Sujet Précédent Sujet Suivant

Rapport de hijacthis pour ordi malade.

zanu Messages postés 1297 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

j'ai un lien sur bureau dans mon explorateur sur lequel quand je clique, fait redemarrer le processus.exe, et mon centre virus et securité s'ouvre tout seul.voici mon rapport hijackthis, merci de l'analyser...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:17:26, on 23/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\NINA\Bureau\u95.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\NINA\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MediaDICO36] C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A918B4B-A1C3-40FE-896F-9BE301EFED64}: NameServer = 196.202.236.210 210.80.58.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
A voir également:

27 réponses

  • 1
  • 2
Réponse 1 / 27
zanu Messages postés 1297 Statut Membre 38
 
et moi alors? rien a dire sur mon cas?
0
Réponse 2 / 27
Utilisateur anonyme
 
Salut ,

▶ Télécharge random's system information tool (RSIT) et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.

• Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt .

• Tuto : https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
0
Réponse 3 / 27
zanu Messages postés 1297 Statut Membre 38
 
bonjour chiquitine29,
voici le log

Logfile of random's system information tool 1.06 (written by random/random)
Run by NINA at 2009-10-23 13:35:01
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (24%) free of 21 GB
Total RAM: 1014 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:35:06, on 23/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Documents and Settings\NINA\Bureau\u95.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Documents and Settings\NINA\Bureau\RSIT.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\NINA\Bureau\NINA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU%
0
Réponse 4 / 27
Utilisateur anonyme
 
le rapport n est pas complet
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 27
zanu Messages postés 1297 Statut Membre 38
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by NINA at 2009-10-23 12:49:21
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (24%) free of 21 GB
Total RAM: 1014 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:23, on 23/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\wudfhost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Documents and Settings\NINA\Bureau\u95.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\NINA\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\NINA\Bureau\NINA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MediaDICO36] C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A918B4B-A1C3-40FE-896F-9BE301EFED64}: NameServer = 196.202.236.210 210.80.58.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 6 / 27
zanu Messages postés 1297 Statut Membre 38
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by NINA at 2009-10-23 12:49:21
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (24%) free of 21 GB
Total RAM: 1014 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:23, on 23/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\wudfhost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Documents and Settings\NINA\Bureau\u95.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\NINA\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\NINA\Bureau\NINA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MediaDICO36] C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A918B4B-A1C3-40FE-896F-9BE301EFED64}: NameServer = 196.202.236.210 210.80.58.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 7 / 27
Utilisateur anonyme
 
toujours pas complet ....
0
Réponse 8 / 27
zanu Messages postés 1297 Statut Membre 38
 
bonjour,
chiquitine, je n'arrive pas à poster, mes posts sont supprimés automatiquement je crois, je t'ai fais plusieurs messages, ça dit posté, mais ça apparait pas dans les messages
0
Réponse 9 / 27
zanu Messages postés 1297 Statut Membre 38
 
bonjour,
Logfile of random's system information tool 1.06 (written by random/random)
Run by NINA at 2009-10-23 12:49:21
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (24%) free of 21 GB
Total RAM: 1014 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:23, on 23/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\wudfhost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Documents and Settings\NINA\Bureau\u95.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\NINA\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\NINA\Bureau\NINA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MediaDICO36] C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A918B4B-A1C3-40FE-896F-9BE301EFED64}: NameServer = 196.202.236.210 210.80.58.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 10 / 27
Utilisateur anonyme
 
Hebrege ton raaport sur ci joint : http://www.cijoint.fr/

et passe moi le lien
0
Réponse 11 / 27
zanu Messages postés 1297 Statut Membre 38
 
j'ai vraiment beaucoup de difficultés, je sais pas ce qui se passe avec ce site. peut etre un moderateur supprime automatiquement mes posts.
0
Réponse 12 / 27
Utilisateur anonyme
 
• Télécharge UsbFix sur ton bureau .

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
https://www.androidworld.fr/

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

• Double clic sur "UsbFix.exe" présent sur ton bureau .

• Choisis l'option F pour français et tape sur [entrée] .

• Choisis l'option 1 ( Recherche ) et tape sur [entrée] .

