Virus Win32:Trojan-gen. {Other} - Page 2

Précédent
  • 1
  • 2
  1. danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
     
    Je n'ai pas eu de rapport pour msnfix, mais il n'a indiqué aucune infection.


    Voici le rapport de TB :


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2250 @ 1.73GHz )
    BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08
    USER : Dani ( Administrator )
    BOOT : Fail-safe boot
    Antivirus : (Not Activated)
    Firewall : (Not Activated)
    C:\ (Local Disk) - NTFS - Total:105 Go (Free:15 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    H:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    I:\ (CD or DVD) - CDFS - Total:1 Go (Free:0 Go)
    J:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    X:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 22/01/2009|21:45 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\BitLord\BitLord.exe
    Supprime! - C:\Program Files\BitLord\BitLord.url
    Supprime! - C:\Program Files\BitLord\BitLord.xml
    Supprime! - C:\Program Files\BitLord\Downloads
    Supprime! - C:\Program Files\BitLord\Downloads.xml
    Supprime! - C:\Program Files\BitLord\lang
    Supprime! - C:\Program Files\BitLord\License.txt
    Supprime! - C:\Program Files\BitLord\rules
    Supprime! - C:\Program Files\BitLord\Torrents
    Supprime! - C:\Program Files\BitLord\uninst.exe
    Supprime! - C:\DOCUME~1\Dani\Bureau\BitLord.lnk
    Supprime! - C:\WINDOWS\Prefetch\BITLORD.EXE-00346D1D.pf
    Supprime! - C:\DOCUME~1\Dani\MENUDM~1\PROGRA~1\BitLord
    Supprime! - C:\Program Files\BitLord

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
    "Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Start Page"="https://www.msn.com/fr-fr/"
    "Home_Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"
    "Help_Page"="http://support.euro.dell.com/segment.asp?country=FR&language=FR"

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROOTKIT !!

    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\alcohol 120%\crack.exe
    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\keygen.exe
    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\Nero_712_KeyGen_Only-ORiON.rar
    C:\DOCUME~1\Dani\Favoris\cours de cracking
    C:\DOCUME~1\Dani\Favoris\crack wep
    C:\DOCUME~1\Dani\Favoris\cracks and serials
    C:\DOCUME~1\Dani\Favoris\I-Hacked.com Taking Advantage Of Technology - Cracking Wifi with BackTrack.url
    C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking - Shmeitcorp.url
    C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking.url
    C:\DOCUME~1\Dani\Favoris\crack wep\Tuto fr tutoriaux francophone.url
    C:\DOCUME~1\Dani\Favoris\cracks and serials\Serials & keys - unlocks the world.url
    C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw — la mont pagnotte familly.url
    C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw.url
    C:\DOCUME~1\Dani\Favoris\hacking\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep.url
    C:\DOCUME~1\Dani\Favoris\hacking\AIRCRACK-PTW le wifi debian linux download aircrack-ptw,telecharger aircrack-ptw, airodump, aireplay (suite aircrack-ng).url
    C:\DOCUME~1\Dani\Favoris\hacking\Crackpark.org - Votre portail d’infomations sur le thème cracks serials. Ce site est en vente!.url
    C:\DOCUME~1\Dani\Mes documents\EBP.Comptes.Bancaires.2006.v6.0.1.34.FR.Incl-Crack.rar
    C:\DOCUME~1\Dani\Mes documents\guitare\Guitar Pro 5.2 (Win)\Keygen.exe
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\F\Faith No More - Crack Hitler.gp3
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\L\Limp Bizkit - Crack Addict.gp4
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\P\Pixies - Crackity Jones.gp3
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Lisez-Moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties\AsianDinasties.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1\AOE III DISC 1.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.bin
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.cue
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.bin
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.cue
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AoE III Cd Keys.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\age3.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\Lisez-moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\age3.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\Lisez-moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties\age3y.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\age3x.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\mgspidx.dll
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs\WarChiefs.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED.rar
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\fm.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\hatred.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack\fm.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD1.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD2.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD3.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD4.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS.txt
    C:\DOCUME~1\Dani\Mes documents\Ma musique\HIP HOP\Kanye West - Late Registration (2005) - Rap [www.torrentazos.com]\08. Kanye West - Crack Music (ft.The Game) - www.torrentazos.com.mp3
    C:\DOCUME~1\Dani\Mes documents\Ma musique\Rap français - albums\Alibi Montana - T'as Ma Parole\02. Le Monde A Crack'.mp3
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0.tar.gz
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw_win32.rar
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR
    C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack
    C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack\FFF.NFO
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.h
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\attacksim.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\Makefile
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\README
    C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.c
    C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.h
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\winamp531_pro.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen\KeyMaker.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR\french_translated.exe

