alex53200

Membres

Afficher le profil Afficher son activité

Compteur de contenus
46
Inscription
le 13 septembre 2008
Dernière visite
le 22 février 2009

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par alex53200

rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

ComboFix 08-09-15.02 - alexandra louveau 2008-09-16 11:35:04.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.269 [GMT 2:00] Lancé depuis: C:\Documents and Settings\alexandra louveau\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\alexandra louveau\Bureau\CFScript.txt * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\dwimn C:\Program Files\dwimn\banif.bxz C:\Program Files\dwimn\banif.exe C:\Program Files\dwimn\barclays.bxz C:\Program Files\dwimn\barclays.exe C:\Program Files\dwimn\bbva.bxz C:\Program Files\dwimn\bbva.exe C:\Program Files\dwimn\bctf.bat C:\Program Files\dwimn\bes.bxz C:\Program Files\dwimn\bes.exe C:\Program Files\dwimn\block C:\Program Files\dwimn\bpinet.bxz C:\Program Files\dwimn\bpinet.exe C:\Program Files\dwimn\Cópia de Mswinsck.ocx C:\Program Files\dwimn\calc.exe C:\Program Files\dwimn\cgd.bxz C:\Program Files\dwimn\cgd.exe C:\Program Files\dwimn\dllhosts.exe C:\Program Files\dwimn\dwin32.ocr C:\Program Files\dwimn\iek.exe C:\Program Files\dwimn\infoseg.bxz C:\Program Files\dwimn\install\fflkc.exe C:\Program Files\dwimn\irc.exe C:\Program Files\dwimn\lg C:\Program Files\dwimn\live.exe C:\Program Files\dwimn\live.txt C:\Program Files\dwimn\locaweb.bxz C:\Program Files\dwimn\mlst.exe C:\Program Files\dwimn\mon.exe C:\Program Files\dwimn\montepio.bxz C:\Program Files\dwimn\montepio.exe C:\Program Files\dwimn\msgex.exe C:\Program Files\dwimn\Mswinsck.ocx C:\Program Files\dwimn\notfirinnndfdsfdf.dll C:\Program Files\dwimn\plugins\all.exe C:\Program Files\dwimn\plugins\bl.exe C:\Program Files\dwimn\plugins\blo.exe C:\Program Files\dwimn\plugins\block.exe C:\Program Files\dwimn\plugins\dllhosts.exe C:\Program Files\dwimn\plugins\fl.exe C:\Program Files\dwimn\plugins\irc.exe C:\Program Files\dwimn\plugins\mlst.exe C:\Program Files\dwimn\plugins\rds.exe C:\Program Files\dwimn\plugins\replay.exe C:\Program Files\dwimn\rds.exe C:\Program Files\dwimn\Readme.exe C:\Program Files\dwimn\replay.exe C:\Program Files\dwimn\scrypt.exe C:\Program Files\dwimn\sec\fx.crp C:\Program Files\dwimn\state C:\Program Files\dwimn\upfile.exe C:\Program Files\dwimn\upinfov.drv C:\Program Files\dwimn\vcdg.bat C:\Program Files\dwimn\wininfo1.vxd C:\Program Files\dwimn\wininfo2.vxd C:\Program Files\dwimn\wininfo3.vxd C:\Program Files\dwimn\WinRds\1.crp C:\Program Files\dwimn\WinRds\2.crp C:\Program Files\dwimn\WinRds\3.crp C:\Program Files\dwimn\WinRds\install.crp C:\Program Files\dwimn\WinRds\Reiniciar.crp C:\Program Files\dwimn\WinRds\termsrv.dll C:\Program Files\dwimn\zzcalc.exe C:\Program Files\dwimn\zzzaccesor.dll C:\Program Files\fwmns C:\Program Files\fwmns\bctf.bat C:\Program Files\fwmns\block C:\Program Files\fwmns\bpinet.bxz C:\Program Files\fwmns\bpinet.exe C:\Program Files\fwmns\cgd.bxz C:\Program Files\fwmns\cgd.exe C:\Program Files\fwmns\dllhosts.exe C:\Program Files\fwmns\dwin32.ocr C:\Program Files\fwmns\exitd.vxd C:\Program Files\fwmns\iek.exe C:\Program Files\fwmns\infoseg.bxz C:\Program Files\fwmns\install\fflkc.exe C:\Program Files\fwmns\irc.exe C:\Program Files\fwmns\lg C:\Program Files\fwmns\live.exe C:\Program Files\fwmns\liveoff.txt C:\Program Files\fwmns\locaweb.bxz C:\Program Files\fwmns\mlst.exe C:\Program Files\fwmns\mon.exe C:\Program Files\fwmns\montepio.bxz C:\Program Files\fwmns\montepio.exe C:\Program Files\fwmns\ms765583333 C:\Program Files\fwmns\msgex.exe C:\Program Files\fwmns\name.drv C:\Program Files\fwmns\notfirinnndfdsfdf.dll C:\Program Files\fwmns\plugins\diir.exe C:\Program Files\fwmns\rds.exe C:\Program Files\fwmns\Readme.exe C:\Program Files\fwmns\replay.exe C:\Program Files\fwmns\scrypt.exe C:\Program Files\fwmns\sec\fx.crp C:\Program Files\fwmns\state C:\Program Files\fwmns\upfile.exe C:\Program Files\fwmns\upinfod.drv C:\Program Files\fwmns\upinfov.drv C:\Program Files\fwmns\vcdg.bat C:\Program Files\fwmns\vcvn.bat C:\Program Files\fwmns\windvxsweq999888444 C:\Program Files\fwmns\wininfo1.vxd C:\Program Files\fwmns\wininfo2.vxd C:\Program Files\fwmns\wininfo3.vxd C:\Program Files\fwmns\winvxhfythg34a.rd C:\Program Files\fwmns\wmvwinwn.exe C:\Program Files\gwbdrx C:\Program Files\gwbdrx\mlst.exe C:\Program Files\Microsoft Studio Files C:\Program Files\Microsoft Studio Files\file.exe C:\Program Files\Microsoft Studio Files\ftnn987.ko C:\Program Files\skmw C:\Program Files\skmw\banif.bxz C:\Program Files\skmw\banif.exe C:\Program Files\skmw\barclays.bxz C:\Program Files\skmw\barclays.exe C:\Program Files\skmw\bbva.bxz C:\Program Files\skmw\bbva.exe C:\Program Files\skmw\bctf.bat C:\Program Files\skmw\bes.bxz C:\Program Files\skmw\bes.exe C:\Program Files\skmw\bpinet.bxz C:\Program Files\skmw\bpinet.exe C:\Program Files\skmw\cgd.bxz C:\Program Files\skmw\cgd.exe C:\Program Files\skmw\dllhosts.exe C:\Program Files\skmw\exitd.vxd C:\Program Files\skmw\iek.exe C:\Program Files\skmw\infoseg.bxz C:\Program Files\skmw\install\fflkc.exe C:\Program Files\skmw\kill.exe C:\Program Files\skmw\lg C:\Program Files\skmw\live.exe C:\Program Files\skmw\live.txt C:\Program Files\skmw\liveoff.txt C:\Program Files\skmw\locaweb.bxz C:\Program Files\skmw\mlst.exe C:\Program Files\skmw\mon.exe C:\Program Files\skmw\montepio.bxz C:\Program Files\skmw\montepio.exe C:\Program Files\skmw\ms765583333 C:\Program Files\skmw\msgex.exe C:\Program Files\skmw\Mswinsck.ocx C:\Program Files\skmw\name.drv C:\Program Files\skmw\notfirinnndfdsfdf.dll C:\Program Files\skmw\plugins\block.exe C:\Program Files\skmw\plugins\il.exe C:\Program Files\skmw\plugins\ilmmrr.exe C:\Program Files\skmw\plugins\ir.exe C:\Program Files\skmw\plugins\irc.exe C:\Program Files\skmw\plugins\k.exe C:\Program Files\skmw\rds.exe C:\Program Files\skmw\Readme.exe C:\Program Files\skmw\replay.exe C:\Program Files\skmw\scrypt.exe C:\Program Files\skmw\sec\fx.crp C:\Program Files\skmw\state C:\Program Files\skmw\upfile.exe C:\Program Files\skmw\upinfod.drv C:\Program Files\skmw\upinfov.drv C:\Program Files\skmw\vcdg.bat C:\Program Files\skmw\windvxsweq999888444 C:\Program Files\skmw\wininfo1.vxd C:\Program Files\skmw\wininfo2.vxd C:\Program Files\skmw\wininfo3.vxd C:\Program Files\skmw\WinRds\1.crp C:\Program Files\skmw\WinRds\2.crp C:\Program Files\skmw\WinRds\3.crp C:\Program Files\skmw\WinRds\install.crp C:\Program Files\skmw\WinRds\Reiniciar.crp C:\Program Files\skmw\WinRds\termsrv.dll C:\Program Files\skmw\winvxhfythg34a.rd C:\WINDOWS\Downloaded Program Files\Popcap.dll C:\WINDOWS\Downloaded Program Files\Popcap.inf . ((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-16 au 2008-09-16 )))))))))))))))))))))))))))))))))))) . 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Malwarebytes 2008-09-13 21:07 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-09-13 21:07 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-09-13 19:32 . 2008-09-14 07:33 <REP> d-------- C:\Program Files\Studio-Scrap 2008-09-13 19:32 . 2008-09-14 07:25 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Studio-Scrap 2008-09-13 17:48 . 2008-09-13 21:05 <REP> d-------- C:\Lop SD 2008-09-13 17:25 . 2008-09-13 17:25 <REP> d-------- C:\Program Files\Trend Micro 2008-09-13 12:37 . 2008-09-14 10:46 <REP> d-------- C:\Program Files\Navilog1 2008-09-13 09:42 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-09-13 09:36 . 2008-09-13 09:36 13,502 --a------ C:\WINDOWS\system32\JambaIconFR.ico 2008-09-13 09:35 . 2008-09-13 09:35 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico 2008-09-13 09:25 . 2008-09-13 09:25 <REP> d-------- C:\Program Files\OINAnalytics 2008-09-12 18:57 . 2008-09-12 18:57 <REP> d-------- C:\Program Files\SEC 2008-09-12 18:57 . 2003-02-24 16:20 827,392 -ra------ C:\WINDOWS\system32\Flash.ocx 2008-09-12 18:57 . 2005-10-21 07:25 13,396 --a------ C:\WINDOWS\system32\drivers\MTictwl.sys 2008-09-12 18:56 . 2008-09-12 18:57 <REP> d-------- C:\Program Files\MagicTune Premium 2008-09-12 15:26 . 2008-09-12 15:26 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-09-12 15:26 . 2008-09-12 15:26 1,409 --a------ C:\WINDOWS\QTFont.for 2008-09-12 15:25 . 2008-09-12 15:25 <REP> d-------- C:\Program Files\Apple Software Update 2008-09-12 15:25 . 2008-09-12 15:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2008-09-12 15:11 . 2008-09-12 17:55 <REP> d-------- C:\Program Files\Avanquest update 2008-09-12 15:11 . 2008-09-12 15:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software 2008-09-12 15:11 . 