• Laisse travailler l'outil.

Ensuite post le rapport UsbFix.txt qui apparaitra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
0
Réponse 13 / 27
zanu Messages postés 1297 Statut Membre 38
 
le voici

############################## | UsbFix V6.024 |

User : NINA (Administrateurs) # KAMI
Update on 01/09/09 by Chiquitine29, C_XX & Chimay8
Start at: 13:07:38 | 23/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Processeur Intel Pentium II
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Kaspersky Anti-Virus 6.0.1.411 [ (!) Disabled | (!) Outdated ]

C:\ -> Disque fixe local # 20,09 Go (4,86 Go free) # NTFS
D:\ -> Disque fixe local # 14 Go (5,95 Go free) [DATA] # NTFS
E:\ -> Disque fixe local # 34,57 Go (3,18 Go free) [ACERDATA] # FAT32
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque fixe local # 59,11 Go (7,72 Go free) [DISK THIERR] # FAT32
I:\ -> Disque fixe local # 39,9 Go (4,88 Go free) [DATA2] # NTFS
J:\ -> Disque fixe local # 50,01 Go (15,89 Go free) [DATA3] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\wudfhost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\NINA\Bureau\u95.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

Présent ! J:\install.exe

################## | Suspect ! ... | https://www.virustotal.com/gui/ |

################## | Registre # Clés Run infectieuses |

Présent ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{aecebae6-9561-11de-8977-001e4c0a95b0}
Shell\AutoRun\command =K:\RECYCLER\k-1-3542-4232123213-7676767-8888886\MsGv.exe
Shell\open\command =K:\RECYCLER\k-1-3542-4232123213-7676767-8888886\MsGv.exe

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe"
09/10/2009 03:49 |Size : 10171904 |Crc32 : 13cb982d |Md5 : a36274ca32de7b49f3a0d8f509a8610a

################## | ! Fin du rapport # UsbFix V6.024 ! |
0
Réponse 14 / 27
Utilisateur anonyme
 
la version de usbfix que tu utilise n est pas a jours , supprime la et recommence le scan avec celle ci :

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe (V6.044)
0
Réponse 15 / 27
zanu Messages postés 1297 Statut Membre 38
 
############################## | UsbFix V6.044 |

User : NINA (Administrateurs) # KAMI
Update on 22/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 13:35:15 | 23/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Processeur Intel Pentium II
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Kaspersky Anti-Virus 6.0.1.411 [ (!) Disabled | (!) Outdated ]

C:\ -> Disque fixe local # 20,09 Go (4,86 Go free) # NTFS
D:\ -> Disque fixe local # 14 Go (5,95 Go free) [DATA] # NTFS
E:\ -> Disque fixe local # 34,57 Go (3,18 Go free) [ACERDATA] # FAT32
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque fixe local # 59,11 Go (7,72 Go free) [DISK THIERR] # FAT32
I:\ -> Disque fixe local # 39,9 Go (4,88 Go free) [DATA2] # NTFS
J:\ -> Disque fixe local # 50,01 Go (15,89 Go free) [DATA3] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\wudfhost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\NINA\Bureau\u95.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

C:\DOCUME~1\NINA\Bureau\u95.exe

################## | Registre # Clés Run infectieuses |

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{aecebae6-9561-11de-8977-001e4c0a95b0}
Shell\AutoRun\command =K:\RECYCLER\k-1-3542-4232123213-7676767-8888886\MsGv.exe
Shell\open\command =K:\RECYCLER\k-1-3542-4232123213-7676767-8888886\MsGv.exe

################## | Suspect | https://www.virustotal.com/gui/ |

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe"
09/10/2009 03:49 |Size 10171904 |Crc32 13cb982d |Md5 a36274ca32de7b49f3a0d8f509a8610a

"C:\Program Files\Java\jdk1.6.0_18\bin\serialver.exe"
07/10/2009 02:38 |Size 27648 |Crc32 5edb0286 |Md5 8657bd2bc333162f42579d121c7b2681