    1 - "C:\ToolBar SD\TB_1.txt" - 22/01/2009|21:50 - Option : [2]

    -----------\\ Fin du rapport a 21:50:01,56


    Le rapport de lopR :


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2250 @ 1.73GHz )
    BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08
    USER : Dani ( Administrator )
    BOOT : Fail-safe boot
    Antivirus : (Not Activated)
    Firewall : (Not Activated)
    C:\ (Local Disk) - NTFS - Total:105 Go (Free:15 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    H:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    I:\ (CD or DVD) - CDFS - Total:1 Go (Free:0 Go)
    J:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    X:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 22/01/2009|21:54 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\Program Files\Circle Developement

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [05/09/2006|18:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
    [05/09/2006|17:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel
    [15/09/2008|22:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Grisoft
    [14/09/2006|21:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\GTek
    [01/09/2005|06:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [05/09/2006|17:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
    [15/09/2008|21:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [05/09/2006|17:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

    [29/09/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{4F0BAFD2-4250-4D62-9237-E4C5E88071D9}
    [29/09/2008|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B33CBE2B-A739-401D-A5E0-041195C4A17B}
    [05/09/2006|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/10/2008|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
    [28/07/2007|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [28/07/2007|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [29/09/2008|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EBP
    [20/01/2009|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [06/07/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [16/12/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [05/09/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [05/09/2006|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
    [16/09/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [05/09/2006|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [05/09/2006|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
    [14/09/2006|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
    [21/09/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [18/08/2008|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
    [18/08/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
    [02/06/2008|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/12/2008|03:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [09/09/2006|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
    [05/09/2006|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [18/09/2007|00:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tenebril
    [25/12/2007|13:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [23/12/2006|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [17/10/2007|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!

    [11/02/2007|22:13] C:\DOCUME~1\Dani\APPLIC~1\ACD Systems
    [10/02/2008|15:57] C:\DOCUME~1\Dani\APPLIC~1\Adobe
    [25/09/2006|20:51] C:\DOCUME~1\Dani\APPLIC~1\AdobeUM
    [21/05/2007|19:59] C:\DOCUME~1\Dani\APPLIC~1\Ahead
    [28/07/2007|16:21] C:\DOCUME~1\Dani\APPLIC~1\Apple Computer
    [05/09/2006|18:00] C:\DOCUME~1\Dani\APPLIC~1\ATI
    [18/10/2006|21:04] C:\DOCUME~1\Dani\APPLIC~1\Corel Photo Album
    [29/09/2008|15:16] C:\DOCUME~1\Dani\APPLIC~1\EBP
    [10/01/2007|18:39] C:\DOCUME~1\Dani\APPLIC~1\FotoWire
    [31/10/2006|23:10] C:\DOCUME~1\Dani\APPLIC~1\Google
    [06/07/2007|21:52] C:\DOCUME~1\Dani\APPLIC~1\Grisoft
    [14/09/2006|21:01] C:\DOCUME~1\Dani\APPLIC~1\Gtek
    [16/12/2007|16:44] C:\DOCUME~1\Dani\APPLIC~1\HP
    [17/09/2007|00:52] C:\DOCUME~1\Dani\APPLIC~1\ICQ
    [01/09/2005|06:25] C:\DOCUME~1\Dani\APPLIC~1\Identities
    [17/09/2007|00:45] C:\DOCUME~1\Dani\APPLIC~1\InstallShield
    [05/09/2006|17:49] C:\DOCUME~1\Dani\APPLIC~1\Intel
    [18/12/2006|19:15] C:\DOCUME~1\Dani\APPLIC~1\Leadertech
    [14/09/2006|20:14] C:\DOCUME~1\Dani\APPLIC~1\Macromedia
    [16/09/2008|17:56] C:\DOCUME~1\Dani\APPLIC~1\Malwarebytes
    [08/09/2006|18:39] C:\DOCUME~1\Dani\APPLIC~1\McAfee.com Personal Firewall
    [06/02/2008|22:38] C:\DOCUME~1\Dani\APPLIC~1\Microsoft
    [28/08/2008|17:26] C:\DOCUME~1\Dani\APPLIC~1\Mozilla
    [11/10/2008|17:36] C:\DOCUME~1\Dani\APPLIC~1\My Games
    [09/09/2006|11:06] C:\DOCUME~1\Dani\APPLIC~1\Otto
    [17/09/2007|20:11] C:\DOCUME~1\Dani\APPLIC~1\Samsung
    [25/06/2007|14:29] C:\DOCUME~1\Dani\APPLIC~1\Screenshot Sender
    [26/07/2008|12:26] C:\DOCUME~1\Dani\APPLIC~1\SecuROM
    [18/12/2006|19:15] C:\DOCUME~1\Dani\APPLIC~1\Sonic
    [23/12/2007|14:53] C:\DOCUME~1\Dani\APPLIC~1\Sports Interactive
    [29/10/2006|19:14] C:\DOCUME~1\Dani\APPLIC~1\Sun
    [05/09/2006|17:56] C:\DOCUME~1\Dani\APPLIC~1\Symantec
    [26/10/2007|11:53] C:\DOCUME~1\Dani\APPLIC~1\Talkback
    [28/10/2006|15:37] C:\DOCUME~1\Dani\APPLIC~1\Winamp
    [21/11/2008|22:39] C:\DOCUME~1\Dani\APPLIC~1\X-Projects

