:\Program Files\K-Lite Codec Pack [10/03/2008|23:02] C:\Program Files\Lavasoft [01/08/2006|18:10] C:\Program Files\LimeWire [02/06/2007|04:39] C:\Program Files\Line6 [19/06/2008|15:52] C:\Program Files\ma-config.com [18/07/2006|18:14] C:\Program Files\MapInfo MapX [01/02/2008|13:30] C:\Program Files\Microsoft ActiveSync [26/02/2008|12:13] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [08/08/2005|05:32] C:\Program Files\microsoft frontpage [14/03/2008|00:19] C:\Program Files\Microsoft Office [18/07/2006|18:00] C:\Program Files\Microsoft Visual Studio [07/08/2005|21:54] C:\Program Files\Microsoft Works [22/05/2006|02:56] C:\Program Files\Microsoft.NET [02/04/2008|19:10] C:\Program Files\Mikroelektronika [15/09/2006|16:22] C:\Program Files\Monkey's Audio [08/08/2005|05:32] C:\Program Files\Movie Maker [11/09/2008|01:47] C:\Program Files\Mozilla Firefox [14/03/2008|00:17] C:\Program Files\MSECache [08/08/2005|05:32] C:\Program Files\MSN [08/08/2005|05:32] C:\Program Files\MSN Gaming Zone [17/11/2006|20:42] C:\Program Files\MSXML 4.0 [24/09/2006|15:57] C:\Program Files\Nero [08/08/2005|05:32] C:\Program Files\NetMeeting [10/07/2007|16:32] C:\Program Files\Notepad++ [08/08/2005|05:32] C:\Program Files\Online Services [13/06/2007|03:36] C:\Program Files\Outlook Express [07/05/2007|13:49] C:\Program Files\PDFCreator [20/02/2008|23:23] C:\Program Files\PLSQL Developer [17/10/2006|15:56] C:\Program Files\PowerQuest [18/07/2006|18:00] C:\Program Files\Publication Web [09/08/2006|15:18] C:\Program Files\QuickTime [24/02/2007|13:13] C:\Program Files\Real [24/12/2007|21:25] C:\Program Files\SAGEM [24/12/2007|21:25] C:\Program Files\SAGEM(2) [26/10/2006|22:08] C:\Program Files\SAIG [02/08/2007|22:50] C:\Program Files\Samsung [23/06/2007|13:32] C:\Program Files\Scan Hijack This [18/07/2006|18:13] C:\Program Files\Seagate Software [07/08/2005|22:08] C:\Program Files\Services en ligne [29/06/2008|16:18] C:\Program Files\SHARE 1.0 EX2 [18/07/2007|10:40] C:\Program Files\Skype [07/08/2005|22:01] C:\Program Files\Sonic [01/06/2007|01:57] C:\Program Files\Sonoma Wire Works [10/12/2006|05:24] C:\Program Files\Sony [13/05/2008|13:13] C:\Program Files\Sun [29/08/2008|13:20] C:\Program Files\SuperCopier2 [25/10/2006|23:19] C:\Program Files\SurfOffline [06/05/2007|16:08] C:\Program Files\Sybase [01/08/2006|16:13] C:\Program Files\Symantec [21/05/2006|18:56] C:\Program Files\The Playa [08/08/2005|05:32] C:\Program Files\Uninstall Information [01/05/2008|14:11] C:\Program Files\USB Disk Security [18/02/2007|17:19] C:\Program Files\VideoLAN [27/05/2006|18:19] C:\Program Files\Volo View Express [02/06/2007|04:40] C:\Program Files\Vstplugins [27/05/2006|18:20] C:\Program Files\WexTech [10/05/2006|14:39] C:\Program Files\WIDCOMM [08/09/2006|15:38] C:\Program Files\Winamp [14/04/2008|00:26] C:\Program Files\Windows Live [10/07/2007|06:45] C:\Program Files\Windows Media Connect 2 [10/07/2007|06:45] C:\Program Files\Windows Media Player [08/08/2005|05:32] C:\Program Files\Windows NT [08/08/2005|05:32] C:\Program Files\WindowsUpdate [22/02/2007|23:14] C:\Program Files\WinPcap [09/07/2006|11:58] C:\Program Files\WinRAR [08/08/2005|05:32] C:\Program Files\xerox [24/03/2007|15:23] C:\Program Files\Xinox Software [04/07/2007|14:35] C:\Program Files\Yahoo! [09/05/2006|14:15] C:\Program Files\Zero G Registry --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [18/06/2007|14:57] C:\Program Files\Fichiers communs\Adobe [24/09/2006|15:57] C:\Program Files\Fichiers communs\Ahead [24/06/2007|11:32] C:\Program Files\Fichiers communs\Autodesk Shared [01/04/2008|15:34] C:\Program Files\Fichiers communs\Borland Shared [24/06/2007|11:18] C:\Program Files\Fichiers communs\DESIGNER [08/06/2006|11:19] C:\Program Files\Fichiers communs\Hewlett-Packard [08/06/2006|11:23] C:\Program Files\Fichiers communs\HP [07/08/2005|22:02] C:\Program Files\Fichiers communs\InstallShield [01/06/2007|02:07] C:\Program Files\Fichiers communs\Java [27/05/2006|18:20] C:\Program Files\Fichiers communs\LHSPF [07/08/2005|22:09] C:\Program Files\Fichiers communs\LightScribe [24/06/2007|11:34] C:\Program Files\Fichiers communs\Macrovision Shared [05/07/2008|16:10] C:\Program Files\Fichiers communs\Microsoft Shared [08/08/2005|05:32] C:\Program Files\Fichiers communs\MSSoap [01/06/2008|12:54] C:\Program Files\Fichiers communs\Novell Shared [08/08/2005|05:32] C:\Program Files\Fichiers communs\ODBC [24/02/2007|13:13] C:\Program Files\Fichiers communs\Real [08/08/2005|05:32] C:\Program Files\Fichiers communs\Services [18/07/2007|10:40] C:\Program