"H:\SOFTWARES\Avast AntiVirus PRO Edition v4.8.1169 + Keygen\setupengpro.exe"
01/04/2009 00:40 |Size 22110120 |Crc32 9cdff83d |Md5 17d951700ca400cf45842b2933663310

"H:\SOFTWARES\Lecteurs Multim‚dia\CyberLink PowerDVD 8 Ultra Keygen + Crack\CORE10k.EXE"
01/04/2009 00:42 |Size 137728 |Crc32 ee57ce98 |Md5 d581068e84510083ddea45e821ebde36

"H:\SOFTWARES\Lecteurs Multim‚dia\CyberLink PowerDVD 8 Ultra Keygen + Crack\powerdvd_powerdvd_8.2217d_francais_234614.exe"
09/02/2009 15:22 |Size 79718568 |Crc32 9374e662 |Md5 79c226360e6180f9d85c064bcfe1d87d

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\Crack_WinRAR_v32b2f.exe"
01/04/2009 00:42 |Size 14336 |Crc32 62d1d5f5 |Md5 831398ae8ffe287af2a232b1f7382989

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\Keyfilemaker.exe"
16/03/2003 15:38 |Size 169984 |Crc32 778cbd5d |Md5 41ddff6e0c2b186b7bb981c9c5026a19

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\WinRAR_v32b2fr.exe"
01/04/2009 00:42 |Size 1100825 |Crc32 64a48b42 |Md5 83e529a190db99c26be1c8b128783941

"J:\DATA 1\data (G)\Downloads\Compressed\Internet Download Manager 5.14 Crack\IDMan.exe"
15/07/2008 09:39 |Size 931248 |Crc32 b87c1fef |Md5 3ffc4a1402aa983f070329304d169f24

################## | ! Fin du rapport # UsbFix V6.044 ! |
0
Réponse 16 / 27
Utilisateur anonyme
 
IMPEC ;)

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

• Double clic sur "UsbFix.exe" présent sur ton bureau .

• Choisis l' option F pour français et et tape sur [entrée] .

• choisis l'option 2 ( Suppression ) et tape sur [entrée].

• Ton bureau disparaitra et le pc redémarrera .

• Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 17 / 27
zanu Messages postés 1297 Statut Membre 38
 
############################## | UsbFix V6.044 |

User : NINA (Administrateurs) # KAMI
Update on 22/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 13:44:52 | 23/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Processeur Intel Pentium II
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Kaspersky Anti-Virus 6.0.1.411 [ (!) Disabled | (!) Outdated ]

C:\ -> Disque fixe local # 20,09 Go (4,86 Go free) # NTFS
D:\ -> Disque fixe local # 14 Go (5,95 Go free) [DATA] # NTFS
E:\ -> Disque fixe local # 34,57 Go (3,18 Go free) [ACERDATA] # FAT32
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque fixe local # 59,11 Go (7,72 Go free) [DISK THIERR] # FAT32
I:\ -> Disque fixe local # 39,9 Go (4,88 Go free) [DATA2] # NTFS
J:\ -> Disque fixe local # 50,01 Go (15,89 Go free) [DATA3] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wudfhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\DOCUME~1\NINA\Bureau\u95.exe