    [05/09/2006|18:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
    [05/09/2006|17:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
    [14/09/2006|21:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Gtek
    [01/09/2005|06:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [05/09/2006|17:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
    [05/09/2006|17:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [05/09/2006|17:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [09/09/2006|10:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
    [01/09/2005|06:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [09/09/2006|11:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
    [18/09/2007|00:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [05/09/2006|18:00] C:\DOCUME~1\Suzy\APPLIC~1\ATI
    [05/09/2006|17:53] C:\DOCUME~1\Suzy\APPLIC~1\Corel
    [01/11/2006|16:46] C:\DOCUME~1\Suzy\APPLIC~1\Google
    [22/04/2008|20:29] C:\DOCUME~1\Suzy\APPLIC~1\Grisoft
    [14/09/2006|21:01] C:\DOCUME~1\Suzy\APPLIC~1\Gtek
    [01/09/2005|06:25] C:\DOCUME~1\Suzy\APPLIC~1\Identities
    [05/09/2006|17:49] C:\DOCUME~1\Suzy\APPLIC~1\Intel
    [14/09/2006|19:18] C:\DOCUME~1\Suzy\APPLIC~1\Macromedia
    [09/09/2006|11:16] C:\DOCUME~1\Suzy\APPLIC~1\McAfee.com Personal Firewall
    [29/11/2006|20:50] C:\DOCUME~1\Suzy\APPLIC~1\Microsoft
    [29/10/2006|14:36] C:\DOCUME~1\Suzy\APPLIC~1\Sun
    [05/09/2006|17:56] C:\DOCUME~1\Suzy\APPLIC~1\Symantec
    [22/04/2008|20:29] C:\DOCUME~1\Suzy\APPLIC~1\Tenebril
    [01/06/2007|18:53] C:\DOCUME~1\Suzy\APPLIC~1\Winamp