Files\Fichiers communs\Skype [07/08/2005|22:01] C:\Program Files\Fichiers communs\Sonic Shared [08/08/2005|05:32] C:\Program Files\Fichiers communs\SpeechEngines [07/08/2005|22:01] C:\Program Files\Fichiers communs\SureThing Shared [13/06/2007|03:45] C:\Program Files\Fichiers communs\System [04/07/2007|16:23] C:\Program Files\Fichiers communs\Teleca Shared [07/08/2005|22:01] C:\Program Files\Fichiers communs\TiVo Shared [10/06/2006|22:51] C:\Program Files\Fichiers communs\Wextech Shared [25/02/2008|00:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller [10/03/2008|23:02] C:\Program Files\Fichiers communs\Wise Installation Wizard [24/02/2007|13:13] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 59 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\YOYOOOTH\Cookies\yoyoooth@advertising[3].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 71 [ 70 ## added by CiD ] --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-11 01:52:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 56 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\YOYOOOTH\Bureau\dali\circuit logique\PROTEL99\CRACK C:\DOCUME~1\YOYOOOTH\Bureau\dali\circuit logique\PROTEL99\CRACK\PROTEL99_SERVICEPACK_6.EXE C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php.htm C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\rational rose\crack rationnal rose C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\rational rose\crack rationnal rose\rational_perm.txt C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\acceuil-bt2-mini.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ads.htm C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ads_002.htm C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002 C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aircrack-crack-en-court.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aircrack-key-found.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aircrack-ptw-45k.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aircrack-selection-reseau.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-3-millieu.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-ARP-injection.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-attente-ARP.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-fakeauth-60s.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-sending-authtification-request.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airmon-ng.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airmon-ng_002.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-exemple-reseau-wifi-non-crypte.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-lien-pour-parametre-de-aireplay.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-1.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-180k.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-channel2.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-injection-start.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\console.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\drapeau-en.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-capture-paquets-en-cour.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-config-clef-wep-pr-decrypter-paquets.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-config-options-capture.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-ip-trouver-plein.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-paquet-decrypter-ip-trouve.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\flechefaq.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\header-tuto-fr.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\hit.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ifconfig-airmon-ng.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ifconfig-changer-adresse-mac.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\install-ptw-2.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\install-ptw-3.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\install-ptw1.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-ath0.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-changer-clef-wep2.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-passage-mode-managed.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\iwconfig.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\login-bt2.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\pixel.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\show_ads.js C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\style.css C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\urchin.js C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\x-click-but04.