################## | Registre # Clés Run infectieuses |

Supprimé ! [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{aecebae6-9561-11de-8977-001e4c0a95b0}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[09/09/2009 04:21|--a------|150997] C:\09092009(001).jpg
[09/09/2009 04:22|--a------|164834] C:\09092009.jpg
[30/08/2009 11:23|--a------|0] C:\AUTOEXEC.BAT
[20/09/2009 15:30|---h-----|212] C:\boot.ini
[28/09/2001 14:00|-rahs----|4952] C:\Bootfont.bin
[30/08/2009 11:23|--a------|0] C:\CONFIG.SYS
[20/09/2009 23:12|--a------|108032] C:\demande.doc
[22/09/2009 14:22|--a------|109056] C:\demande2.doc
[11/10/2009 16:58|--a------|77418] C:\DSCN7992.JPG
[11/10/2009 19:31|--a------|131219] C:\FabriceDV.JPG
[11/10/2009 19:29|--a------|150468] C:\FrancineDV.JPG
[?|?|?] C:\hiberfil.sys
[30/08/2009 11:23|-rahs----|0] C:\IO.SYS
[29/09/2009 15:16|--a------|1155] C:\ip.txt
[30/08/2009 11:23|-rahs----|0] C:\MSDOS.SYS
[03/08/2004 23:38|-rahs----|47564] C:\NTDETECT.COM
[03/08/2004 23:59|-rahs----|251712] C:\ntldr
[?|?|?] C:\pagefile.sys
[11/10/2009 19:36|--a------|120838] C:\PAtouDV.JPG
[30/08/2009 23:16|--ah-----|268] C:\sqmdata00.sqm
[31/08/2009 08:47|--ah-----|268] C:\sqmdata01.sqm
[30/08/2009 23:16|--ah-----|244] C:\sqmnoopt00.sqm
[31/08/2009 08:47|--ah-----|244] C:\sqmnoopt01.sqm
[21/09/2009 01:21|--a------|744448] C:\standup project cameroon.doc
[11/10/2009 19:34|--a------|134786] C:\thierryDV.JPG
[23/10/2009 13:48|--a------|4002] C:\UsbFix.txt
[30/08/2009 14:43|--a------|140] C:\YServer.txt
[07/10/2009 03:13|---hs----|3223] D:\AlbumArtSmall.jpg
[07/10/2009 03:13|---hs----|13371] D:\AlbumArt_{5C307EDE-8241-46AE-B994-DBC97C557051}_Large.jpg
[07/10/2009 03:13|---hs----|3223] D:\AlbumArt_{5C307EDE-8241-46AE-B994-DBC97C557051}_Small.jpg
[06/09/2009 06:05|---hs----|10334] D:\AlbumArt_{F398A09E-72CB-42AF-8524-B81D50F8014C}_Large.jpg
[06/09/2009 06:04|---hs----|2699] D:\AlbumArt_{F398A09E-72CB-42AF-8524-B81D50F8014C}_Small.jpg
[06/09/2009 06:15|--a------|8683401] D:\Alexandra_Burke_-_Hallelujah.mp3
[16/07/2009 12:01|--a------|5362430] D:\Beyonce - Ego Remix Feat. Kanye West - Jooksed.com.mp3
[25/11/2007 15:14|--a------|6501900] D:\black eyes lack eyed peas feat macy gray - request line.mp3
[25/11/2007 06:37|--a------|3907712] D:\bob marley feat lauryn hill - turn your light down low.mp3
[28/01/2009 23:30|--a------|15028] D:\candidature.php.htm
[09/06/2009 23:42|--a------|18557] D:\candidaturePOLYTECH.php.htm
[07/10/2009 03:13|---hs----|345] D:\desktop.ini
[06/09/2009 06:15|--a------|4493902] D:\Do me feat Waye.mp3
[09/04/2009 16:05|--a------|89909] D:\DSCF0959.JPG
[09/04/2009 16:04|--a------|98879] D:\DSCF1068.JPG
[09/04/2009 16:04|--a------|78022] D:\DSCF1117.JPG
[20/06/2009 19:20|--a------|80447] D:\DSCF1912.JPG
[20/06/2009 19:21|--a------|473046] D:\DSCF1914.JPG