2007-11-02 12:47 109,992 --a------ C:\WINDOWS\system32\drivers\s916mdm.sys 2008-09-12 15:11 . 2007-11-02 12:47 103,976 --a------ C:\WINDOWS\system32\drivers\s916mgmt.sys 2008-09-12 15:11 . 2007-11-02 12:47 100,008 --a------ C:\WINDOWS\system32\drivers\s916obex.sys 2008-09-12 15:11 . 2007-11-02 12:47 83,496 --a------ C:\WINDOWS\system32\drivers\s916bus.sys 2008-09-12 15:11 . 2007-11-02 12:47 15,016 --a------ C:\WINDOWS\system32\drivers\s916mdfl.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916whnt.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916wh.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916cmnt.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916cm.sys 2008-09-12 15:09 . 2008-09-12 15:15 <REP> d-------- C:\Program Files\Sony Ericsson 2008-09-12 15:09 . 2008-09-12 15:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-09-12 13:24 . 2008-09-12 13:24 379 --a------ C:\WINDOWS\ODBC.INI 2008-09-12 13:08 . 2008-09-12 13:08 <REP> d-------- C:\Program Files\Microsoft ActiveSync 2008-09-12 13:06 . 2008-09-12 13:06 <REP> d-------- C:\Program Files\Fichiers communs\L&H 2008-09-11 23:52 . 2008-09-13 09:52 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\WinButler 2008-09-10 22:32 . 2008-09-10 22:52 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\OfficeUpdate12 2008-09-10 20:51 . 2008-09-12 15:42 <REP> d-------- C:\WINDOWS\SHELLNEW 2008-09-10 10:49 . 2008-09-10 17:53 <REP> d-------- C:\Program Files\Conduit 2008-08-28 16:19 . 2008-08-28 16:19 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Apple Computer 2008-08-25 14:31 . 2008-08-25 14:31 524,288 --a------ C:\WINDOWS\opuc.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-16 10:17 --------- d-----w C:\Program Files\Wanadoo 2008-09-15 22:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-09-12 18:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-12 16:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-12 16:49 --------- d-----w C:\Program Files\EPSON 2008-09-12 16:04 --------- d-----w C:\Program Files\Encore 2008-09-12 16:04 --------- d-----w C:\Program Files\EA GAMES 2008-09-12 16:01 --------- d-----w C:\Program Files\eMule 2008-09-12 13:43 --------- d-----w C:\Program Files\Microsoft Works 2008-09-12 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-09-12 13:31 --------- d-----w C:\Program Files\QuickTime 2008-09-12 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-09-11 21:59 --------- d-----w C:\Program Files\TomTom HOME 2 2008-09-10 16:23 --------- d-----w C:\Program Files\BoontyGames 2008-09-10 16:07 --------- d-----w C:\Program Files\Windows Live 2008-09-06 19:38 --------- d-----w C:\Documents and Settings\alexandra louveau\Application Data\OpenOffice.org2 2008-09-02 08:24 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-08-03 13:32 --------- d-----w C:\Program Files\OpenOffice.org 2.4 2008-08-03 11:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom 2008-08-03 11:02 --------- d-----w C:\Documents and Settings\alexandra louveau\Application Data\TomTom 2008-07-25 21:56 --------- d-----w C:\Program Files\Java 2007-12-06 10:04 480,848 ----a-w C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe 2007-07-04 09:57 98 ----a-w C:\Program Files\INSTALL.LOG 2006-12-28 14:41 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2007-12-14 16:36 88 --sh--r C:\WINDOWS\system32\95B45B3E5A.sys 2007-12-14 16:36 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot@2008-09-14_20.20.23.70 ))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B221E01-F517-4959-8C41-81948E7F2F17}] 2008-09-12 15:22 249856 --a------ C:\Program Files\OINAnalytics\OINAnalytics.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 15360] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VX3000"="C:\WINDOWS\vVX3000.exe" [2006-10-13 707376] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768] "C-Media Mixer"="Mixer.exe" [2003-03-20 C:\WINDOWS\mixer.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 15360] "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.mpng"= C:\Program Files\t@b\0.957\686\tabdec.dll "vidc.mvjp"= C:\Program Files\t@b\0.957\686\tabdec.dll "vidc.444p"= C:\Program Files\t@b\0.957\686\tabdec.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GammaTray.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\GammaTray.lnk backup=C:\WINDOWS\pss\GammaTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NCProTray.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NCProTray.lnk backup=C:\WINDOWS\pss\NCProTray.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChristmasTree] --a------ 2007-12-07 23:36 844800 C:\Program Files\ChristmasTree\ChristmasTree.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam] --a------ 2006-10-13 17:01 277296 C:\Program Files\Microsoft LifeCam\LifeExp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-10-19 20:16 286720 C:\Program Files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] --------- 2008-02-20 17:19 360448 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-04-02 20:39 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2008-05-06 10:42 202088 C:\Program Files\TomTom HOME 2\HOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] --------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\coktel\\ADI5\\TTS\\SpeechCube.exe"= "C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "C:\\Program Files\\MagicTune Premium\\MagicTune.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6346:TCP"= 6346:TCP:shareaza R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 63352] R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664] S3 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-02-10 69120] S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s916mdm.sys [2007-11-02 109992] S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976] S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s916obex.sys [2007-11-02 100008] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb2b9f9a-6148-11dd-aee6-000b6b6fbb93}] \Shell\AutoRun\command - J:\InstallTomTomHOME.exe . Contenu du dossier 'Tƒches planifi‚es' . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-wmvwinwn - C:\Program Files\fwmns\wmvwinwn.exe ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-16 12:17:38 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cach‚s ... Recherche d'‚l‚ments en d‚marrage automatique cach‚s ... Recherche de fichiers cach‚s ... Scan termin‚ avec succŠs Fichiers cach‚s: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\FTRTSVC.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\MagicTune Premium\MagicTuneEngine.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\Program Files\MagicTune Premium\MagicTune.exe C:\ComboFix\pv.cfexe . ************************************************************************** . Heure de fin: 2008-09-16 12:26:46 - La machine a red‚marr‚ [alexandra louveau] ComboFix-quarantined-files.txt 2008-09-16 10:26:43 ComboFix2.txt 2008-09-15 16:50:11 ComboFix3.txt 2008-09-14 18:20:43 Avant-CF: 105,632,169,984 octets libres AprŠs-CF: 105,595,506,688 octets libres 377 --- E O F --- 2008-09-15 11:05:33 je nai pa d'anti virus dois je en telecharger un et lekel ?? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:44:06, on 16/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\MagicTune Premium\MagicTuneEngine.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\vVX3000.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\MagicTune Premium\MagicTune.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: OIN Analytics - {6B221E01-F517-4959-8C41-81948E7F2F17} - C:\Program Files\OINAnalytics\OINAnalytics.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://*.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} (Oberon ActiveX Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://bb53france.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/net/Import/ImageUploader4.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.fr/downloads/BUM/B..._2/axofupld.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/onl...mjolauncher.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.wistiti.fr/ImageUploader4.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://www.photoways.com/assets/aurigma/ImageUploader4.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} (PopcapLoader Object) - http://jeuxenligne.orange.fr/orange2.0/Onl...zuma/Popcap.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3EEF2D7A-86AA-405F-B14F-467493A062DE}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe -- End of file - 9439 bytes
- le 16 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