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002\abg-fr-100c-000000.png [F:5115][D:382]-> C:\DOCUME~1\YOYOOOTH\LOCALS~1\Temp [F:545][D:0]-> C:\DOCUME~1\YOYOOOTH\Cookies [F:6848][D:104]-> C:\DOCUME~1\YOYOOOTH\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|20:12 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 09/09/2008|20:21 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - 11/09/2008| 1:57 - Option : [2] --------------------\\ Fin du rapport a 1:57:04 Et voici le log Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:00:16, on 11/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\crypserv.exe c:\altera\61\quartus\bin\jtagserver.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe c:\orant\bin\oracle73.exe C:\ORANT\BIN\TNSLSNR.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\YOYOOOTH\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\NetService.vbs O4 - HKLM\..\Run: [uSB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Key Generator\pmsngr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O15 - Trusted Zone: *.line6.net O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Altera JTAG Server (JTAGServer) - Unknown owner - c:\altera\61\quartus\bin\jtagserver.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: OracleServiceORCL - Oracle Corporation - c:\orant\bin\oracle73.exe O23 - Service: OracleStartORCL - Unknown owner - c:\orant\bin\strtdb73.exe O23 - Service: OracleTNSListener - Unknown owner - C:\ORANT\BIN\TNSLSNR.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 11391 bytes Merci
  8. Merci Falkra J'ai suivi tes instructions et voici le log obtenu: --------------------\\ Lop S&D 4.2.4-2 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® M processor 1.70GHz ) BIOS : Ver 1.00PARTTBLh USER : YOYOOOTH ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.7.1098 [VPS 080908-0] 4.7.1098 (Not Activated) "C:\Lop SD" ( MAJ : 08-09-2008|21:40 ) Option : [1] ( 09/09/2008|20:15 ) --------------------\\ Listing des dossiers dans APPLIC~1 [07/08/2005|22:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer [08/08/2005|05:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [08/08/2005|05:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [07/08/2005|22:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec [15/06/2008|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [09/08/2006|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [24/06/2007|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [28/12/2007|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth [19/09/2006|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [08/06/2006|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [07/08/2005|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi [07/08/2005|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [10/03/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [02/06/2007|04:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Line 6 [19/06/2008|15:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com [07/06/2006|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [22/05/2006|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/09/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PowerAMC 12 [10/05/2006|01:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [08/08/2005|05:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [18/07/2007|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [01/06/2007|01:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonoma Wire Works [01/08/2006|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [25/12/2006|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [14/04/2008|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [04/07/2007|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! [04/07/2007|15:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [07/08/2005|22:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer [08/08/2005|05:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [08/08/2005|05:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [07/08/2005|22:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [08/08/2005|05:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [08/08/2005|05:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [29/07/2007|23:54] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Ace More User [15/06/2008|15:50] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Adobe [08/05/2008|13:32] C:\DOCUME~1\YOYOOOTH\APPLIC~1\AdobeUM [10/12/2006|21:37] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Ahead [09/08/2006|15:19] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Apple Computer [28/01/2007|13:59] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Autodesk [10/07/2007|02:14] C:\DOCUME~1\YOYOOOTH\APPLIC~1\BitDownload [21/08/2007|18:56] C:\DOCUME~1\YOYOOOTH\APPLIC~1\BitTorrent [21/08/2007|03:43] C:\DOCUME~1\YOYOOOTH\APPLIC~1\bsplayer [21/07/2007|15:44] C:\DOCUME~1\YOYOOOTH\APPLIC~1\dvdcss [20/09/2006|23:12] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Google [08/05/2006|22:39] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Help [21/09/2006|23:32] C:\DOCUME~1\YOYOOOTH\APPLIC~1\HP [08/08/2005|05:32] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Identities [01/11/2006|23:58] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Image Zone Express [08/05/2006|19:55] C:\DOCUME~1\YOYOOOTH\APPLIC~1\InterVideo [19/11/2006|16:13] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Leadertech [02/06/2007|04:40] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Line 6 [07/07/2006|18:14] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Macromedia [22/11/2006|21:40] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Media Player Classic [14/03/2008|00:20] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Microsoft [09/01/2007|00:31] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Mozilla [10/12/2006|18:43] C:\DOCUME~1\YOYOOOTH\APPLIC~1\NetMedia Providers [10/07/2007|16:33] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Notepad++ [01/02/2007|23:44] C:\DOCUME~1\YOYOOOTH\APPLIC~1\PLSQL Developer [10/12/2006|18:43] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Publish Providers [20/03/2008|02:32] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Real [02/08/2007|23:42] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Samsung [20/08/2008|11:02] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Skype [19/11/2006|16:14] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Sonic [10/12/2006|18:42] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Sony [13/01/2007|18:26] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Sun [09/05/2006|18:18] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Symantec [25/11/2006|11:48] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Syntrillium [23/06/2007|09:34] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Teleca [09/05/2006|18:24] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Template [07/01/2007|02:59] C:\DOCUME~1\YOYOOOTH\APPLIC~1\Torrent101 [10/01/2008|13:49] C:\DOCUME~1\YOYOOOTH\APPLIC~1\U3 [18/02/2007|17:21] C:\DOCUME~1\YOYOOOTH\APPLIC~1\vlc --------------------\\ Tâches planifiées dans %SystemRoot%\tasks [09/09/2008 19:26][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 10:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [23/06/2007|13:33] C:\Program Files\ACAD2000 [10/07/2007|02:14] C:\Program Files\Ace More User [11/11/2007|00:50] C:\Program Files\Adobe [17/12/2006|23:59] C:\Program Files\AGEIA Technologies [01/08/2006|16:28] C:\Program Files\Alwil Software [07/08/2005|21:41] C:\Program Files\Analog Devices [21/05/2006|18:57] C:\Program Files\AngelPotion Video Codec V1 [24/06/2007|11:32] C:\Program Files\AnswerWorks 4.0 [23/06/2007|13:33] C:\Program Files\Apoint2K [07/08/2005|21:41] C:\Program Files\ATI Technologies [24/06/2007|12:43] C:\Program Files\AutoCAD 2004 [28/01/2007|13:56] C:\Program Files\Autodesk [24/06/2007|11:22] C:\Program Files\Autodesk Architectural Desktop 2004 [10/07/2007|02:17] C:\Program Files\BitDownload [03/11/2006|22:44] C:\Program Files\BitTorrent [01/04/2008|15:35] C:\Program Files\Borland [04/03/2007|15:26] C:\Program Files\Cain [10/03/2008|22:21] C:\Program Files\CCleaner [19/08/2006|18:18] C:\Program Files\Collectorz.com [02/06/2007|04:42] C:\Program Files\Common Files [08/08/2005|05:32] C:\Program Files\ComPlus Applications [25/11/2006|11:54] C:\Program Files\coolpro2 [21/08/2007|03:50] C:\Program Files\DAEMON Tools [01/06/2008|13:01] C:\Program Files\Design Explorer 99 SE [24/02/2007|13:11] C:\Program Files\DFX [21/08/2007|03:33] C:\Program Files\DivX [21/05/2006|18:56] C:\Program Files\DivXCodec [28/05/2006|21:14] C:\Program Files\Dolby [03/11/2006|21:38] C:\Program Files\Easy Internet signup [18/08/2006|00:34] C:\Program Files\EasyPHP1-8 [10/07/2007|02:09] C:\Program Files\Eidos [09/09/2008|19:30] C:\Program Files\eMule [01/06/2008|12:54] C:\Program Files\Fichiers communs [17/12/2007|18:03] C:\Program Files\FLV Player [28/07/2006|01:19] C:\Program