[08/09/2009 18:47|--a------|68608] D:\essay International Youth day 2009.doc
[07/10/2009 03:13|---hs----|13371] D:\Folder.jpg
[06/09/2009 06:59|--a------|5724518] D:\Hugo nyame-pardon madame.wma
[12/10/2009 08:51|--a------|5146624] D:\I WISH(rmx).mp3
[07/07/2009 02:18|--a------|5508862] D:\James Morrison ft Nelly Furtado. Broken Strings.mp3
[24/11/2007 22:15|--a------|4990268] D:\jonell feat method man - round and round (remix).mp3
[25/11/2007 06:48|--a------|3835655] D:\macy gray - i try(1).mp3
[25/11/2007 06:53|--a------|4806992] D:\mc solaar - solar pleure.mp3
[24/11/2007 21:08|--a------|8146892] D:\mc solar - da vinci claude.mp3
[17/07/2009 18:26|--a------|603504384] D:\Memento.mdf
[17/07/2009 18:26|--a------|486] D:\Memento.mds
[25/11/2007 07:00|--a------|5681152] D:\missy elliot - gossip folks.mp3
[25/11/2007 06:24|--a------|6615040] D:\missy elliot feat ludacris - one minute man.mp3
[25/06/2008 12:22|--a------|3063056] D:\nelly - all good things.mp3
[07/08/2008 15:28|--a------|4296655] D:\P-Square - No one like u.mp3
[24/11/2007 22:31|--a------|6021890] D:\parle a ma mai -fatal bazooka-yelle feat christelle.mp3
[06/09/2009 06:15|--a------|9288141] D:\Pink - It's All Your Fault.mp3
[24/11/2007 20:24|--a------|6371578] D:\pink, mya, cristina aguilera, lil kim, missy elliot - 02 - lady marmalade.mp3
[20/06/2009 19:21|--ahs----|44032] D:\Thumbs.db
[13/05/2009 20:30|---------|16742799] D:\vlc-0.9.9-win32.exe
[28/05/2007 01:24|--a------|6705152] D:\Worlds Greatest.mp3
[13/02/2009 10:03|--a------|2770343] E:\attachments_2009_02_13.zip
[01/01/2050 00:00|--a------|46713] E:\Chapter30-Johnson.pdf
[01/01/2050 00:00|--a------|218665] E:\chaos1998.pdf
[01/01/2050 00:00|--a------|408987] E:\introduction.pdf
[01/01/2050 00:00|--a------|317922] E:\pert.pdf
[01/01/2050 00:00|--a------|327575] E:\planification.pdf
[01/01/2050 00:00|--a------|39664] E:\Plan-TypesDocuments.rtf
[01/01/2050 00:00|--a------|534859] E:\estimation.pdf
[01/01/2050 00:00|--a------|365077] E:\initiation.pdf
[01/01/2050 00:00|--a------|1196547] E:\GestionProjet.pdf
[01/01/2050 00:00|--a------|459311] E:\suivi.pdf
[20/05/2009 01:19|--ahs----|38400] E:\Thumbs.db
[25/07/2009 19:07|--a------|196] E:\boot.ini
[29/08/2009 17:39|--a------|781909] H:\RSIT.exe
[31/03/2009 07:11|--a------|734664704] H:\edenlake_xvid.avi
[21/02/2009 05:15|--a------|735913984] H:\Au-dela.De.L.Illusion.LiMiTED.TRUEFRENCH.DVDRIP.XVID-SYR.avi
[06/07/2009 10:36|--a------|237056] H:\Keygen Microsoft Office 2007 Pro Plus.exe
[31/03/2009 06:00|--a------|734652416] H:\Doubt.FRENCH.DVDRiP.XviD-ULTRASON.avi
[16/12/2008 10:08|--a------|7290156] H:\TSIMI TORO MERCI.wma
[23/03/2009 15:37|--a------|731797504] H:\Mad.Money.FRENCH.DVDRiP.XviD-MONK.avi