ComboFix 08-09-14.06 - alexandra louveau 2008-09-15 18:42:02.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.227 [GMT 2:00] Lancé depuis: C:\Documents and Settings\alexandra louveau\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\alexandra louveau\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe * Un nouveau point de restauration a été créé . ((((((((((((((((((((((((((((( Fichiers créés du 2008-08-15 au 2008-09-15 )))))))))))))))))))))))))))))))))))) . 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Malwarebytes 2008-09-13 21:07 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-09-13 21:07 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-09-13 19:32 . 2008-09-14 07:33 <REP> d-------- C:\Program Files\Studio-Scrap 2008-09-13 19:32 . 2008-09-14 07:25 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Studio-Scrap 2008-09-13 17:48 . 2008-09-13 21:05 <REP> d-------- C:\Lop SD 2008-09-13 17:25 . 2008-09-13 17:25 <REP> d-------- C:\Program Files\Trend Micro 2008-09-13 12:37 . 2008-09-14 10:46 <REP> d-------- C:\Program Files\Navilog1 2008-09-13 09:42 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-09-13 09:36 . 2008-09-13 09:36 13,502 --a------ C:\WINDOWS\system32\JambaIconFR.ico 2008-09-13 09:35 . 2008-09-13 09:35 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico 2008-09-13 09:25 . 2008-09-13 09:25 <REP> d-------- C:\Program Files\OINAnalytics 2008-09-12 18:57 . 2008-09-12 18:57 <REP> d-------- C:\Program Files\SEC 2008-09-12 18:57 . 2003-02-24 16:20 827,392 -ra------ C:\WINDOWS\system32\Flash.ocx 2008-09-12 18:57 . 2005-10-21 07:25 13,396 --a------ C:\WINDOWS\system32\drivers\MTictwl.sys 2008-09-12 18:56 . 2008-09-12 18:57 <REP> d-------- C:\Program Files\MagicTune Premium 2008-09-12 15:26 . 2008-09-12 15:26 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-09-12 15:26 . 2008-09-12 15:26 1,409 --a------ C:\WINDOWS\QTFont.for 2008-09-12 15:25 . 2008-09-12 15:25 <REP> d-------- C:\Program Files\Apple Software Update 2008-09-12 15:25 . 2008-09-12 15:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2008-09-12 15:11 . 2008-09-12 17:55 <REP> d-------- C:\Program Files\Avanquest update 2008-09-12 15:11 . 2008-09-12 15:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software 2008-09-12 15:11 . 2007-11-02 12:47 109,992 --a------ C:\WINDOWS\system32\drivers\s916mdm.sys 2008-09-12 15:11 . 2007-11-02 12:47 103,976 --a------ C:\WINDOWS\system32\drivers\s916mgmt.sys 2008-09-12 15:11 . 2007-11-02 12:47 100,008 --a------ C:\WINDOWS\system32\drivers\s916obex.sys 2008-09-12 15:11 . 2007-11-02 12:47 83,496 --a------ C:\WINDOWS\system32\drivers\s916bus.sys 2008-09-12 15:11 . 2007-11-02 12:47 15,016 --a------ C:\WINDOWS\system32\drivers\s916mdfl.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916whnt.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916wh.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916cmnt.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916cm.sys 2008-09-12 15:09 . 2008-09-12 15:15 <REP> d-------- C:\Program Files\Sony Ericsson 2008-09-12 15:09 . 2008-09-12 15:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-09-12 13:24 . 2008-09-12 13:24 379 --a------ C:\WINDOWS\ODBC.INI 2008-09-12 13:08 . 2008-09-12 13:08 <REP> d-------- C:\Program Files\Microsoft ActiveSync 2008-09-12 13:06 . 2008-09-12 13:06 <REP> d-------- C:\Program Files\Fichiers communs\L&H 2008-09-11 23:52 . 2008-09-13 09:52 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\WinButler 2008-09-10 22:32 . 2008-09-10 22:52 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\OfficeUpdate12 2008-09-10 20:51 . 2008-09-12 15:42 <REP> d-------- C:\WINDOWS\SHELLNEW 2008-09-10 10:49 . 2008-09-10 17:53 <REP> d-------- C:\Program Files\Conduit 2008-09-09 18:49 . 2008-09-15 18:18 <REP> d-------- C:\Program Files\fwmns 2008-09-04 12:10 . 2008-09-04 12:10 <REP> d-------- C:\Program Files\gwbdrx 2008-08-28 16:19 . 2008-08-28 16:19 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Apple Computer 2008-08-25 14:31 . 2008-08-25 14:31 524,288 --a------ C:\WINDOWS\opuc.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-15 16:32 --------- d-----w C:\Program Files\Wanadoo 2008-09-14 21:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-09-13 09:26 --------- d-----w C:\Program Files\Microsoft Studio Files 2008-09-12 18:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-12 16:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-12 16:49 --------- d-----w C:\Program Files\EPSON 2008-09-12 16:04 --------- d-----w C:\Program Files\Encore 2008-09-12 16:04 --------- d-----w C:\Program Files\EA GAMES 2008-09-12 16:01 --------- d-----w C:\Program Files\eMule 2008-09-12 13:43 --------- d-----w C:\Program Files\Microsoft Works 2008-09-12 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-09-12 13:31 --------- d-----w C:\Program Files\QuickTime 2008-09-12 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-09-11 21:59 --------- d-----w C:\Program Files\TomTom HOME 2 2008-09-10 16:23 --------- d-----w C:\Program Files\BoontyGames 2008-09-10 16:07 --------- d-----w C:\Program Files\Windows Live 2008-09-09 16:49 --------- d-----w C:\Program Files\skmw 2008-09-09 16:49 --------- d-----w C:\Program Files\dwimn 2008-09-06 19:38 --------- d-----w C:\Documents and Settings\alexandra louveau\Application Data\OpenOffice.org2 2008-09-02 08:24 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-08-03 13:32 --------- d-----w C:\Program Files\OpenOffice.org 2.4 2008-08-03 11:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom 2008-08-03 11:02 --------- d-----w C:\Documents and Settings\alexandra louveau\Application Data\TomTom 2008-07-27 10:32 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2008-07-25 21:56 --------- d-----w C:\Program Files\Java 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll 2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll 2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll 2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2007-12-06 10:04 480,848 ----a-w C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe 2007-07-04 09:57 98 ----a-w C:\Program Files\INSTALL.LOG 2006-12-28 14:41 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL 2007-12-14 16:36 88 --sh--r C:\WINDOWS\system32\95B45B3E5A.sys 2007-12-14 16:36 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot@2008-09-14_20.20.23.70 ))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B221E01-F517-4959-8C41-81948E7F2F17}] 2008-09-12 15:22 249856 --a------ C:\Program Files\OINAnalytics\OINAnalytics.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 15360] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880] "wmvwinwn"="C:\Program Files\fwmns\wmvwinwn.exe" [2008-09-11 745984] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VX3000"="C:\WINDOWS\vVX3000.exe" [2006-10-13 707376] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768] "C-Media Mixer"="Mixer.exe" [2003-03-20 C:\WINDOWS\mixer.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 15360] "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2006-12-28 124912] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=htqnsx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.mpng"= C:\Program Files\t@b\0.957\686\tabdec.dll "vidc.mvjp"= C:\Program Files\t@b\0.957\686\tabdec.dll "vidc.444p"= C:\Program Files\t@b\0.957\686\tabdec.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GammaTray.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\GammaTray.lnk backup=C:\WINDOWS\pss\GammaTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NCProTray.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NCProTray.lnk backup=C:\WINDOWS\pss\NCProTray.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ghvgy] C:\Documents and Settings\alexandra louveau\Application Data\?icrosoft.NET\??oolsv.exe [?] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChristmasTree] --a------ 2007-12-07 23:36 844800 C:\Program Files\ChristmasTree\ChristmasTree.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam] --a------ 2006-10-13 17:01 277296 C:\Program Files\Microsoft LifeCam\LifeExp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-10-19 20:16 286720 C:\Program Files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] --------- 2008-02-20 17:19 360448 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-04-02 20:39 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2008-05-06 10:42 202088 C:\Program Files\TomTom HOME 2\HOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wmvwinwn] --a------ 2008-09-11 20:37 745984 C:\Program Files\fwmns\wmvwinwn.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] --------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\coktel\\ADI5\\TTS\\SpeechCube.exe"= "C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\dwimn\\dllhosts.exe"= "C:\\Program Files\\fwmns\\wmvwinwn.exe"= "C:\\Program Files\\fwmns\\dllhosts.exe"= "C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "C:\\Program Files\\MagicTune Premium\\MagicTune.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6346:TCP"= 6346:TCP:shareaza R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 63352] R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664] S3 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-02-10 69120] S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s916mdm.sys [2007-11-02 109992] S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976] S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s916obex.sys [2007-11-02 100008] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb2b9f9a-6148-11dd-aee6-000b6b6fbb93}] \Shell\AutoRun\command - J:\InstallTomTomHOME.exe . Contenu du dossier 'Tâches planifiées' . . ------- Examen supplémentaire ------- . R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 R0 -: HKCU-Main,Start Page = hxxp://www.orange.fr R0 -: HKCU-Main,Default_Search_URL = hxxp://www.google.com/ie R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s O8 -: &Search O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 -: { - C:\Program Files\Messenger\msmsgs.exe O17 -: HKLM\CCS\Interface\{3EEF2D7A-86AA-405F-B14F-467493A062DE}: NameServer = 80.10.246.2,80.10.246.129 O16 -: {029FDBA6-3547-11D7-AA4C-0050BF051A00} - hxxp://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab C:\WINDOWS\Downloaded Program Files\Rawflow.ocx O16 -: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} - hxxp://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll O16 -: {5308E02B-4ABA-48E4-AA9E-8A7693661473} - hxxp://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab C:\WINDOWS\Downloaded Program Files\GameAx.inf C:\WINDOWS\Downloaded Program Files\GameEvents.dll C:\WINDOWS\Downloaded Program Files\GameAx.dll O16 -: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} - hxxp://www.wistiti.fr/ImageUploader4.cab C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader4.inf C:\WINDOWS\system32\unicows.dll C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader4.ocx O16 -: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf C:\WINDOWS\system32\unicows.dll C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx O16 -: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} - hxxp://www.photoways.com/assets/aurigma/ImageUploader4.cab C:\WINDOWS\Downloaded Program Files\ImageUploader4.inf C:\WINDOWS\system32\unicows.dll C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx O16 -: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - hxxp://jeuxenligne.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab C:\WINDOWS\Downloaded Program Files\Popcap.inf C:\WINDOWS\Downloaded Program Files\Popcap.dll O16 -: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab C:\WINDOWS\Downloaded Program Files\imikimi_cab.inf O16 -: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://wanadoofr.oberon-media.com/online2/diner_dash/DinerDash.1.0.0.58.cab C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58.inf C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-15 18:46:31 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... ************************************************************************** . Heure de fin: 2008-09-15 18:50:10 ComboFix-quarantined-files.txt 2008-09-15 16:49:04 ComboFix2.txt 2008-09-14 18:20:43 Avant-CF: 105,614,192,640 octets libres AprŠs-CF: 105,669,431,296 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn 256 --- E O F --- 2008-09-15 11:05:33 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:52:10, on 15/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\MagicTune Premium\MagicTuneEngine.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\fwmns\wmvwinwn.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: OIN Analytics - {6B221E01-F517-4959-8C41-81948E7F2F17} - C:\Program Files\OINAnalytics\OINAnalytics.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [wmvwinwn] C:\Program Files\fwmns\wmvwinwn.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://*.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} (Oberon ActiveX Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://bb53france.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/net/Import/ImageUploader4.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.fr/downloads/BUM/B..._2/axofupld.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/onl...mjolauncher.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.wistiti.fr/ImageUploader4.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://www.photoways.com/assets/aurigma/ImageUploader4.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} (PopcapLoader Object) - http://jeuxenligne.orange.fr/orange2.0/Onl...zuma/Popcap.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3EEF2D7A-86AA-405F-B14F-467493A062DE}: NameServer = 80.10.246.2,80.10.246.129 O20 - AppInit_DLLs: htqnsx.dll O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe -- End of file - 9509 bytes
- le 15 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