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [17/01/2009 22:23][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [22/01/2009 21:34][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [10/08/2004 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [05/09/2006|17:50] C:\Program Files\Adobe
    [09/09/2006|23:36] C:\Program Files\alcohol 120
    [09/09/2006|23:37] C:\Program Files\Alcohol Soft
    [14/09/2006|19:52] C:\Program Files\Alwil Software
    [13/09/2007|22:15] C:\Program Files\Apple Software Update
    [05/09/2006|17:47] C:\Program Files\ATI Technologies
    [30/07/2007|22:50] C:\Program Files\Automate unDRM
    [30/07/2008|23:47] C:\Program Files\BAE
    [05/09/2006|17:47] C:\Program Files\Broadcom
    [10/01/2009|01:40] C:\Program Files\bwin
    [18/06/2007|18:16] C:\Program Files\CamStudio
    [07/07/2007|08:17] C:\Program Files\CCleaner
    [03/07/2007|19:16] C:\Program Files\CEDP Stealer 6.0 for Messenger
    [28/10/2006|16:19] C:\Program Files\Cole2k Media Toolbar
    [01/09/2005|06:13] C:\Program Files\ComPlus Applications
    [05/09/2006|17:44] C:\Program Files\CONEXANT
    [18/10/2006|21:11] C:\Program Files\Corel
    [05/09/2006|17:52] C:\Program Files\Corel Corporation
    [05/09/2006|17:49] C:\Program Files\Creative
    [05/09/2006|17:49] C:\Program Files\CyberLink
    [05/09/2006|17:47] C:\Program Files\Dell
    [13/06/2007|18:53] C:\Program Files\Dial-Messenger
    [05/09/2006|17:48] C:\Program Files\Digital Line Detect
    [10/01/2007|18:41] C:\Program Files\directx
    [10/04/2007|20:09] C:\Program Files\eBay
    [29/09/2008|15:15] C:\Program Files\EBP
    [05/01/2009|01:53] C:\Program Files\eMule
    [13/01/2009|22:31] C:\Program Files\Everest Poker
    [01/11/2006|16:26] C:\Program Files\FairUse Wizard 2
    [22/01/2009|20:25] C:\Program Files\Fichiers communs
    [11/11/2007|12:39] C:\Program Files\Firaxis Games
    [04/01/2008|21:18] C:\Program Files\FM Modifier 2.2
    [01/11/2006|16:28] C:\Program Files\Free Audio Pack
    [13/01/2009|22:30] C:\Program Files\Full Tilt Poker
    [01/09/2005|06:27] C:\Program Files\GemMasterFrench
    [17/09/2007|23:54] C:\Program Files\GhostSurf 2006 Platinum
    [20/01/2009|20:54] C:\Program Files\Google
    [06/07/2007|21:52] C:\Program Files\Grisoft
    [10/11/2008|15:57] C:\Program Files\Guitar Pro 5
    [16/12/2007|17:02] C:\Program Files\Hewlett-Packard
    [16/12/2007|17:05] C:\Program Files\HP
    [17/09/2007|00:52] C:\Program Files\ICQ6
    [28/10/2006|16:22] C:\Program Files\Illustrate
    [10/01/2009|02:32] C:\Program Files\InstallShield Installation Information
    [05/09/2006|17:48] C:\Program Files\Intel
    [05/09/2006|17:49] C:\Program Files\Intel, Inc
    [10/12/2008|03:08] C:\Program Files\Internet Explorer
    [10/01/2009|01:49] C:\Program Files\Java
    [10/01/2007|18:39] C:\Program Files\Logitech
    [21/01/2009|20:06] C:\Program Files\Malwarebytes' Anti-Malware
    [23/07/2008|21:00] C:\Program Files\Maxis
    [24/11/2008|18:33] C:\Program Files\Messenger
    [14/08/2008|21:15] C:\Program Files\Messenger Plus! Live
    [18/06/2007|18:21] C:\Program Files\MessengerDiscovery
    [14/02/2008|22:34] C:\Program Files\Microsoft ActiveSync
    [07/02/2008|19:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [01/09/2005|06:18] C:\Program Files\microsoft frontpage
    [08/10/2008|21:23] C:\Program Files\Microsoft Games
    [25/12/2007|12:37] C:\Program Files\Microsoft Office
    [10/07/2008|02:07] C:\Program Files\Microsoft SQL Server
    [25/12/2007|14:58] C:\Program Files\Microsoft Visual Studio
    [17/09/2007|23:59] C:\Program Files\Microsoft Visual Studio 8
    [10/09/2008|22:22] C:\Program Files\Microsoft Works
    [17/09/2007|23:54] C:\Program Files\Microsoft.NET
    [05/09/2006|17:48] C:\Program Files\Modem Helper
    [24/11/2008|18:26] C:\Program Files\Movie Maker
    [22/01/2009|21:51] C:\Program Files\Mozilla Firefox
    [29/10/2007|14:04] C:\Program Files\mozilla.org
    [01/09/2005|06:12] C:\Program Files\MSN
    [01/09/2005|06:12] C:\Program Files\MSN Gaming Zone
    [25/11/2008|19:02] C:\Program Files\MSN Messenger
    [04/02/2007|23:30] C:\Program Files\MSN Reaper
    [17/11/2006|20:05] C:\Program Files\MSXML 4.0
    [18/09/2007|00:03] C:\Program Files\MSXML 6.0
    [11/04/2007|22:01] C:\Program Files\nerazzurri.net
    [21/05/2007|19:37] C:\Program Files\Nero
    [24/11/2008|18:22] C:\Program Files\NetMeeting
    [05/09/2006|17:48] C:\Program Files\NetWaiting
    [17/09/2007|01:35] C:\Program Files\No-IP
    [01/09/2005|06:13] C:\Program Files\Online Services
    [24/11/2008|18:22] C:\Program Files\Outlook Express
    [15/10/2006|20:07] C:\Program Files\Phantom EFX
    [06/02/2008|22:41] C:\Program Files\PhotoFiltre
    [29/10/2008|00:03] C:\Program Files\Picasa2
    [14/01/2008|21:15] C:\Program Files\Plaxo
    [23/07/2008|19:14] C:\Program Files\Pollux Gamelabs
    [09/09/2006|23:24] C:\Program Files\PowerArchiver
    [07/04/2008|14:44] C:\Program Files\QuickTime
    [10/01/2007|18:38] C:\Program Files\Real
    [07/07/2007|08:14] C:\Program Files\RegCleaner
    [17/09/2007|20:05] C:\Program Files\Samsung
    [01/07/2008|23:07] C:\Program Files\Secrets du Jeu
    [10/05/2008|12:27] C:\Program Files\SEGA
    [01/09/2005|06:15] C:\Program Files\Services en ligne
    [05/09/2006|17:44] C:\Program Files\Sigmatel
    [28/10/2006|16:10] C:\Program Files\SLD Codec Pack
    [05/09/2006|17:51] C:\Program Files\Sonic
    [23/12/2007|14:52] C:\Program Files\Sports Interactive
    [11/09/2007|22:11] C:\Program Files\SuperScan
    [05/09/2006|17:56] C:\Program Files\Symantec
    [05/09/2006|17:46] C:\Program Files\Synaptics
    [11/09/2007|19:15] C:\Program Files\The Cleaner
    [31/12/2007|17:33] C:\Program Files\TomTom HOME
    [01/09/2005|06:25] C:\Program Files\Uninstall Information
    [17/12/2006|20:44] C:\Program Files\VideoEgg
    [05/10/2006|21:30] C:\Program Files\VideoLAN
    [10/01/2009|02:19] C:\Program Files\WinamaxPoker
    [28/10/2006|15:37] C:\Program Files\Winamp
    [10/06/2007|21:57] C:\Program Files\Windows Live
    [27/10/2008|23:14] C:\Program Files\Windows Live Safety Center
    [10/01/2007|18:38] C:\Program Files\Windows Media Components
    [31/12/2007|13:48] C:\Program Files\Windows Media Connect 2
    [24/11/2008|18:22] C:\Program Files\Windows Media Player
    [24/11/2008|18:22] C:\Program Files\Windows NT
    [01/09/2005|06:12] C:\Program Files\Windows Plus
    [01/09/2005|06:15] C:\Program Files\WindowsUpdate
    [01/09/2005|06:18] C:\Program Files\xerox
    [17/10/2007|17:23] C:\Program Files\Yahoo!
    [23/12/2007|12:24] C:\Program Files\Zero G Registry