[20/03/2009 17:26|--a------|727562240] H:\Twilight.FRENCH.DVDRiP.READNFO.REPACK.1CD.XVID-FENUA.Upload.(Steph53).MININOVA.ORG..avi
[03/02/2009 08:06|--a------|733634560] H:\Rec.FRENCH.DVDRIP.XVID-ULTRASON.Upload.(Steph53).Mininova.org..avi
[16/02/2009 07:40|--a------|733782016] H:\Against.The.Dark.2009.Stv.French.Dvdrip.Xvid-RLD.Upload.(Steph53).Mininova.org..avi
[18/08/2007 12:27|--a------|37448588] H:\AVSEQ02.DAT
[07/08/2008 06:49|--a------|175308800] H:\AVSEQ03.DAT
[18/08/2007 12:27|--a------|30985292] H:\garou.DAT
[26/09/2008 21:55|--a------|340620460] H:\verite qui derange.avi
[14/02/2009 09:48|--a------|732092416] H:\Body.Of.Lies.FRENCH.REPACK.1CD.DVDRiP.XviD-GKS.#wWw.MeDiA-ArEnA.TK#.avi
[03/02/2009 04:26|--a------|733188096] H:\Mirrors.[2008.French].DVD.R5.Rip.DivX-LTT.avi
[27/08/2007 00:56|--a------|734412800] H:\uN HoMMe D eXCePTioN.FReNCH DVDRiP(700Mo)-FReDDYSToNESRoLLiNG.aVi
[20/02/2008 21:16|--a------|726351872] H:\La Colline a des yeux 2.avi
[03/03/2008 21:53|--a------|734451712] H:\Asterix.Aux.Jeux.Olympiques.avi
[29/08/2009 19:21|--a------|103364608] H:\ToutouLinux_4.1.2Retro.iso
[29/08/2009 18:07|--a------|35328] H:\La fibre optique.doc
[25/08/2009 21:01|--a------|125338] H:\TeaShark-419.jar
[29/01/2009 15:34|--a------|917733176] I:\Atonement.FRENCH.Reviens-moi.divx
[22/09/2009 03:31|--a------|1528398] I:\memoire.pdf
[26/08/2009 16:38|--a------|103364608] I:\ToutouLinux_4.1.2Retro.iso
[02/02/2007 01:43|--a------|12908502] J:\ben skin testament.mp3
[07/11/2007 08:00|--a------|17734] J:\eula.1028.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1031.txt
[07/11/2007 08:00|--a------|10134] J:\eula.1033.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1036.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1040.txt
[07/11/2007 08:00|--a------|118] J:\eula.1041.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1042.txt
[07/11/2007 08:00|--a------|17734] J:\eula.2052.txt
[07/11/2007 08:00|--a------|17734] J:\eula.3082.txt
[07/11/2007 08:00|--a------|1110] J:\globdata.ini
[07/11/2007 08:03|--a------|562688] J:\install.exe
[07/11/2007 08:00|--a------|843] J:\install.ini
[07/11/2007 08:03|--a------|76304] J:\install.res.1028.dll
[07/11/2007 08:03|--a------|96272] J:\install.res.1031.dll
[07/11/2007 08:03|--a------|91152] J:\install.res.1033.dll
[07/11/2007 08:03|--a------|97296] J:\install.res.1036.dll
[07/11/2007 08:03|--a------|95248] J:\install.res.1040.dll
[07/11/2007 08:03|--a------|81424] J:\install.res.1041.dll
[07/11/2007 08:03|--a------|79888] J:\install.res.1042.dll
[07/11/2007 08:03|--a------|75792] J:\install.res.2052.dll
[07/11/2007 08:03|--a------|96272] J:\install.res.3082.dll
[28/09/2009 11:00|--ahs----|3072] J:\Thumbs.db
[07/11/2007 08:00|--a------|5686] J:\vcredist.bmp
[07/11/2007 08:09|--a------|1442522] J:\VC_RED.cab
[07/11/2007 08:12|--a------|232960] J:\VC_RED.MSI