et dc je mets apres redemarrer windows normalement pas avec la console ?? le boulet , alex !!! mdr !!!
- le 15 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

Mon PC redemarre nickel , je le fais qd meme ???
- le 15 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

ComboFix 08-09-13.05 - alexandra louveau 2008-09-14 19:26:06.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.234 [GMT 2:00] Lancé depuis: C:\Documents and Settings\alexandra louveau\Bureau\ComboFix.exe * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\alexandra louveau\Application Data\ICROSO~1.NET C:\Documents and Settings\alexandra louveau\Local Settings\Temporary Internet Files\bestwiner.stt C:\Documents and Settings\alexandra louveau\Local Settings\Temporary Internet Files\SonLabo.WAV C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58 C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\cup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\customer_cup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\heart.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_down.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_up.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\plates.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\ticket.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\tray.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music\mainmenumusic.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_bring_check_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_food_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_order_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_diner.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_food_ready_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_gain_heart_1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_get_drinks_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_party_arrive_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pencil_write_2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pickup_food_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_rollover_1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_seat_people_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\choosedifficulty.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\credits.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_lose.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_win.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help1.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help2.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\highscores.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\mainmenu.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradegrid.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradetitle.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upsell.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_blue.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_yellow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_blue.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_yellow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_blue.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_yellow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalk.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalkup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_blue.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_yellow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancel.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancelup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career_over.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\close.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\closeup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continue.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continueover.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_blue.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_yellow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_blue.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_yellow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy_over.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift_over.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard_over.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help_over.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores_over.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_blue.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_yellow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplay.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplayover.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium_over.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfo.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfoup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off_on.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on_on.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pause.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pauseover.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quit.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgame.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgameover.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitover.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegame.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegameover.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submit.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submitup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagain.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagainover.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_over.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_up.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobal.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobalup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscore.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscoreon.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocal.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocalup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics\webcomic.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\career.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\customer.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\endless.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\global.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\powerups.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\stove.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\arrow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click2.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\grab.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\open.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\sit_legs.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\arial.mvec C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\komikaaxis.mvec C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt2top.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt4top.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_off.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on1.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on2.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdown.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdownon.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowleft.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowlefton.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowright.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowrighton.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowupon.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\p1icon.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\textedit.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\title.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_a.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_b.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_c.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_a.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_b.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_c.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_d.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_a.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_b.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_c.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_d.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fifth_level_diner.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\first_level_diner.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fourth_level_diner.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\second_level_diner.txt C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\playfirst_logo.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\background.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames\upgrade_0001.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\upgrades.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\tableshadow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\choosedifficulty.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooseplayer.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooserestaurant.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\credits.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\game.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\gothighscore.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help2.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscore.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoreinfo.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoresubmit.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelintro.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelover.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\loading.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainloop.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainmenu.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\ok.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\pause.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\style.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\tutorialintro.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upgrade.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upsell.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\webcomic.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\yesno.lua C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\gamelabsplash.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\playfirst_logo.jpg C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\strings.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\check.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\checkmark.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\clock.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closed.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closingtime.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\dollar.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\coffee.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\tables.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\wallpaper.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expert.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expertscore.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\fork_timer.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\goalcompleted.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level_career.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\score.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\sound.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staroff.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staron.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumber.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumberup.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\traynumber.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorial_character.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialarrow.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialbox.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.xml C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\drinks.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\maitred.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\oven.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\select.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\shoes.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\stereo.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\table.png C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\dinerdash.exe C:\WINDOWS\Downloaded Program Files\setup.inf C:\WINDOWS\system32\eyreqoow.ini C:\WINDOWS\system32\hpugkxok.dll C:\WINDOWS\system32\ljykmb.dll C:\WINDOWS\system32\mwndclix.dll C:\WINDOWS\system32\qgppknqt.dll C:\WINDOWS\system32\stem~1 C:\WINDOWS\system32\stem~1\??stem\ C:\WINDOWS\system32\svagsdsq.ini C:\WINDOWS\system32\sydcjmvs.dll C:\WINDOWS\system32\ywixoe.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-14 au 2008-09-14 )))))))))))))))))))))))))))))))))))) . 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Malwarebytes 2008-09-13 21:07 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-09-13 21:07 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-09-13 19:32 . 2008-09-14 07:33 <REP> d-------- C:\Program Files\Studio-Scrap 2008-09-13 19:32 . 2008-09-14 07:25 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Studio-Scrap 2008-09-13 17:48 . 2008-09-13 21:05 <REP> d-------- C:\Lop SD 2008-09-13 17:25 . 2008-09-13 17:25 <REP> d-------- C:\Program Files\Trend Micro 2008-09-13 12:37 . 2008-09-14 10:46 <REP> d-------- C:\Program Files\Navilog1 2008-09-13 09:42 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-09-13 09:36 . 2008-09-13 09:36 13,502 --a------ C:\WINDOWS\system32\JambaIconFR.ico 2008-09-13 09:35 . 2008-09-13 09:35 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico 2008-09-13 09:25 . 2008-09-13 09:25 <REP> d-------- C:\Program Files\OINAnalytics 2008-09-12 18:57 . 2008-09-12 18:57 <REP> d-------- C:\Program Files\SEC 2008-09-12 18:57 . 2003-02-24 16:20 827,392 -ra------ C:\WINDOWS\system32\Flash.ocx 2008-09-12 18:57 . 2005-10-21 07:25 13,396 --a------ C:\WINDOWS\system32\drivers\MTictwl.sys 2008-09-12 18:56 . 2008-09-12 18:57 <REP> d-------- C:\Program Files\MagicTune Premium 2008-09-12 15:26 . 2008-09-12 15:26 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-09-12 15:26 . 2008-09-12 15:26 1,409 --a------ C:\WINDOWS\QTFont.for 2008-09-12 15:25 . 2008-09-12 15:25 <REP> d-------- C:\Program Files\Apple Software Update 2008-09-12 15:25 . 2008-09-12 15:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2008-09-12 15:11 . 2008-09-12 17:55 <REP> d-------- C:\Program Files\Avanquest update 2008-09-12 15:11 . 2008-09-12 15:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software 2008-09-12 15:11 . 2007-11-02 12:47 109,992 --a------ C:\WINDOWS\system32\drivers\s916mdm.sys 2008-09-12 15:11 . 2007-11-02 12:47 103,976 --a------ C:\WINDOWS\system32\drivers\s916mgmt.sys 2008-09-12 15:11 . 2007-11-02 12:47 100,008 --a------ C:\WINDOWS\system32\drivers\s916obex.sys 2008-09-12 15:11 . 2007-11-02 12:47 83,496 --a------ C:\WINDOWS\system32\drivers\s916bus.sys 2008-09-12 15:11 . 2007-11-02 12:47 15,016 --a------ C:\WINDOWS\system32\drivers\s916mdfl.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916whnt.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916wh.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916cmnt.sys 2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916cm.sys 2008-09-12 15:09 . 2008-09-12 15:15 <REP> d-------- C:\Program Files\Sony Ericsson 2008-09-12 15:09 . 2008-09-12 15:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-09-12 13:24 . 2008-09-12 13:24 379 --a------ C:\WINDOWS\ODBC.INI 2008-09-12 13:08 . 2008-09-12 13:08 <REP> d-------- C:\Program Files\Microsoft ActiveSync 2008-09-12 13:06 . 2008-09-12 13:06 <REP> d-------- C:\Program Files\Fichiers communs\L&H 2008-09-11 23:52 . 2008-09-13 09:52 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\WinButler 2008-09-10 22:32 . 2008-09-10 22:52 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\OfficeUpdate12 2008-09-10 20:51 . 2008-09-12 15:42 <REP> d-------- C:\WINDOWS\SHELLNEW 2008-09-10 10:49 . 2008-09-10 17:53 <REP> d-------- C:\Program Files\Conduit 2008-09-09 18:49 . 2008-09-14 18:58 <REP> d-------- C:\Program Files\fwmns 2008-09-04 12:10 . 2008-09-04 12:10 <REP> d-------- C:\Program Files\gwbdrx 2008-08-28 16:19 . 2008-08-28 16:19 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Apple Computer 2008-08-25 14:31 . 2008-08-25 14:31 524,288 --a------ C:\WINDOWS\opuc.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-14 18:12 --------- d-----w C:\Program Files\Wanadoo 2008-09-13 20:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-09-13 09:26 --------- d-----w C:\Program Files\Microsoft Studio Files 2008-09-12 18:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-12 16:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-12 16:49 --------- d-----w C:\Program Files\EPSON 2008-09-12 16:04 --------- d-----w C:\Program Files\Encore 2008-09-12 16:04 --------- d-----w C:\Program Files\EA GAMES 2008-09-12 16:01 --------- d-----w C:\Program Files\eMule 2008-09-12 13:43 --------- d-----w C:\Program Files\Microsoft Works 2008-09-12 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-09-12 13:31 --------- d-----w C:\Program Files\QuickTime 2008-09-12 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-09-11 21:59 --------- d-----w C:\Program Files\TomTom HOME 2 2008-09-10 16:23 --------- d-----w C:\Program Files\BoontyGames 2008-09-10 16:07 --------- d-----w C:\Program Files\Windows Live 2008-09-09 16:49 --------- d-----w C:\Program Files\skmw 2008-09-09 16:49 --------- d-----w C:\Program Files\dwimn 2008-09-06 19:38 --------- d-----w C:\Documents and Settings\alexandra louveau\Application Data\OpenOffice.org2 2008-09-02 08:24 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-08-03 13:32 --------- d-----w C:\Program Files\OpenOffice.org 2.4 2008-08-03 11:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom 2008-08-03 11:02 --------- d-----w C:\Documents and Settings\alexandra louveau\Application Data\TomTom 2008-07-25 21:56 --------- d-----w C:\Program Files\Java 2007-12-06 10:04 480,848 ----a-w C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe 2007-07-04 09:57 98 ----a-w C:\Program Files\INSTALL.LOG 2006-12-28 14:41 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2007-12-14 16:36 88 --sh--r C:\WINDOWS\system32\95B45B3E5A.sys 2007-12-14 16:36 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B221E01-F517-4959-8C41-81948E7F2F17}] 2008-09-12 15:22 249856 --a------ C:\Program Files\OINAnalytics\OINAnalytics.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 15360] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880] "wmvwinwn"="C:\Program Files\fwmns\wmvwinwn.exe" [2008-09-11 745984] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VX3000"="C:\WINDOWS\vVX3000.exe" [2006-10-13 707376] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768] "C-Media Mixer"="Mixer.exe" [2003-03-20 C:\WINDOWS\mixer.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 15360] "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=htqnsx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.mpng"= C:\Program Files\t@b\0.957\686\tabdec.dll "vidc.mvjp"= C:\Program Files\t@b\0.957\686\tabdec.dll "vidc.444p"= C:\Program Files\t@b\0.957\686\tabdec.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GammaTray.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\GammaTray.lnk backup=C:\WINDOWS\pss\GammaTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NCProTray.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NCProTray.lnk backup=C:\WINDOWS\pss\NCProTray.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ghvgy] C:\Documents and Settings\alexandra louveau\Application Data\?icrosoft.NET\??oolsv.exe [?] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChristmasTree] --a------ 2007-12-07 23:36 844800 C:\Program Files\ChristmasTree\ChristmasTree.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam] --a------ 2006-10-13 17:01 277296 C:\Program Files\Microsoft LifeCam\LifeExp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-10-19 20:16 286720 C:\Program Files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] --------- 2008-02-20 17:19 360448 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-04-02 20:39 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2008-05-06 10:42 202088 C:\Program Files\TomTom HOME 2\HOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wmvwinwn] --a------ 2008-09-11 20:37 745984 C:\Program Files\fwmns\wmvwinwn.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] --------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\coktel\\ADI5\\TTS\\SpeechCube.exe"= "C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\dwimn\\dllhosts.exe"= "C:\\Program Files\\fwmns\\wmvwinwn.exe"= "C:\\Program Files\\fwmns\\dllhosts.exe"= "C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "C:\\Program Files\\MagicTune Premium\\MagicTune.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6346:TCP"= 6346:TCP:shareaza R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 63352] R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664] S3 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-02-10 69120] S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s916mdm.sys [2007-11-02 109992] S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976] S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s916obex.sys [2007-11-02 100008] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb2b9f9a-6148-11dd-aee6-000b6b6fbb93}] \Shell\AutoRun\command - J:\InstallTomTomHOME.exe . Contenu du dossier 'Tƒches planifi‚es' . - - - - ORPHELINS SUPPRIMES - - - - BHO-{DA36B03D-7DFD-5D29-FD3A-0EA296CF4ECA} - C:\WINDOWS\system32\ujohp.dll HKCU-Run-Lmda - C:\WINDOWS\system32\STEM~1\dllhost.exe HKLM-Run-iewcm - c:\windows\system32\iewcm.exe ShellExecuteHooks-{2935C200-7E7D-4257-B9D4-EE75BAA206C9} - (no file) MSConfigStartUp-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe MSConfigStartUp-BM6b1f2be7 - C:\WINDOWS\system32\klmwahpm.dll MSConfigStartUp-gwdwin - C:\Program Files\skmw\gwdwin.exe MSConfigStartUp-mwstwn - C:\Program Files\dwimn\mwstwn.exe MSConfigStartUp-ReJf5vH - C:\Documents and Settings\alexandra louveau\Application Data\Microsoft\Windows\jifvfuxy.exe MSConfigStartUp-runner1 - C:\WINDOWS\faceback.exe MSConfigStartUp-SfKg6wIP - C:\Documents and Settings\alexandra louveau\Application Data\Microsoft\Windows\tgagw.exe MSConfigStartUp-SfKg6wIPu - C:\Documents and Settings\alexandra louveau\Application Data\Microsoft\Windows\tvxkpsv.exe MSConfigStartUp-SpeedRunner - C:\Documents and Settings\alexandra louveau\Application Data\SpeedRunner\SpeedRunner.exe MSConfigStartUp-St - C:\Windows\st\st.exe MSConfigStartUp-SurfAccuracy - C:\Documents and Settings\alexandra louveau\Application Data\SurfAccuracy\SAcc.exe MSConfigStartUp-SystrayORAHSS - C:\Program Files\OrangeHSS\Systray\SystrayApp.exe MSConfigStartUp-Twain - C:\Program Files\Twain\Twain.exe MSConfigStartUp-webHancer Agent - C:\Program Files\webHancer\Programs\whagent.exe MSConfigStartUp-WinButler - C:\Documents and Settings\alexandra louveau\Application Data\WinButler\WinButler.exe . ------- Examen suppl‚mentaire ------- . R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 R0 -: HKCU-Main,Start Page = hxxp://www.orange.fr R0 -: HKCU-Main,Default_Search_URL = hxxp://www.google.com/ie R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s O8 -: &Search O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 -: { - C:\Program Files\Messenger\msmsgs.exe O17 -: HKLM\CCS\Interface\{3EEF2D7A-86AA-405F-B14F-467493A062DE}: NameServer = 80.10.246.2,80.10.246.129 O16 -: {029FDBA6-3547-11D7-AA4C-0050BF051A00} - hxxp://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab C:\WINDOWS\Downloaded Program Files\Rawflow.ocx O16 -: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} - hxxp://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll O16 -: {5308E02B-4ABA-48E4-AA9E-8A7693661473} - hxxp://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab C:\WINDOWS\Downloaded Program Files\GameAx.inf C:\WINDOWS\Downloaded Program Files\GameEvents.dll C:\WINDOWS\Downloaded Program Files\GameAx.dll O16 -: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} - hxxp://www.wistiti.fr/ImageUploader4.cab C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader4.inf C:\WINDOWS\system32\unicows.dll C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader4.ocx O16 -: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf C:\WINDOWS\system32\unicows.dll C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx O16 -: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} - hxxp://www.photoways.com/assets/aurigma/ImageUploader4.cab C:\WINDOWS\Downloaded Program Files\ImageUploader4.inf C:\WINDOWS\system32\unicows.dll C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx O16 -: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - hxxp://jeuxenligne.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab C:\WINDOWS\Downloaded Program Files\Popcap.inf C:\WINDOWS\Downloaded Program Files\Popcap.dll O16 -: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab C:\WINDOWS\Downloaded Program Files\imikimi_cab.inf O16 -: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://wanadoofr.oberon-media.com/online2/diner_dash/DinerDash.1.0.0.58.cab C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58.inf C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-14 20:11:18 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cach‚s ... Recherche d'‚l‚ments en d‚marrage automatique cach‚s ... Recherche de fichiers cach‚s ... Scan termin‚ avec succŠs Fichiers cach‚s: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\FTRTSVC.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\MagicTune Premium\MagicTuneEngine.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\Program Files\MagicTune Premium\MagicTune.exe . ************************************************************************** . Heure de fin: 2008-09-14 20:20:43 - La machine a red‚marr‚ ComboFix-quarantined-files.txt 2008-09-14 18:20:40 Avant-CF: 100,140,875,776 octets libres AprŠs-CF: 105,814,761,472 octets libres 571 --- E O F --- 2008-09-10 15:51:59 voilà le rapport demandé chef !!! lol
- le 14 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