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [21/10/2007|19:36] C:\Program Files\Fichiers communs\ACD Systems
    [05/09/2006|17:50] C:\Program Files\Fichiers communs\Adobe
    [21/05/2007|19:39] C:\Program Files\Fichiers communs\Ahead
    [28/07/2007|16:19] C:\Program Files\Fichiers communs\Apple
    [29/09/2008|15:15] C:\Program Files\Fichiers communs\Borland Shared
    [25/12/2007|14:58] C:\Program Files\Fichiers communs\DESIGNER
    [29/09/2008|15:15] C:\Program Files\Fichiers communs\EBP
    [10/01/2007|18:39] C:\Program Files\Fichiers communs\FotoWire
    [16/12/2007|17:01] C:\Program Files\Fichiers communs\Hewlett-Packard
    [16/12/2007|17:05] C:\Program Files\Fichiers communs\HP
    [24/11/2006|23:12] C:\Program Files\Fichiers communs\InstallShield
    [05/09/2006|17:39] C:\Program Files\Fichiers communs\Java
    [10/01/2007|18:40] C:\Program Files\Fichiers communs\Logitech
    [08/10/2008|21:50] C:\Program Files\Fichiers communs\Microsoft Games
    [28/08/2008|23:11] C:\Program Files\Fichiers communs\Microsoft Shared
    [01/09/2005|06:15] C:\Program Files\Fichiers communs\MSSoap
    [01/09/2005|06:08] C:\Program Files\Fichiers communs\ODBC
    [10/01/2007|18:38] C:\Program Files\Fichiers communs\Real
    [01/09/2005|06:15] C:\Program Files\Fichiers communs\Services
    [05/09/2006|17:51] C:\Program Files\Fichiers communs\Sonic Shared
    [01/09/2005|06:08] C:\Program Files\Fichiers communs\SpeechEngines
    [24/09/2006|19:43] C:\Program Files\Fichiers communs\Symantec Shared
    [24/11/2008|18:22] C:\Program Files\Fichiers communs\System
    [05/09/2006|17:50] C:\Program Files\Fichiers communs\TiVo Shared

    --------------------\\ Process

    ( 16 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-22 21:56:24
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 99

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROOTKIT !!