################## | Vaccination |

# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# H:\autorun.inf -> Folder created by UsbFix.
# I:\autorun.inf -> Folder created by UsbFix.
# J:\autorun.inf -> Folder created by UsbFix.

################## | Suspect | https://www.virustotal.com/gui/ |

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe"
09/10/2009 03:49 |Size 10171904 |Crc32 13cb982d |Md5 a36274ca32de7b49f3a0d8f509a8610a

"C:\Program Files\Java\jdk1.6.0_18\bin\serialver.exe"
07/10/2009 02:38 |Size 27648 |Crc32 5edb0286 |Md5 8657bd2bc333162f42579d121c7b2681

"H:\SOFTWARES\Avast AntiVirus PRO Edition v4.8.1169 + Keygen\setupengpro.exe"
01/04/2009 00:40 |Size 22110120 |Crc32 9cdff83d |Md5 17d951700ca400cf45842b2933663310

"H:\SOFTWARES\Lecteurs Multim‚dia\CyberLink PowerDVD 8 Ultra Keygen + Crack\CORE10k.EXE"
01/04/2009 00:42 |Size 137728 |Crc32 ee57ce98 |Md5 d581068e84510083ddea45e821ebde36

"H:\SOFTWARES\Lecteurs Multim‚dia\CyberLink PowerDVD 8 Ultra Keygen + Crack\powerdvd_powerdvd_8.2217d_francais_234614.exe"
09/02/2009 15:22 |Size 79718568 |Crc32 9374e662 |Md5 79c226360e6180f9d85c064bcfe1d87d

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\Crack_WinRAR_v32b2f.exe"
01/04/2009 00:42 |Size 14336 |Crc32 62d1d5f5 |Md5 831398ae8ffe287af2a232b1f7382989

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\Keyfilemaker.exe"
16/03/2003 15:38 |Size 169984 |Crc32 778cbd5d |Md5 41ddff6e0c2b186b7bb981c9c5026a19

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\WinRAR_v32b2fr.exe"
01/04/2009 00:42 |Size 1100825 |Crc32 64a48b42 |Md5 83e529a190db99c26be1c8b128783941

"J:\DATA 1\data (G)\Downloads\Compressed\Internet Download Manager 5.14 Crack\IDMan.exe"
15/07/2008 09:39 |Size 931248 |Crc32 b87c1fef |Md5 3ffc4a1402aa983f070329304d169f24

################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\NINA\Bureau\UsbFix_Upload_Me_KAMI.zip : https://www.androidworld.fr/
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.044 ! |
0
Réponse 18 / 27
zanu Messages postés 1297 Statut Membre 38
 
bonjour,

############################## | UsbFix V6.044 |

User : NINA (Administrateurs) # KAMI
Update on 22/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 13:44:52 | 23/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Processeur Intel Pentium II
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Kaspersky Anti-Virus 6.0.1.411 [ (!) Disabled | (!) Outdated ]

C:\ -> Disque fixe local # 20,09 Go (4,86 Go free) # NTFS
D:\ -> Disque fixe local # 14 Go (5,95 Go free) [DATA] # NTFS
E:\ -> Disque fixe local # 34,57 Go (3,18 Go free) [ACERDATA] # FAT32
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque fixe local # 59,11 Go (7,72 Go free) [DISK THIERR] # FAT32
I:\ -> Disque fixe local # 39,9 Go (4,88 Go free) [DATA2] # NTFS
J:\ -> Disque fixe local # 50,01 Go (15,89 Go free) [DATA3] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wudfhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\DOCUME~1\NINA\Bureau\u95.exe