Files\Foreignword [14/10/2006|18:20] C:\Program Files\GetData [01/11/2006|22:44] C:\Program Files\Google [27/05/2006|14:39] C:\Program Files\Guitar Pro 3 Demo [05/08/2008|18:26] C:\Program Files\Guitar Pro 5 [07/08/2005|22:06] C:\Program Files\Hewlett-Packard [07/01/2007|17:26] C:\Program Files\Hijackthis [08/06/2006|11:23] C:\Program Files\Hp [23/12/2007|16:47] C:\Program Files\HPQ [05/01/2007|18:20] C:\Program Files\Image-Line [01/06/2008|12:54] C:\Program Files\InstallShield Installation Information [24/12/2007|21:37] C:\Program Files\Intel [15/08/2008|15:58] C:\Program Files\Internet Explorer [24/12/2007|21:37] C:\Program Files\InterVideo [07/08/2005|22:09] C:\Program Files\iPod [07/08/2005|22:09] C:\Program Files\iTunes [28/08/2007|23:15] C:\Program Files\IVT Corporation [17/07/2008|12:13] C:\Program Files\Java [21/08/2007|03:43] C:\Program Files\K-Lite Codec Pack [10/03/2008|23:02] C:\Program Files\Lavasoft [01/08/2006|18:10] C:\Program Files\LimeWire [02/06/2007|04:39] C:\Program Files\Line6 [19/06/2008|15:52] C:\Program Files\ma-config.com [18/07/2006|18:14] C:\Program Files\MapInfo MapX [01/02/2008|13:30] C:\Program Files\Microsoft ActiveSync [26/02/2008|12:13] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [08/08/2005|05:32] C:\Program Files\microsoft frontpage [14/03/2008|00:19] C:\Program Files\Microsoft Office [18/07/2006|18:00] C:\Program Files\Microsoft Visual Studio [07/08/2005|21:54] C:\Program Files\Microsoft Works [22/05/2006|02:56] C:\Program Files\Microsoft.NET [02/04/2008|19:10] C:\Program Files\Mikroelektronika [15/09/2006|16:22] C:\Program Files\Monkey's Audio [08/08/2005|05:32] C:\Program Files\Movie Maker [09/09/2008|19:48] C:\Program Files\Mozilla Firefox [14/03/2008|00:17] C:\Program Files\MSECache [08/08/2005|05:32] C:\Program Files\MSN [08/08/2005|05:32] C:\Program Files\MSN Gaming Zone [17/11/2006|20:42] C:\Program Files\MSXML 4.0 [24/09/2006|15:57] C:\Program Files\Nero [08/08/2005|05:32] C:\Program Files\NetMeeting [10/07/2007|16:32] C:\Program Files\Notepad++ [08/08/2005|05:32] C:\Program Files\Online Services [13/06/2007|03:36] C:\Program Files\Outlook Express [07/05/2007|13:49] C:\Program Files\PDFCreator [20/02/2008|23:23] C:\Program Files\PLSQL Developer [17/10/2006|15:56] C:\Program Files\PowerQuest [18/07/2006|18:00] C:\Program Files\Publication Web [09/08/2006|15:18] C:\Program Files\QuickTime [24/02/2007|13:13] C:\Program Files\Real [24/12/2007|21:25] C:\Program Files\SAGEM [24/12/2007|21:25] C:\Program Files\SAGEM(2) [26/10/2006|22:08] C:\Program Files\SAIG [02/08/2007|22:50] C:\Program Files\Samsung [23/06/2007|13:32] C:\Program Files\Scan Hijack This [18/07/2006|18:13] C:\Program Files\Seagate Software [07/08/2005|22:08] C:\Program Files\Services en ligne [29/06/2008|16:18] C:\Program Files\SHARE 1.0 EX2 [18/07/2007|10:40] C:\Program Files\Skype [07/08/2005|22:01] C:\Program Files\Sonic [01/06/2007|01:57] C:\Program Files\Sonoma Wire Works [10/12/2006|05:24] C:\Program Files\Sony [13/05/2008|13:13] C:\Program Files\Sun [29/08/2008|13:20] C:\Program Files\SuperCopier2 [25/10/2006|23:19] C:\Program Files\SurfOffline [06/05/2007|16:08] C:\Program Files\Sybase [01/08/2006|16:13] C:\Program Files\Symantec [21/05/2006|18:56] C:\Program Files\The Playa [07/01/2007|03:00] C:\Program Files\Torrent101 [08/08/2005|05:32] C:\Program Files\Uninstall Information [01/05/2008|14:11] C:\Program Files\USB Disk Security [18/02/2007|17:19] C:\Program Files\VideoLAN [27/05/2006|18:19] C:\Program Files\Volo View Express [02/06/2007|04:40] C:\Program Files\Vstplugins [27/05/2006|18:20] C:\Program Files\WexTech [10/05/2006|14:39] C:\Program Files\WIDCOMM [08/09/2006|15:38] C:\Program Files\Winamp [14/04/2008|00:26] C:\Program Files\Windows Live [10/07/2007|06:45] C:\Program Files\Windows Media Connect 2 [10/07/2007|06:45] C:\Program Files\Windows Media Player [08/08/2005|05:32] C:\Program Files\Windows NT [08/08/2005|05:32] C:\Program Files\WindowsUpdate [22/02/2007|23:14] C:\Program Files\WinPcap [09/07/2006|11:58] C:\Program Files\WinRAR [08/08/2005|05:32] C:\Program Files\xerox [24/03/2007|15:23] C:\Program Files\Xinox Software [04/07/2007|14:35] C:\Program Files\Yahoo! [09/05/2006|14:15] C:\Program Files\Zero G Registry --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [18/06/2007|14:57] C:\Program Files\Fichiers communs\Adobe [24/09/2006|15:57] C:\Program Files\Fichiers communs\Ahead [24/06/2007|11:32] C:\Program Files\Fichiers communs\Autodesk Shared [01/04/2008|15:34] C:\Program Files\Fichiers communs\Borland Shared [24/06/2007|11:18] C:\Program