Search Navipromo version 3.6.5 commencé le 14/09/2008 à 10:12:26,35 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "alexandra louveau" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 14/09/2008 à 10:45:39,85 *** voila le nouveau rapport navilog , on va s'en sortir , jy crois !!! lol
- le 14 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

arff la galere !!!!
- le 14 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:03:07, on 14/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\MagicTune Premium\MagicTuneEngine.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\vVX3000.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\fwmns\wmvwinwn.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: OIN Analytics - {6B221E01-F517-4959-8C41-81948E7F2F17} - C:\Program Files\OINAnalytics\OINAnalytics.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: (no name) - {DA36B03D-7DFD-5D29-FD3A-0EA296CF4ECA} - C:\WINDOWS\system32\ujohp.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [iewcm] "c:\windows\system32\iewcm.exe" iewcm O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [Lmda] "C:\WINDOWS\system32\STEM~1\dllhost.exe" -vt yazb O4 - HKCU\..\Run: [wmvwinwn] C:\Program Files\fwmns\wmvwinwn.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://*.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} (Oberon ActiveX Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://bb53france.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/net/Import/ImageUploader4.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.fr/downloads/BUM/B..._2/axofupld.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/onl...mjolauncher.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.wistiti.fr/ImageUploader4.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://www.photoways.com/assets/aurigma/ImageUploader4.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} (PopcapLoader Object) - http://jeuxenligne.orange.fr/orange2.0/Onl...zuma/Popcap.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3EEF2D7A-86AA-405F-B14F-467493A062DE}: NameServer = 80.10.246.2,80.10.246.129 O20 - AppInit_DLLs: htqnsx.dll O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe -- End of file - 10176 bytes
- le 14 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

rapport hijackthis, je fé koi scan only ou scan and save a logfile ?? bon il va encore falloir me donner kelkes cours !!! mdr
- le 14 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

Ok je le fais de suite et tenvoie le rapport apres !! maintenant jai lhabitude , je vais finir par etre une pro en informatic malgre ke jy comprenne rien !!! lol
- le 14 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

alors maintenant ke dois je faire ?? est ce kil fo telecharger un anti virus car jen ai pa de specifiques si oui lekel et dois je telecharger un truc pour les pubs intempestives malgre ttes ses manips jen aii plus grace a ki !!! lol !! a FALKRA; mERCI BCP
- le 14 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

voila ccest fé des le revil cest chaud le matin !!! mdr Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1134 Windows 5.1.2600 Service Pack 2 14/09/2008 06:47:07 mbam-log-2008-09-14 (06-47-07).txt Type de recherche: Examen rapide Eléments examinés: 177015 Temps écoulé: 2 hour(s), 23 minute(s), 25 second(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 4 Clé(s) du Registre infectée(s): 57 Valeur(s) du Registre infectée(s): 5 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 11 Fichier(s) infecté(s): 36 Processus mémoire infecté(s): C:\Documents and Settings\alexandra louveau\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SurfAccuracy) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\WINDOWS\system32\geBuUklk.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\klbboboy.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\htqnsx.dll (Trojan.Vundo.H) -> Delete on reboot. C:\Program Files\webHancer\Programs\webhdll.dll (Adware.Webhancer) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11d41999-b6a3-401d-b6b5-997934854b6c} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{11d41999-b6a3-401d-b6b5-997934854b6c} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2935c200-7e7d-4257-b9d4-ee75baa206c9} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yayxwwmm (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2935c200-7e7d-4257-b9d4-ee75baa206c9} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47d7d2cb-dcad-45c9-80e4-39d1df78f9bd} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{47d7d2cb-dcad-45c9-80e4-39d1df78f9bd} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{17D2F050-5FDF-11DC-8314-0800200C9A66} (Adware.Surfaccuracy) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{17D2F050-5FDF-11DC-8314-0800200C9A66} (Adware.Surfaccuracy) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpeedRunner (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\IST (Trojan.ISTBar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\682c187b (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm6b1f2be7 (Trojan.Agent) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\gebuuklk -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\gebuuklk -> Delete on reboot. Dossier(s) infecté(s): C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully. C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully. C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully. C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\webHancer (Adware.Webhancer) -> Delete on reboot. C:\Program Files\webHancer\Programs (Adware.Webhancer) -> Delete on reboot. C:\Program Files\Webtools (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Twain (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Mjcore (Trojan.BHO) -> Quarantined and deleted successfully. C:\Documents and Settings\alexandra louveau\Application Data\SurfAccuracy (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\Documents and Settings\alexandra louveau\Application Data\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\geBuUklk.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\klkUuBeg.ini (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\klkUuBeg.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yayxwWmM.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\htqnsx.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\klbboboy.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\yobobblk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully. C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\Program Files\Webtools\webtools.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nvupidkn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully. C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully. C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully. C:\Program Files\webHancer\Programs\license.txt (Adware.Webhancer) -> Quarantined and deleted successfully. C:\Program Files\webHancer\Programs\readme.txt (Adware.Webhancer) -> Quarantined and deleted successfully. C:\Program Files\webHancer\Programs\sporder.dll (Adware.Webhancer) -> Quarantined and deleted successfully. C:\Program Files\webHancer\Programs\webhdll.dll (Adware.Webhancer) -> Delete on reboot. C:\Program Files\webHancer\Programs\whagent.ini (Adware.Webhancer) -> Quarantined and deleted successfully. C:\Program Files\webHancer\Programs\whinstaller.exe (Adware.Webhancer) -> Quarantined and deleted successfully. C:\Program Files\Twain\Twain.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\alexandra louveau\Application Data\SurfAccuracy\License.lnk (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\Documents and Settings\alexandra louveau\Application Data\SurfAccuracy\SAcc.cfg (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\Documents and Settings\alexandra louveau\Application Data\speedrunner\config.cfg (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\Documents and Settings\alexandra louveau\Application Data\speedrunner\SpeedRunner.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\faceback.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\stfMeane2000373.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\klmwahpm.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM6b1f2be7.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM6b1f2be7.txt (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\b157.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\b161.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\alexandra louveau\Local Settings\Temporary Internet Files\fpinst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
- le 14 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

Oui je suis en train de le faire MBAM mais cest tres long et etant donné ke je taffe demain je crois ke ca va tourner tte la nuit car je vai dodoter !!!lol et les craks promis cest fini !!! lol !!! Merci encore et a demain surement pr de nouveaux conseils
- le 13 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

rapport navilog encore merci pour tout ce ke vous faites Clean Navipromo version 3.6.5 commencé le 13/09/2008 à 20:17:31,76 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "alexandra louveau" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** ...\MessengerSkinner ...suppression... ...\MessengerSkinner supprimé ! *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\alexandra louveau\applic~1" *** ...\MessengerSkinner ...suppression... ...\MessengerSkinner supprimé ! *** Suppression dossiers dans "C:\DOCUME~1\ADRIEN~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\alexandra louveau\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADRIEN~1\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\alexandra louveau\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * oqnzsj.dat trouvé ! Copie oqnzsj.dat réalisée avec succès ! oqnzsj.dat supprimé ! oqnzsj_nav.dat trouvé ! Copie oqnzsj_nav.dat réalisée avec succès ! oqnzsj_nav.dat supprimé ! oqnzsj_navps.dat trouvé ! Copie oqnzsj_navps.dat réalisée avec succès ! oqnzsj_navps.dat supprimé ! roeslxsy.dat trouvé ! Copie roeslxsy.dat réalisée avec succès ! roeslxsy.dat supprimé ! roeslxsy_nav.dat trouvé ! Copie roeslxsy_nav.dat réalisée avec succès ! roeslxsy_nav.dat supprimé ! roeslxsy_navps.dat trouvé ! Copie roeslxsy_navps.dat réalisée avec succès ! roeslxsy_navps.dat supprimé ! xpanjgt_navtmp.dat trouvé ! Copie xpanjgt_navtmp.dat réalisée avec succès ! xpanjgt_navtmp.dat supprimé ! * Dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 13/09/2008 à 20:24:49,93 ***
- le 13 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