    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\alcohol 120%\crack.exe
    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\keygen.exe
    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\Nero_712_KeyGen_Only-ORiON.rar
    C:\DOCUME~1\Dani\Favoris\cours de cracking
    C:\DOCUME~1\Dani\Favoris\crack wep
    C:\DOCUME~1\Dani\Favoris\cracks and serials
    C:\DOCUME~1\Dani\Favoris\I-Hacked.com Taking Advantage Of Technology - Cracking Wifi with BackTrack.url
    C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking - Shmeitcorp.url
    C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking.url
    C:\DOCUME~1\Dani\Favoris\crack wep\Tuto fr tutoriaux francophone.url
    C:\DOCUME~1\Dani\Favoris\cracks and serials\Serials & keys - unlocks the world.url
    C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw — la mont pagnotte familly.url
    C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw.url
    C:\DOCUME~1\Dani\Favoris\hacking\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep.url
    C:\DOCUME~1\Dani\Favoris\hacking\AIRCRACK-PTW le wifi debian linux download aircrack-ptw,telecharger aircrack-ptw, airodump, aireplay (suite aircrack-ng).url
    C:\DOCUME~1\Dani\Favoris\hacking\Crackpark.org - Votre portail d’infomations sur le thème cracks serials. Ce site est en vente!.url
    C:\DOCUME~1\Dani\Mes documents\EBP.Comptes.Bancaires.2006.v6.0.1.34.FR.Incl-Crack.rar
    C:\DOCUME~1\Dani\Mes documents\guitare\Guitar Pro 5.2 (Win)\Keygen.exe
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\F\Faith No More - Crack Hitler.gp3
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\L\Limp Bizkit - Crack Addict.gp4
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\P\Pixies - Crackity Jones.gp3
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Lisez-Moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties\AsianDinasties.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1\AOE III DISC 1.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.bin
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.cue
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.bin
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.cue
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AoE III Cd Keys.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\age3.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\Lisez-moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\age3.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\Lisez-moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties\age3y.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\age3x.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\mgspidx.dll
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs\WarChiefs.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED.rar
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\fm.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\hatred.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack\fm.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD1.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD2.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD3.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD4.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS.txt
    C:\DOCUME~1\Dani\Mes documents\Ma musique\HIP HOP\Kanye West - Late Registration (2005) - Rap [www.torrentazos.com]\08. Kanye West - Crack Music (ft.The Game) - www.torrentazos.com.mp3
    C:\DOCUME~1\Dani\Mes documents\Ma musique\Rap français - albums\Alibi Montana - T'as Ma Parole\02. Le Monde A Crack'.mp3
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0.tar.gz
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw_win32.rar
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR
    C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack
    C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack\FFF.NFO
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.h
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\attacksim.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\Makefile
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\README
    C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.c
    C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.h
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\winamp531_pro.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen\KeyMaker.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR\french_translated.exe

    [F:6][D:3]-> C:\DOCUME~1\Dani\LOCALS~1\Temp
    [F:23][D:0]-> C:\DOCUME~1\Dani\Cookies
    [F:63][D:4]-> C:\DOCUME~1\Dani\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 22/01/2009|21:58 - Option : [2]

    --------------------\\ Fin du rapport a 21:58:02


    et le rapport de hijackthis :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:07:45, on 22/01/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PVSW\Bin\WGE_SRV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\PVSW\BIN\W3dbsmgr.EXE
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\Explorer.EXE
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Creative\Mixer\CTSVolFE.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Dani\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5060905
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=MQ-vaq6YtqM1DocvPPgF6YSkQOg
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\GhostSurf 2006 Platinum\SCActiveBlock.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
    O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by126w.bay126.mail.live.com/mail/resources/MsnPUpld.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freeplayfrench/FlashAX2.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    0
  2. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    re

    supprime tout sa des fichiers et autres bizarre:

    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\alcohol 120%\crack.exe
    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\keygen.exe
    C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\Nero_712_KeyGen_Only-ORiON.rar
    C:\DOCUME~1\Dani\Favoris\cours de cracking
    C:\DOCUME~1\Dani\Favoris\crack wep
    C:\DOCUME~1\Dani\Favoris\cracks and serials
    C:\DOCUME~1\Dani\Favoris\I-Hacked.com Taking Advantage Of Technology - Cracking Wifi with BackTrack.url
    C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking - Shmeitcorp.url
    C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking.url
    C:\DOCUME~1\Dani\Favoris\crack wep\Tuto fr tutoriaux francophone.url
    C:\DOCUME~1\Dani\Favoris\cracks and serials\Serials & keys - unlocks the world.url
    C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw — la mont pagnotte familly.url
    C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw.url
    C:\DOCUME~1\Dani\Favoris\hacking\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep.url
    C:\DOCUME~1\Dani\Favoris\hacking\AIRCRACK-PTW le wifi debian linux download aircrack-ptw,telecharger aircrack-ptw, airodump, aireplay (suite aircrack-ng).url
    C:\DOCUME~1\Dani\Favoris\hacking\Crackpark.org - Votre portail d’infomations sur le thème cracks serials. Ce site est en vente!.url
    C:\DOCUME~1\Dani\Mes documents\EBP.Comptes.Bancaires.2006.v6.0.1.34.FR.Incl-Crack.rar
    C:\DOCUME~1\Dani\Mes documents\guitare\Guitar Pro 5.2 (Win)\Keygen.exe
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\F\Faith No More - Crack Hitler.gp3
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\L\Limp Bizkit - Crack Addict.gp4
    C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\P\Pixies - Crackity Jones.gp3
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Lisez-Moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties\AsianDinasties.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1\AOE III DISC 1.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.bin
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.cue
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.bin
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.cue
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AoE III Cd Keys.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\age3.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\Lisez-moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\age3.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\Lisez-moi.txt
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties\age3y.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\age3x.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\mgspidx.dll
    C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs\WarChiefs.iso
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED.rar
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\fm.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\hatred.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack\fm.exe
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD1.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD2.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD3.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD4.daa
    C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS.txt
    C:\DOCUME~1\Dani\Mes documents\Ma musique\HIP HOP\Kanye West - Late Registration (2005) - Rap [www.torrentazos.com]\08. Kanye West - Crack Music (ft.The Game) - www.torrentazos.com.mp3
    C:\DOCUME~1\Dani\Mes documents\Ma musique\Rap français - albums\Alibi Montana - T'as Ma Parole\02. Le Monde A Crack'.mp3
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0.tar.gz
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw_win32.rar
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR
    C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack
    C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack\FFF.NFO
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.h
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\attacksim.c
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\Makefile
    C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\README
    C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.c
    C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.h
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\winamp531_pro.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen\KeyMaker.exe
    C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR\french_translated.exe