Files\Fichiers communs\DESIGNER [08/06/2006|11:19] C:\Program Files\Fichiers communs\Hewlett-Packard [08/06/2006|11:23] C:\Program Files\Fichiers communs\HP [07/08/2005|22:02] C:\Program Files\Fichiers communs\InstallShield [01/06/2007|02:07] C:\Program Files\Fichiers communs\Java [27/05/2006|18:20] C:\Program Files\Fichiers communs\LHSPF [07/08/2005|22:09] C:\Program Files\Fichiers communs\LightScribe [24/06/2007|11:34] C:\Program Files\Fichiers communs\Macrovision Shared [05/07/2008|16:10] C:\Program Files\Fichiers communs\Microsoft Shared [08/08/2005|05:32] C:\Program Files\Fichiers communs\MSSoap [01/06/2008|12:54] C:\Program Files\Fichiers communs\Novell Shared [08/08/2005|05:32] C:\Program Files\Fichiers communs\ODBC [24/02/2007|13:13] C:\Program Files\Fichiers communs\Real [08/08/2005|05:32] C:\Program Files\Fichiers communs\Services [18/07/2007|10:40] C:\Program Files\Fichiers communs\Skype [07/08/2005|22:01] C:\Program Files\Fichiers communs\Sonic Shared [08/08/2005|05:32] C:\Program Files\Fichiers communs\SpeechEngines [07/08/2005|22:01] C:\Program Files\Fichiers communs\SureThing Shared [13/06/2007|03:45] C:\Program Files\Fichiers communs\System [04/07/2007|16:23] C:\Program Files\Fichiers communs\Teleca Shared [07/08/2005|22:01] C:\Program Files\Fichiers communs\TiVo Shared [10/06/2006|22:51] C:\Program Files\Fichiers communs\Wextech Shared [25/02/2008|00:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller [10/03/2008|23:02] C:\Program Files\Fichiers communs\Wise Installation Wizard [24/02/2007|13:13] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 56 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop C:\DOCUME~1\YOYOOOTH\APPLIC~1\ACEMOR~1 --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\YOYOOOTH\APPLIC~1\BitDownload C:\DOCUME~1\YOYOOOTH\APPLIC~1\BitDownload\Data C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk C:\Program Files\BitDownload C:\DOCUME~1\YOYOOOTH\APPLIC~1\Torrent101 C:\DOCUME~1\YOYOOOTH\APPLIC~1\Torrent101\Data C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Torrent101 C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Torrent101\Torrent101.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Torrent101\Uninstall Torrent101.lnk C:\Program Files\Torrent101 C:\Program Files\Torrent101\settings.ini C:\Program Files\Torrent101\settings.stp C:\Program Files\Torrent101\SkinCrafterDll.dll C:\Program Files\Torrent101\Skins C:\Program Files\Torrent101\Support C:\Program Files\Torrent101\Torrent101.exe C:\Program Files\Torrent101\Torrent101.TRC C:\Program Files\Torrent101\Torrent101_1.TRC C:\Program Files\Torrent101\TorrentManager.dll C:\Program Files\Torrent101\unins000.dat C:\Program Files\Torrent101\unins000.exe C:\Program Files\Torrent101\ZM C:\DOCUME~1\YOYOOOTH\Cookies\yoyoooth@advertstream[1].txt C:\DOCUME~1\YOYOOOTH\Cookies\yoyoooth@advertising[1].txt C:\DOCUME~1\YOYOOOTH\Cookies\yoyoooth@advertising[2].txt --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\amenslowwma] "DisplayName"="CiD Help" "UninstallString"="C:\\DOCUME~1\\YOYOOOTH\\APPLIC~1\\ACEMOR~1\\trans proxy.exe -uninstall" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Noun pop"="C:\\DOCUME~1\\YOYOOOTH\\APPLIC~1\\ACEMOR~1\\trans proxy.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] --------------------\\ Verification du fichier Hosts Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 71 [ 70 ## added by CiD ] --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-09 20:17:41 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 56 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\YOYOOOTH\Bureau\dali\circuit logique\PROTEL99\CRACK C:\DOCUME~1\YOYOOOTH\Bureau\dali\circuit logique\PROTEL99\CRACK\PROTEL99_SERVICEPACK_6.EXE C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php.htm C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\rational rose\crack rationnal rose C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\rational rose\crack rationnal rose\rational_perm.txt C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\acceuil-bt2-mini.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ads.htm C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ads_002.htm C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002 C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aircrack-crack-en-court.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aircrack-key-found.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aircrack-ptw-45k.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aircrack-selection-reseau.