RAPPORT lod --------------------\\ Lop S&D 4.2.4-2 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3000+ ) BIOS : Rev 1.03 USER : alexandra louveau ( Administrator ) BOOT : Normal boot "C:\Lop SD" ( MAJ : 08-09-2008|21:40 ) Option : [2] ( 13/09/2008|20:28 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13/08/2007|11:41] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Adobe [06/01/2007|20:31] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Google [01/01/2007|20:32] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Identities [02/02/2007|19:56] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Macromedia [26/12/2007|19:56] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Microsoft [27/04/2008|09:30] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Real [11/03/2007|21:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\ACD Systems [10/02/2008|20:06] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Activision [10/09/2008|18:04] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Adobe [21/01/2007|12:56] C:\DOCUME~1\ALEXAN~1\APPLIC~1\AdobeUM [09/05/2007|17:18] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Angkor [28/08/2008|16:19] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Apple Computer [07/07/2007|17:22] C:\DOCUME~1\ALEXAN~1\APPLIC~1\AVSMedia [11/05/2007|10:32] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Boomzap [08/07/2007|13:57] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Chicken Chase [14/12/2007|18:37] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Corel [03/02/2007|15:07] C:\DOCUME~1\ALEXAN~1\APPLIC~1\DivX [11/02/2008|15:44] C:\DOCUME~1\ALEXAN~1\APPLIC~1\EPSON [12/05/2007|19:01] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Genimo [29/12/2006|12:02] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Google [25/08/2008|15:10] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Help [30/04/2008|18:48] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Hulabee [28/12/2006|16:36] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Identities [28/01/2008|22:22] C:\DOCUME~1\ALEXAN~1\APPLIC~1\InstallShield [01/08/2007|14:27] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Jasc [02/02/2007|19:46] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Leadertech [10/09/2008|18:04] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Macromedia [27/10/2007|17:21] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Micro Application [12/09/2008|13:27] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Microsoft [03/08/2008|13:02] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Mozilla [10/09/2008|22:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\OfficeUpdate12 [06/09/2008|21:38] C:\DOCUME~1\ALEXAN~1\APPLIC~1\OpenOffice.org2 [03/02/2008|15:16] C:\DOCUME~1\ALEXAN~1\APPLIC~1\PlayFirst [02/04/2008|20:41] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Real [07/03/2007|12:34] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Screenshot Sender [29/05/2007|09:33] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Snapfish [13/09/2008|09:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\SpeedRunner [09/08/2007|13:22] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Sports Interactive [13/09/2008|19:44] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Studio-Scrap [07/05/2007|11:16] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Sun [13/09/2008|09:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\SurfAccuracy [03/08/2008|13:02] C:\DOCUME~1\ALEXAN~1\APPLIC~1\TomTom [27/06/2007|11:35] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Wildfire [13/09/2008|09:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\WinButler [18/12/2007|13:44] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Windows Live Writer [13/09/2008|09:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\?icrosoft.NET [27/10/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\7Wonders2 [11/03/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems [10/02/2008|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Activision [29/02/2008|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [12/09/2008|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [12/09/2008|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [26/12/2007|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7 [10/02/2007|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [12/09/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [05/12/2007|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel [17/02/2008|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios [03/02/2008|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON [04/06/2007|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games [28/12/2006|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [12/09/2008|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [09/01/2007|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [03/04/2008|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear [10/02/2007|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [28/12/2006|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [12/09/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [12/09/2008|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [08/05/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [19/03/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MyCompany [26/06/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania [22/08/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games [03/02/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [20/05/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap [31/12/2006|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism [14/06/2007|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScreenSeven [12/09/2008|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson [12/01/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [03/04/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames [12/09/2008|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [10/05/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio [03/08/2008|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [29/12/2006|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [03/02/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [28/12/2006|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [24/05/2008|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [30/09/2007|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [01/12/2007|23:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [26/12/2007|19:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [26/12/2007|19:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [12/09/2008 15:25][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [13/09/2008 20:20][--ah-----] C:\WINDOWS\tasks\SA.DAT [24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [03/03/2007|20:43] C:\Program Files\2K Games [15/06/2008|14:54] C:\Program Files\Activision [02/07/2008|18:05] C:\Program Files\Adobe [28/12/2006|18:28] C:\Program Files\Alwil Software [12/09/2008|15:25] C:\Program Files\Apple Software Update [05/01/2007|20:25] C:\Program Files\Atari [28/12/2006|21:56] C:\Program Files\Atlantis [12/09/2008|17:55] C:\Program Files\Avanquest update [07/07/2007|17:21] C:\Program Files\AVSMedia [28/12/2006|21:56] C:\Program Files\BFG [19/05/2007|19:09] C:\Program Files\Boonty [10/09/2008|18:23] C:\Program Files\BoontyGames [23/05/2007|20:51] C:\Program Files\CENEGA [11/12/2007|13:34] C:\Program Files\ChristmasTree [28/04/2008|12:53] C:\Program Files\Classic Menu for Office [28/12/2006|16:38] C:\Program Files\C-Media [01/08/2007|15:01] C:\Program Files\CoffeeCup Software [28/12/2006|16:28] C:\Program Files\ComPlus Applications [10/09/2008|17:53] C:\Program Files\Conduit [14/12/2007|18:40] C:\Program Files\Corel [01/03/2008|14:11] C:\Program Files\DATA BECKER [31/12/2006|21:55] C:\Program Files\directx [21/03/2007|15:05] C:\Program Files\Disney [07/07/2007|10:15] C:\Program Files\DivX [14/08/2007|18:39] C:\Program Files\DonnerLaParole [30/05/2008|18:46] C:\Program Files\DVD X Player 4.1 Professionnel [09/09/2008|18:49] C:\Program Files\dwimn [12/09/2008|18:04] C:\Program Files\EA GAMES [05/07/2008|17:10] C:\Program Files\Electronic Arts [12/09/2008|18:01] C:\Program Files\eMule [12/09/2008|18:04] C:\Program Files\Encore [23/05/2007|19:41] C:\Program Files\Enigma Software Productions [12/09/2008|18:49] C:\Program Files\EPSON [13/09/2008|11:22] C:\Program Files\Fichiers communs [17/01/2008|21:33] C:\Program Files\FotoSketcher [13/09/2008|20:05] C:\Program Files\fwmns [08/10/2007|13:10] C:\Program Files\GamesBar [30/09/2007|18:12] C:\Program Files\Google [04/09/2008|12:10] C:\Program Files\gwbdrx [09/01/2007|19:48] C:\Program Files\HP [13/09/2008|09:27] C:\Program Files\InetGet2 [12/09/2008|18:57] C:\Program Files\InstallShield Installation Information [13/08/2008|23:47] C:\Program Files\Internet Explorer [21/03/2007|17:46] C:\Program Files\Inventel [01/08/2007|14:24] C:\Program Files\Jasc Software Inc [25/07/2008|23:56] C:\Program Files\Java [04/03/2007|02:26] C:\Program Files\KONAMI [29/03/2008|12:28] C:\Program Files\Magic Vines [12/09/2008|18:57] C:\Program Files\MagicTune Premium [04/07/2007|12:00] C:\Program Files\Maternelle [13/08/2008|23:49] C:\Program Files\Messenger [02/09/2008|10:24] C:\Program Files\Messenger Plus! Live [28/12/2006|17:55] C:\Program Files\MessengerPlus! 3 [12/09/2008|13:08] C:\Program Files\Microsoft ActiveSync [08/11/2007|02:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [28/12/2006|16:30] C:\Program Files\microsoft frontpage [26/06/2007|13:40] C:\Program Files\Microsoft LifeCam [12/09/2008|15:43] C:\Program Files\Microsoft Office [07/11/2007|21:16] C:\Program Files\Microsoft SQL Server Compact Edition [13/09/2008|11:26] C:\Program Files\Microsoft Studio Files [10/09/2008|20:58] C:\Program Files\Microsoft Visual Studio [12/09/2008|15:43] C:\Program Files\Microsoft Works [13/09/2008|08:59] C:\Program Files\Mjcore [28/12/2006|18:09] C:\Program Files\Movie Maker [13/01/2007|21:20] C:\Program Files\Mozilla Firefox [28/12/2006|16:28] C:\Program Files\MSN [28/12/2006|16:27] C:\Program Files\MSN Gaming Zone [07/11/2007|21:31] C:\Program Files\MSN Messenger [11/01/2007|20:41] C:\Program Files\MSXML 4.0 [13/09/2008|20:24] C:\Program Files\Navilog1 [28/12/2006|18:07] C:\Program Files\NetMeeting [13/09/2008|09:25] C:\Program Files\OINAnalytics [03/08/2008|15:32] C:\Program Files\OpenOffice.org 2.4 [18/03/2007|12:22] C:\Program Files\orange [21/03/2007|18:05] C:\Program Files\OrangeHSS [13/09/2008|09:25] C:\Program Files\Outerinfo [14/06/2007|00:52] C:\Program Files\Outlook Express [28/12/2006|16:39] C:\Program Files\PCI Audio Applications [31/03/2008|11:46] C:\Program Files\Photo Print Calendar from YOKOHAMA Ver.3.00E beta [15/10/2007|19:10] C:\Program Files\PhotoFiltre [12/09/2008|15:31] C:\Program Files\QuickTime [02/04/2008|20:39] C:\Program Files\Real [14/08/2007|18:46] C:\Program Files\Seagrand [12/09/2008|18:57] C:\Program Files\SEC [28/12/2006|16:29] C:\Program Files\Services en ligne [12/03/2007|17:04] C:\Program Files\Sierra [09/09/2008|18:49] C:\Program Files\skmw [12/01/2008|20:33] C:\Program Files\SM [12/09/2008|15:15] C:\Program Files\Sony Ericsson [05/08/2007|00:49] C:\Program Files\Sports Interactive [12/01/2008|20:34] C:\Program Files\Spybot - Search & Destroy [13/09/2008|19:33] C:\Program Files\Studio-Scrap [10/10/2007|19:54] C:\Program Files\THQ [11/09/2008|23:59] C:\Program Files\TomTom HOME 2 [13/09/2008|17:25] C:\Program Files\Trend Micro [29/12/2006|12:24] C:\Program Files\TryMedia [13/09/2008|09:09] C:\Program Files\Twain [28/12/2006|16:36] C:\Program Files\Uninstall Information [13/09/2008|20:25] C:\Program Files\Wanadoo [13/09/2008|09:19] C:\Program Files\webHancer [13/09/2008|09:04] C:\Program Files\Webtools [10/09/2008|18:07] C:\Program Files\Windows Live [28/12/2006|18:36] C:\Program Files\Windows Media Connect 2 [01/08/2007|23:11] C:\Program Files\Windows Media Player [28/12/2006|18:07] C:\Program Files\Windows NT [28/12/2006|17:07] C:\Program Files\WindowsUpdate [28/12/2006|16:30] C:\Program Files\xerox [29/12/2006|13:47] C:\Program Files\Yahoo! [29/12/2006|13:46] C:\Program Files\Yahoo! Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [16/04/2008|17:48] C:\Program Files\Fichiers communs\Adobe [07/07/2007|17:27] C:\Program Files\Fichiers communs\AVSMedia [10/02/2007|12:20] C:\Program Files\Fichiers communs\BOONTY Shared [10/09/2008|20:58] C:\Program Files\Fichiers communs\DESIGNER [23/05/2007|19:48] C:\Program Files\Fichiers communs\DirectX [08/02/2007|09:38] C:\Program Files\Fichiers communs\France Telecom [09/01/2007|19:47] C:\Program Files\Fichiers communs\Hewlett-Packard [03/02/2008|14:15] C:\Program Files\Fichiers communs\InstallShield [07/05/2007|11:15] C:\Program Files\Fichiers communs\Java [12/09/2008|13:06] C:\Program Files\Fichiers communs\L&H [10/02/2007|12:15] C:\Program Files\Fichiers communs\Macrovision Shared [07/07/2007|16:54] C:\Program Files\Fichiers communs\MAGIX Shared [12/09/2008|15:43] C:\Program Files\Fichiers communs\Microsoft Shared [28/12/2006|16:28] C:\Program Files\Fichiers communs\MSSoap [28/12/2006|16:22] C:\Program Files\Fichiers communs\ODBC [02/04/2008|20:39] C:\Program Files\Fichiers communs\Real [28/12/2006|16:28] C:\Program Files\Fichiers communs\Services [28/12/2006|16:22] C:\Program Files\Fichiers communs\SpeechEngines [21/09/2007|20:58] C:\Program Files\Fichiers communs\Symantec Shared [12/09/2008|15:37] C:\Program Files\Fichiers communs\System [16/04/2008|17:48] C:\Program Files\Fichiers communs\Vbox [07/11/2007|21:10] C:\Program Files\Fichiers communs\WindowsLiveInstaller [02/04/2008|20:40] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 46 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-13 20:36:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 290 --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\klkUuBeg.ini C:\WINDOWS\system32\klkUuBeg.ini2 ==> VUNDO <== --------------------\\ ROGUES .. C:\DOCUME~1\ALEXAN~1\APPLIC~1\WinButler --------------------\\ Cracks & Keygens .. C:\DOCUME~1\ALEXAN~1\Application Data\Microsoft\Office\Recent\Microsoft office professional plus 2007 keygen serial activation.LNK C:\DOCUME~1\ALEXAN~1\Application Data\Microsoft\Office\Recent\[0] Microsoft office professional plus 2007 keygen serial activation.LNK C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\Microsoft Serials Pack Windows Vista WinXP Office 2007 Keygen activation.zip C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\Crack by Seven.exe C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\ImpGifAnim C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\ImpGifAnim.zip C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\Mode d'Emploi by Seven.txt C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\PhotoFiltre Studio v9.0 FR.exe C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\ImpGifAnim\ImpGifAnim.pfl C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\ImpGifAnim\ImpGifAnim.txt C:\DOCUME~1\ALEXAN~1\Recent\Microsoft office professional plus 2007 keygen serial activation.lnk C:\DOCUME~1\ALEXAN~1\Recent\[0] Microsoft office professional plus 2007 keygen serial activation.lnk [F:16][D:2]-> C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp [F:29][D:0]-> C:\DOCUME~1\ALEXAN~1\Cookies [F:115226][D:703]-> C:\DOCUME~1\ALEXAN~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 13/09/2008|18:40 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 13/09/2008|21:05 - Option : [2] --------------------\\ Fin du rapport a 21:05:28
- le 13 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