    puis fait SDfix et poste le rapport tu as le telechargement et le tuto dans ce lien
    https://www.malekal.com/slenfbot-still-an-other-irc-bot/

    Lit bien l'explication et poste le rapport puis après reposte un hijackthis
    0
  3. danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
     
    Rapport SDFIX :

    [b]SDFix: Version 1.240 [/b]
    Run by Dani on 22/01/2009 at 23:04

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix

    [b]Checking Services [/b]:

    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting

    [b]Checking Files [/b]:

    No Trojan Files Found

    Removing Temp Files

    [b]ADS Check [/b]:

    [b]Final Check [/b]:

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-22 23:30:42
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000272b36fad]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40]
    "ujdew"=hex:20,02,00,00,3b,1a,bb,6b,c9,27,97,e7,07,7a,1b,db,01,0a,46,3a,43,..
    "ljej40"=hex:75,1f,4c,e0,a8,27,0d,af,e6,46,51,4e,d7,4e,b6,ab,75,3b,95,67,fc,..
    "ljej41"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
    "ljej42"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
    "ljej43"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
    "ljej44"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg41]
    "ujdew"=hex:20,02,00,00,3b,1a,bb,6b,4f,ba,59,22,07,7a,1b,db,cb,1a,46,3a,43,..
    "ljej40"=hex:73,1e,4c,e0,b8,26,0d,af,e6,46,51,4e,d7,4e,b6,ab,75,3b,95,67,c2,..
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg42]
    "ujdew"=hex:20,02,00,00,3b,1a,bb,6b,cd,34,6a,7c,07,7a,1b,db,cb,1a,46,3a,43,..
    "ljej40"=hex:73,1e,4c,e0,b8,26,0d,af,e6,46,51,4e,d7,4e,b6,ab,75,3b,95,67,a0,..
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg43]
    "ujdew"=hex:20,02,00,00,3b,1a,bb,6b,97,3e,78,09,07,7a,1b,db,23,0a,46,3a,43,..
    "ljej40"=hex:57,1f,4c,e0,a8,27,0d,af,e6,46,51,4e,d7,4e,b6,ab,75,3b,95,67,2f,..
    "ljej41"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
    "ljej42"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
    "ljej43"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
    "ljej44"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg44]
    "ujdew"=hex:20,02,00,00,2c,1a,bb,6b,60,2b,41,88,7c,2e,af,8b,73,91,eb,01,4c,..
    "ljej40"=hex:cb,a1,e9,d8,c3,72,b9,ff,4b,cd,fc,75,d8,cc,ac,86,e0,3a,f6,03,0a,..
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b36fad]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\000272b36fad]

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
    "DisplayName"="Alcohol 120% (Trial Version)"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
    "TracesProcessed"=dword:00000209

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    [b]Remaining Services [/b]:

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
    "C:\\Python25\\pythonw.exe"="C:\\Python25\\pythonw.exe:*:Enabled:pythonw"
    "C:\\Program Files\\ICQ6\\ICQ.exe"="C:\\Program Files\\ICQ6\\ICQ.exe:*:Enabled:ICQ6"
    "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"="C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008"
    "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
    "C:\\PVSW\\Bin\\w3dbsmgr.exe"="C:\\PVSW\\Bin\\w3dbsmgr.exe:*:Enabled:Database Service Manager"
    "C:\\Program Files\\EBP\\Paye13.0\\WinPaye.exe"="C:\\Program Files\\EBP\\Paye13.0\\WinPaye.exe:*:Enabled:Paye"
    "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
    "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
    "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe:*:Enabled:ashServ"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
    "C:\\PVSW\\Bin\\w3dbsmgr.exe"="C:\\PVSW\\Bin\\w3dbsmgr.exe:*:Enabled:Database Service Manager"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    [b]Remaining Files [/b]:

    [b]Files with Hidden Attributes [/b]:

    Tue 28 Oct 2008 6,108,728 A..H. --- "C:\Program Files\Picasa2\setup.exe"
    Wed 18 Oct 2006 88 ..SHR --- "C:\WINDOWS\system32\0DB961A707.sys"
    Tue 13 Jan 2009 1,334,171 ..SH. --- "C:\WINDOWS\system32\ivumises.tmp"
    Wed 18 Oct 2006 3,766 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
    Wed 21 Jan 2009 2,724 ..SH. --- "C:\WINDOWS\system32\zunubodu.exe"
    Sat 9 Sep 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Wed 9 Jan 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
    Sat 9 Sep 2006 4,348 A.SH. --- "C:\Documents and Settings\Dani\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
    Sun 22 Jul 2007 11,115 A.SH. --- "C:\Documents and Settings\Dani\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"

    [b]Finished![/b]
    0
  4. danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
     
    rapport hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:40:12, on 22/01/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PVSW\Bin\WGE_SRV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\PVSW\BIN\W3dbsmgr.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Creative\Mixer\CTSVolFE.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Dani\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5060905
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=MQ-vaq6YtqM1DocvPPgF6YSkQOg
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\GhostSurf 2006 Platinum\SCActiveBlock.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
    O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by126w.bay126.mail.live.com/mail/resources/MsnPUpld.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freeplayfrench/FlashAX2.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    relance hijackthis choisit do a scan only et coche les cases a gauches des lignes :

    R3 - Default URLSearchHook is missing
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab

    puis clic sur fix checked

    ensuite

    telecharge GMER ici

    https://www.01net.com/telecharger/windows/Utilitaire/optimiseurs_et_tests/fiches/33654.html

    lance le puis selectionne tous tes disques C et D...puis clic sur scan cela peut durer un moment et toutes les lignes rouges à la fin tu clic droit dessus et tu les supprimes mais avant de les supprimes copie les et colle les ici stp
    0
  7. danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
     
    J'ai lancé GMER mais aucune ligne n'apparait en rouge.

    C'est bon signe ça normalement?
    0
  8. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    oui si tu as pas de ligne en rouge c'est bon, mais tu as bien reclic sur scan après l'ouverture et selectionné tout tes disques si oui c'est bon (le scan dur au moins 10min en general)

    puis après conseil :

    essaye ceci

    desactive antivirus et antispyware puis tu va telechargé simtfraudfix, il est detecté a tort :

    clic http://www.malekal.com/tutorial_SmitFraudfix.php le telechargement et le tuto et dedans, tu dois lancer simtfraud faire l'option 1 et poste le rapport stp
    0
  9. danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
     
    Voici le rapport

    SmitFraudFix v2.391

    Rapport fait à 18:36:46,84, 24/01/2009
    Executé à partir de C:\Documents and Settings\Dani\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PVSW\Bin\WGE_SRV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\PVSW\BIN\W3dbsmgr.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Creative\Mixer\CTSVolFE.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\BitLord\BitLord.exe
    C:\Documents and Settings\Dani\Bureau\SmitfraudFix\Policies.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\wscntfy.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    »»»»»»»»»»»»»»»»»»»»»»»» C:\

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dani

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dani\LOCALS~1\Temp

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dani\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dani\Favoris

    »»»»»»»»»»»»»»»»»»»»»»»» Bureau

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"

    »»»»»»»»»»»»»»»»»»»»»»»» o4Patch
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    o4Patch
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    Agent.OMZ.Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» RK

    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 212.27.40.241
    DNS Server Search Order: 212.27.40.240

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{A3B24CD1-81DB-41BD-B3AB-C56C4D0E2F59}: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{A3B24CD1-81DB-41BD-B3AB-C56C4D0E2F59}: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{A3B24CD1-81DB-41BD-B3AB-C56C4D0E2F59}: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin
    0
  10. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    il te reste encore un rootkit assez mechant

    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

    refait une analyse RAPIDE avec malwarebyte et poste le rapport stp
    0
  11. danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
     
    En sans échec?
    0
  12. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    oui fait la en sans echec
    0
  13. danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
     
    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1675
    Windows 5.1.2600 Service Pack 3

    24/01/2009 19:22:17
    mbam-log-2009-01-24 (19-22-10).txt

    Type de recherche: Examen rapide
    Eléments examinés: 60125
    Temps écoulé: 13 minute(s), 48 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\svchost.MSNFix (Heuristics.Reserved.Word.Exploit) -> No action taken.
    0
  14. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    ok as tu supprimer l'infection trouvées par malwarebyte ?

    bon ecoute la jsuis pas assez calé, je pense qu'il faut que quelqu'un te fasse un script de desinfection avec sa :

    :driver
    Legacy_PACKET
    Legacy_TDSSSERV
    Service_TDSSserv

    :reg
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
    \Shell\AutoRun\command
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
    \Shell\AutoRun\command
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    \Shell\AutoRun\command

    et d'autres je pense

    jvé demander
    0
Précédent
  • 1
  • 2