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-3-millieu.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-ARP-injection.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-attente-ARP.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-fakeauth-60s.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\aireplay-sending-authtification-request.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airmon-ng.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airmon-ng_002.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-exemple-reseau-wifi-non-crypte.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-lien-pour-parametre-de-aireplay.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-1.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-180k.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-channel2.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-injection-start.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\console.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\drapeau-en.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-capture-paquets-en-cour.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-config-clef-wep-pr-decrypter-paquets.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-config-options-capture.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-ip-trouver-plein.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ethereal-paquet-decrypter-ip-trouve.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\flechefaq.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\header-tuto-fr.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\hit.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ifconfig-airmon-ng.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ifconfig-changer-adresse-mac.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\install-ptw-2.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\install-ptw-3.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\install-ptw1.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-ath0.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-changer-clef-wep2.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-passage-mode-managed.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\iwconfig.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\login-bt2.png C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\pixel.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\show_ads.js C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\style.css C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\urchin.js C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\x-click-but04.gif C:\DOCUME~1\YOYOOOTH\Mes documents\IF5\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002\abg-fr-100c-000000.png [F:5100][D:381]-> C:\DOCUME~1\YOYOOOTH\LOCALS~1\Temp [F:543][D:0]-> C:\DOCUME~1\YOYOOOTH\Cookies [F:4648][D:100]-> C:\DOCUME~1\YOYOOOTH\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|20:12 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 09/09/2008|20:21 - Option : [1] --------------------\\ Fin du rapport a 20:21:18
  9. Bonsoir Mon PC est très lent depuis un moment et je soupçonne des virus d'en être responsable. Pounve-vous m'aider à m'en assurer et à m'en débarrasser ? Voici le rapport Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:33:32, on 09/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\crypserv.exe c:\altera\61\quartus\bin\jtagserver.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe c:\orant\bin\oracle73.exe C:\ORANT\BIN\TNSLSNR.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\USB Disk Security\USBGuard.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\YOYOOOTH\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\NetService.vbs O4 - HKLM\..\Run: [uSB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [Noun pop] C:\DOCUME~1\YOYOOOTH\APPLIC~1\ACEMOR~1\trans proxy.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Key Generator\pmsngr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O15 - Trusted Zone: *.line6.net O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Altera JTAG Server (JTAGServer) - Unknown owner - c:\altera\61\quartus\bin\jtagserver.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: OracleServiceORCL - Oracle Corporation - c:\orant\bin\oracle73.exe O23 - Service: OracleStartORCL - Unknown owner - c:\orant\bin\strtdb73.exe O23 - Service: OracleTNSListener - Unknown owner - C:\ORANT\BIN\TNSLSNR.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 11752 bytes Merci
×
×
  • Créer...