je fais tout ce ke vous me dites , pr le moment, il cherche le rapport LOD
- le 13 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

voici enfin le rapport navilog, jespere ke vs allez pouvoir maider Search Navipromo version 3.6.5 commencé le 13/09/2008 à 17:50:06,71 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "alexandra louveau" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** ...\MessengerSkinner trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\applic~1" *** ...\MessengerSkinner trouvé ! *** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : oqnzsj.dat trouvé ! oqnzsj_nav.dat trouvé ! oqnzsj_navps.dat trouvé ! roeslxsy.dat trouvé ! roeslxsy_nav.dat trouvé ! roeslxsy_navps.dat trouvé ! xpanjgt_navtmp.dat trouvé ! * Dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : C:\WINDOWS\system32\klkUuBeg.ini2 trouvé ! infection Vundo possible non traitée par cet outil ! *** Analyse terminée le 13/09/2008 à 19:12:10,54 ***
- le 13 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

rapport lop --------------------\\ Lop S&D 4.2.4-2 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3000+ ) BIOS : Rev 1.03 USER : alexandra louveau ( Administrator ) BOOT : Normal boot "C:\Lop SD" ( MAJ : 08-09-2008|21:40 ) Option : [1] ( 13/09/2008|17:49 ) --------------------\\ Listing des dossiers dans APPLIC~1 [13/08/2007|11:41] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Adobe [06/01/2007|20:31] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Google [01/01/2007|20:32] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Identities [02/02/2007|19:56] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Macromedia [26/12/2007|19:56] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Microsoft [27/04/2008|09:30] C:\DOCUME~1\ADRIEN~1\APPLIC~1\Real [11/03/2007|21:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\ACD Systems [10/02/2008|20:06] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Activision [10/09/2008|18:04] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Adobe [21/01/2007|12:56] C:\DOCUME~1\ALEXAN~1\APPLIC~1\AdobeUM [09/05/2007|17:18] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Angkor [28/08/2008|16:19] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Apple Computer [07/07/2007|17:22] C:\DOCUME~1\ALEXAN~1\APPLIC~1\AVSMedia [11/05/2007|10:32] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Boomzap [08/07/2007|13:57] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Chicken Chase [14/12/2007|18:37] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Corel [03/02/2007|15:07] C:\DOCUME~1\ALEXAN~1\APPLIC~1\DivX [11/02/2008|15:44] C:\DOCUME~1\ALEXAN~1\APPLIC~1\EPSON [12/05/2007|19:01] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Genimo [29/12/2006|12:02] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Google [25/08/2008|15:10] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Help [30/04/2008|18:48] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Hulabee [28/12/2006|16:36] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Identities [28/01/2008|22:22] C:\DOCUME~1\ALEXAN~1\APPLIC~1\InstallShield [01/08/2007|14:27] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Jasc [02/02/2007|19:46] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Leadertech [10/09/2008|18:04] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Macromedia [19/01/2007|11:34] C:\DOCUME~1\ALEXAN~1\APPLIC~1\MessengerSkinner [27/10/2007|17:21] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Micro Application [12/09/2008|13:27] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Microsoft [03/08/2008|13:02] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Mozilla [10/09/2008|22:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\OfficeUpdate12 [06/09/2008|21:38] C:\DOCUME~1\ALEXAN~1\APPLIC~1\OpenOffice.org2 [03/02/2008|15:16] C:\DOCUME~1\ALEXAN~1\APPLIC~1\PlayFirst [02/04/2008|20:41] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Real [07/03/2007|12:34] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Screenshot Sender [29/05/2007|09:33] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Snapfish [13/09/2008|09:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\SpeedRunner [09/08/2007|13:22] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Sports Interactive [07/05/2007|11:16] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Sun [13/09/2008|09:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\SurfAccuracy [03/08/2008|13:02] C:\DOCUME~1\ALEXAN~1\APPLIC~1\TomTom [27/06/2007|11:35] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Wildfire [13/09/2008|09:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\WinButler [18/12/2007|13:44] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Windows Live Writer [13/09/2008|09:52] C:\DOCUME~1\ALEXAN~1\APPLIC~1\?icrosoft.NET [27/10/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\7Wonders2 [11/03/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems [10/02/2008|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Activision [29/02/2008|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [12/09/2008|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [10/10/2007|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [26/12/2007|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7 [10/02/2007|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [12/09/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [05/12/2007|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel [17/02/2008|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios [03/02/2008|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON [04/06/2007|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games [28/12/2006|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [12/09/2008|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [09/01/2007|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [03/04/2008|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear [10/02/2007|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [28/12/2006|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [12/09/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [12/09/2008|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [08/05/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [19/03/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MyCompany [26/06/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania [22/08/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games [03/02/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [20/05/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap [31/12/2006|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism [14/06/2007|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScreenSeven [12/09/2008|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson [12/01/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [03/04/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames [12/09/2008|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [10/05/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio [03/08/2008|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [29/12/2006|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [03/02/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [28/12/2006|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [24/05/2008|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [30/09/2007|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [01/12/2007|23:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [26/12/2007|19:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [26/12/2007|19:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [12/09/2008 15:25][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [13/09/2008 17:23][--ah-----] C:\WINDOWS\tasks\SA.DAT [24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [03/03/2007|20:43] C:\Program Files\2K Games [15/06/2008|14:54] C:\Program Files\Activision [02/07/2008|18:05] C:\Program Files\Adobe [28/12/2006|18:28] C:\Program Files\Alwil Software [12/09/2008|15:25] C:\Program Files\Apple Software Update [05/01/2007|20:25] C:\Program Files\Atari [28/12/2006|21:56] C:\Program Files\Atlantis [12/09/2008|17:55] C:\Program Files\Avanquest update [07/07/2007|17:21] C:\Program Files\AVSMedia [28/12/2006|21:56] C:\Program Files\BFG [19/05/2007|19:09] C:\Program Files\Boonty [10/09/2008|18:23] C:\Program Files\BoontyGames [23/05/2007|20:51] C:\Program Files\CENEGA [11/12/2007|13:34] C:\Program Files\ChristmasTree [28/04/2008|12:53] C:\Program Files\Classic Menu for Office [28/12/2006|16:38] C:\Program Files\C-Media [01/08/2007|15:01] C:\Program Files\CoffeeCup Software [28/12/2006|16:28] C:\Program Files\ComPlus Applications [10/09/2008|17:53] C:\Program Files\Conduit [14/12/2007|18:40] C:\Program Files\Corel [01/03/2008|14:11] C:\Program Files\DATA BECKER [31/12/2006|21:55] C:\Program Files\directx [21/03/2007|15:05] C:\Program Files\Disney [07/07/2007|10:15] C:\Program Files\DivX [14/08/2007|18:39] C:\Program Files\DonnerLaParole [30/05/2008|18:46] C:\Program Files\DVD X Player 4.1 Professionnel [09/09/2008|18:49] C:\Program Files\dwimn [12/09/2008|18:04] C:\Program Files\EA GAMES [05/07/2008|17:10] C:\Program Files\Electronic Arts [12/09/2008|18:01] C:\Program Files\eMule [12/09/2008|18:04] C:\Program Files\Encore [23/05/2007|19:41] C:\Program Files\Enigma Software Productions [12/09/2008|18:49] C:\Program Files\EPSON [13/09/2008|11:22] C:\Program Files\Fichiers communs [17/01/2008|21:33] C:\Program Files\FotoSketcher [13/09/2008|16:59] C:\Program Files\fwmns [08/10/2007|13:10] C:\Program Files\GamesBar [30/09/2007|18:12] C:\Program Files\Google [04/09/2008|12:10] C:\Program Files\gwbdrx [09/01/2007|19:48] C:\Program Files\HP [13/09/2008|09:27] C:\Program Files\InetGet2 [12/09/2008|18:57] C:\Program Files\InstallShield Installation Information [13/08/2008|23:47] C:\Program Files\Internet Explorer [21/03/2007|17:46] C:\Program Files\Inventel [01/08/2007|14:24] C:\Program Files\Jasc Software Inc [25/07/2008|23:56] C:\Program Files\Java [04/03/2007|02:26] C:\Program Files\KONAMI [29/03/2008|12:28] C:\Program Files\Magic Vines [12/09/2008|18:57] C:\Program Files\MagicTune Premium [04/07/2007|12:00] C:\Program Files\Maternelle [13/08/2008|23:49] C:\Program Files\Messenger [02/09/2008|10:24] C:\Program Files\Messenger Plus! Live [28/12/2006|17:55] C:\Program Files\MessengerPlus! 3 [03/02/2007|11:32] C:\Program Files\MessengerSkinner [12/09/2008|13:08] C:\Program Files\Microsoft ActiveSync [08/11/2007|02:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [28/12/2006|16:30] C:\Program Files\microsoft frontpage [26/06/2007|13:40] C:\Program Files\Microsoft LifeCam [12/09/2008|15:43] C:\Program Files\Microsoft Office [07/11/2007|21:16] C:\Program Files\Microsoft SQL Server Compact Edition [13/09/2008|11:26] C:\Program Files\Microsoft Studio Files [10/09/2008|20:58] C:\Program Files\Microsoft Visual Studio [12/09/2008|15:43] C:\Program Files\Microsoft Works [13/09/2008|08:59] C:\Program Files\Mjcore [28/12/2006|18:09] C:\Program Files\Movie Maker [13/01/2007|21:20] C:\Program Files\Mozilla Firefox [28/12/2006|16:28] C:\Program Files\MSN [28/12/2006|16:27] C:\Program Files\MSN Gaming Zone [07/11/2007|21:31] C:\Program Files\MSN Messenger [11/01/2007|20:41] C:\Program Files\MSXML 4.0 [13/09/2008|17:47] C:\Program Files\Navilog1 [28/12/2006|18:07] C:\Program Files\NetMeeting [13/09/2008|09:25] C:\Program Files\OINAnalytics [03/08/2008|15:32] C:\Program Files\OpenOffice.org 2.4 [18/03/2007|12:22] C:\Program Files\orange [21/03/2007|18:05] C:\Program Files\OrangeHSS [13/09/2008|09:25] C:\Program Files\Outerinfo [14/06/2007|00:52] C:\Program Files\Outlook Express [28/12/2006|16:39] C:\Program Files\PCI Audio Applications [31/03/2008|11:46] C:\Program Files\Photo Print Calendar from YOKOHAMA Ver.3.00E beta [15/10/2007|19:10] C:\Program Files\PhotoFiltre [12/09/2008|15:31] C:\Program Files\QuickTime [02/04/2008|20:39] C:\Program Files\Real [14/08/2007|18:46] C:\Program Files\Seagrand [12/09/2008|18:57] C:\Program Files\SEC [28/12/2006|16:29] C:\Program Files\Services en ligne [12/03/2007|17:04] C:\Program Files\Sierra [09/09/2008|18:49] C:\Program Files\skmw [12/01/2008|20:33] C:\Program Files\SM [12/09/2008|15:15] C:\Program Files\Sony Ericsson [05/08/2007|00:49] C:\Program Files\Sports Interactive [12/01/2008|20:34] C:\Program Files\Spybot - Search & Destroy [10/10/2007|19:54] C:\Program Files\THQ [11/09/2008|23:59] C:\Program Files\TomTom HOME 2 [13/09/2008|17:25] C:\Program Files\Trend Micro [29/12/2006|12:24] C:\Program Files\TryMedia [13/09/2008|09:09] C:\Program Files\Twain [28/12/2006|16:36] C:\Program Files\Uninstall Information [13/09/2008|17:24] C:\Program Files\Wanadoo [13/09/2008|09:19] C:\Program Files\webHancer [13/09/2008|09:04] C:\Program Files\Webtools [10/09/2008|18:07] C:\Program Files\Windows Live [28/12/2006|18:36] C:\Program Files\Windows Media Connect 2 [01/08/2007|23:11] C:\Program Files\Windows Media Player [28/12/2006|18:07] C:\Program Files\Windows NT [28/12/2006|17:07] C:\Program Files\WindowsUpdate [28/12/2006|16:30] C:\Program Files\xerox [29/12/2006|13:47] C:\Program Files\Yahoo! [29/12/2006|13:46] C:\Program Files\Yahoo! Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [16/04/2008|17:48] C:\Program Files\Fichiers communs\Adobe [07/07/2007|17:27] C:\Program Files\Fichiers communs\AVSMedia [10/02/2007|12:20] C:\Program Files\Fichiers communs\BOONTY Shared [10/09/2008|20:58] C:\Program Files\Fichiers communs\DESIGNER [23/05/2007|19:48] C:\Program Files\Fichiers communs\DirectX [08/02/2007|09:38] C:\Program Files\Fichiers communs\France Telecom [09/01/2007|19:47] C:\Program Files\Fichiers communs\Hewlett-Packard [03/02/2008|14:15] C:\Program Files\Fichiers communs\InstallShield [07/05/2007|11:15] C:\Program Files\Fichiers communs\Java [12/09/2008|13:06] C:\Program Files\Fichiers communs\L&H [10/02/2007|12:15] C:\Program Files\Fichiers communs\Macrovision Shared [07/07/2007|16:54] C:\Program Files\Fichiers communs\MAGIX Shared [12/09/2008|15:43] C:\Program Files\Fichiers communs\Microsoft Shared [28/12/2006|16:28] C:\Program Files\Fichiers communs\MSSoap [28/12/2006|16:22] C:\Program Files\Fichiers communs\ODBC [02/04/2008|20:39] C:\Program Files\Fichiers communs\Real [28/12/2006|16:28] C:\Program Files\Fichiers communs\Services [28/12/2006|16:22] C:\Program Files\Fichiers communs\SpeechEngines [21/09/2007|20:58] C:\Program Files\Fichiers communs\Symantec Shared [12/09/2008|15:37] C:\Program Files\Fichiers communs\System [16/04/2008|17:48] C:\Program Files\Fichiers communs\Vbox [07/11/2007|21:10] C:\Program Files\Fichiers communs\WindowsLiveInstaller [02/04/2008|20:40] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 50 Processes ) IEXPLORE.EXE ~ [PID:2744] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\nslF.tmp C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\nsm10.tmp C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\nsq15.tmp C:\DOCUME~1\ALEXAN~1\Cookies\alexandra_louveau@banner.cotedazurpalace[2].txt C:\DOCUME~1\ALEXAN~1\Cookies\alexandra_louveau@cotedazurpalace[2].txt C:\DOCUME~1\ALEXAN~1\Cookies\alexandra_louveau@www.cotedazurpalace[1].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-13 17:57:18 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 290 --------------------\\ Recherche d'autres infections C:\Program Files\MessengerSkinner C:\DOCUME~1\ALEXAN~1\APPLIC~1\MessengerSkinner C:\DOCUME~1\ALEXAN~1\APPLIC~1\MessengerSkinner\Userdata C:\WINDOWS\Pack.epk C:\WINDOWS\System32\nvs2.inf C:\WINDOWS\System32\oqnzsj.dat C:\WINDOWS\System32\oqnzsj_nav.dat C:\WINDOWS\System32\oqnzsj_navps.dat C:\WINDOWS\System32\roeslxsy.dat C:\WINDOWS\System32\roeslxsy_nav.dat C:\WINDOWS\System32\roeslxsy_navps.dat C:\WINDOWS\System32\xpanjgt_navtmp.dat ==> EGDACCESS <== C:\WINDOWS\system32\klkUuBeg.ini C:\WINDOWS\system32\klkUuBeg.ini2 ==> VUNDO <== --------------------\\ ROGUES .. C:\DOCUME~1\ALEXAN~1\APPLIC~1\WinButler --------------------\\ Cracks & Keygens .. C:\DOCUME~1\ALEXAN~1\Application Data\Microsoft\Office\Recent\Microsoft office professional plus 2007 keygen serial activation.LNK C:\DOCUME~1\ALEXAN~1\Application Data\Microsoft\Office\Recent\[0] Microsoft office professional plus 2007 keygen serial activation.LNK C:\DOCUME~1\ALEXAN~1\Local Settings\Temp\R‚pertoire temporaire 2 pour Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familial.zip C:\DOCUME~1\ALEXAN~1\Local Settings\Temp\R‚pertoire temporaire 2 pour Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familial.zip\Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familiale C:\DOCUME~1\ALEXAN~1\Local Settings\Temp\R‚pertoire temporaire 2 pour Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familial.zip\Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familiale\a lire.txt C:\DOCUME~1\ALEXAN~1\Local Settings\Temp\R‚pertoire temporaire 2 pour Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familial.zip\Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familiale\Microsoft.Windows.XP.Professional.Corporate.SP2 C:\DOCUME~1\ALEXAN~1\Local Settings\Temp\R‚pertoire temporaire 2 pour Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familial.zip\Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familiale\Serial Key Windows XP Edition Familiale SP1A.txt C:\DOCUME~1\ALEXAN~1\Local Settings\Temp\R‚pertoire temporaire 2 pour Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familial.zip\Win Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familiale\WinXP.Activation.v1.1.French.exe C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\Microsoft Serials Pack Windows Vista WinXP Office 2007 Keygen activation.zip C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\Crack by Seven.exe C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\ImpGifAnim C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\ImpGifAnim.zip C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\Mode d'Emploi by Seven.txt C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\PhotoFiltre Studio v9.0 FR.exe C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\ImpGifAnim\ImpGifAnim.pfl C:\DOCUME~1\ALEXAN~1\Mes documents\Mes fichiers re‡us\PhotoFiltre Studio v9.0.0 FR + Crack (Keygen) by Seven\ImpGifAnim\ImpGifAnim.txt C:\DOCUME~1\ALEXAN~1\Recent\Microsoft office professional plus 2007 keygen serial activation.lnk C:\DOCUME~1\ALEXAN~1\Recent\[0] Microsoft office professional plus 2007 keygen serial activation.lnk [F:8648][D:643]-> C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp [F:40][D:0]-> C:\DOCUME~1\ALEXAN~1\Cookies [F:114472][D:703]-> C:\DOCUME~1\ALEXAN~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 13/09/2008|18:40 - Option : [1] --------------------\\ Fin du rapport a 18:40:13
- le 13 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

et bien cest long ces scans !!! a mon avi jai une machine bien malade !!! lol
- le 13 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a répondu à un(e) sujet de alex53200 dans Analyses et éradication malwares

ok je fais ca de suite merci bcp
- le 13 septembre 2008
- 40 réponses
rapport hijackthis

alex53200 a posté un sujet dans Analyses et éradication malwares

bonjour, je suis alexandra, nulle en informatique et envoie comme jesses entraide le di le rapport hijackthis ke jai fé est ce ke kelkun peut maider svp ??? merci pour tout Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:26:23, on 13/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\MagicTune Premium\MagicTuneEngine.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\vVX3000.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\alexandra louveau\Application Data\SpeedRunner\SpeedRunner.exe C:\Program Files\fwmns\wmvwinwn.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\MagicTune Premium\MagicTune.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [682c187b] rundll32.exe "C:\WINDOWS\system32\klbboboy.dll",b O4 - HKLM\..\Run: [iewcm] "c:\windows\system32\iewcm.exe" iewcm O4 - HKLM\..\Run: [bM6b1f2be7] Rundll32.exe "C:\WINDOWS\system32\klmwahpm.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [Lmda] "C:\WINDOWS\system32\STEM~1\dllhost.exe" -vt yazb O4 - HKCU\..\Run: [speedRunner] C:\Documents and Settings\alexandra louveau\Application Data\SpeedRunner\SpeedRunner.exe O4 - HKCU\..\Run: [wmvwinwn] C:\Program Files\fwmns\wmvwinwn.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZK O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O10 - Hijacked Internet access by WebHancer O10 - Hijacked Internet access by WebHancer O10 - Hijacked Internet access by WebHancer O15 - Trusted Zone: http://*.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} (Oberon ActiveX Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://bb53france.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/net/Import/ImageUploader4.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.fr/downloads/BUM/B..._2/axofupld.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/onl...mjolauncher.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.wistiti.fr/ImageUploader4.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://www.photoways.com/assets/aurigma/ImageUploader4.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} (PopcapLoader Object) - http://jeuxenligne.orange.fr/orange2.0/Onl...zuma/Popcap.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://jeuxenligne.orange.fr/gameshell/onl...ploader_v10.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3EEF2D7A-86AA-405F-B14F-467493A062DE}: NameServer = 80.10.246.2,80.10.246.129 O20 - AppInit_DLLs: htqnsx.dll O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe -- End of file - 10155 bytes
- le 13 septembre 2008
- 40 réponses

Connexion

alex53200

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par alex53200

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

rapport hijackthis

Zebulon

Outils en ligne

Naviguer