################## | Registre # Clés Run infectieuses |

Supprimé ! [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{aecebae6-9561-11de-8977-001e4c0a95b0}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[09/09/2009 04:21|--a------|150997] C:\09092009(001).jpg
[09/09/2009 04:22|--a------|164834] C:\09092009.jpg
[30/08/2009 11:23|--a------|0] C:\AUTOEXEC.BAT
[20/09/2009 15:30|---h-----|212] C:\boot.ini
[28/09/2001 14:00|-rahs----|4952] C:\Bootfont.bin
[30/08/2009 11:23|--a------|0] C:\CONFIG.SYS
[20/09/2009 23:12|--a------|108032] C:\demande.doc
[22/09/2009 14:22|--a------|109056] C:\demande2.doc
[11/10/2009 16:58|--a------|77418] C:\DSCN7992.JPG
[11/10/2009 19:31|--a------|131219] C:\FabriceDV.JPG
[11/10/2009 19:29|--a------|150468] C:\FrancineDV.JPG
[?|?|?] C:\hiberfil.sys
[30/08/2009 11:23|-rahs----|0] C:\IO.SYS
[29/09/2009 15:16|--a------|1155] C:\ip.txt
[30/08/2009 11:23|-rahs----|0] C:\MSDOS.SYS
[03/08/2004 23:38|-rahs----|47564] C:\NTDETECT.COM
[03/08/2004 23:59|-rahs----|251712] C:\ntldr
[?|?|?] C:\pagefile.sys
[11/10/2009 19:36|--a------|120838] C:\PAtouDV.JPG
[30/08/2009 23:16|--ah-----|268] C:\sqmdata00.sqm
[31/08/2009 08:47|--ah-----|268] C:\sqmdata01.sqm
[30/08/2009 23:16|--ah-----|244] C:\sqmnoopt00.sqm
[31/08/2009 08:47|--ah-----|244] C:\sqmnoopt01.sqm
[21/09/2009 01:21|--a------|744448] C:\standup project cameroon.doc
[11/10/2009 19:34|--a------|134786] C:\thierryDV.JPG
[23/10/2009 13:48|--a------|4002] C:\UsbFix.txt
[30/08/2009 14:43|--a------|140] C:\YServer.txt
[07/10/2009 03:13|---hs----|3223] D:\AlbumArtSmall.jpg
[07/10/2009 03:13|---hs----|13371] D:\AlbumArt_{5C307EDE-8241-46AE-B994-DBC97C557051}_Large.jpg
[07/10/2009 03:13|---hs----|3223] D:\AlbumArt_{5C307EDE-8241-46AE-B994-DBC97C557051}_Small.jpg
[06/09/2009 06:05|---hs----|10334] D:\AlbumArt_{F398A09E-72CB-42AF-8524-B81D50F8014C}_Large.jpg
[06/09/2009 06:04|---hs----|2699] D:\AlbumArt_{F398A09E-72CB-42AF-8524-B81D50F8014C}_Small.jpg
[06/09/2009 06:15|--a------|8683401] D:\Alexandra_Burke_-_Hallelujah.mp3
[16/07/2009 12:01|--a------|5362430] D:\Beyonce - Ego Remix Feat. Kanye West - Jooksed.com.mp3
[25/11/2007 15:14|--a------|6501900] D:\black eyes lack eyed peas feat macy gray - request line.mp3
[25/11/2007 06:37|--a------|3907712] D:\bob marley feat lauryn hill - turn your light down low.mp3
[28/01/2009 23:30|--a------|15028] D:\candidature.php.htm
[09/06/2009 23:42|--a------|18557] D:\candidaturePOLYTECH.php.htm
[07/10/2009 03:13|---hs----|345] D:\desktop.ini
[06/09/2009 06:15|--a------|4493902] D:\Do me feat Waye.mp3
[09/04/2009 16:05|--a------|89909] D:\DSCF0959.JPG
[09/04/2009 16:04|--a------|98879] D:\DSCF1068.JPG
[09/04/2009 16:04|--a------|78022] D:\DSCF1117.JPG
[20/06/2009 19:20|--a------|80447] D:\DSCF1912.JPG
[20/06/2009 19:21|--a------|473046] D:\DSCF1914.JPG
[08/09/2009 18:47|--a------|68608] D:\essay International Youth day 2009.doc
[07/10/2009 03:13|---hs----|13371] D:\Folder.jpg
[06/09/2009 06:59|--a------|5724518] D:\Hugo nyame-pardon madame.wma
[12/10/2009 08:51|--a------|5146624] D:\I WISH(rmx).mp3
[07/07/2009 02:18|--a------|5508862] D:\James Morrison ft Nelly Furtado. Broken Strings.mp3
[24/11/2007 22:15|--a------|4990268] D:\jonell feat method man - round and round (remix).mp3
[25/11/2007 06:48|--a------|3835655] D:\macy gray - i try(1).mp3
[25/11/2007 06:53|--a------|4806992] D:\mc solaar - solar pleure.mp3
[24/11/2007 21:08|--a------|8146892] D:\mc solar - da vinci claude.mp3
[17/07/2009 18:26|--a------|603504384] D:\Memento.mdf
[17/07/2009 18:26|--a------|486] D:\Memento.mds
[25/11/2007 07:00|--a------|5681152] D:\missy elliot - gossip folks.mp3
[25/11/2007 06:24|--a------|6615040] D:\missy elliot feat ludacris - one minute man.mp3
[25/06/2008 12:22|--a------|3063056] D:\nelly - all good things.mp3
[07/08/2008 15:28|--a------|4296655] D:\P-Square - No one like u.mp3
[24/11/2007 22:31|--a------|6021890] D:\parle a ma mai -fatal bazooka-yelle feat christelle.mp3
[06/09/2009 06:15|--a------|9288141] D:\Pink - It's All Your Fault.mp3
[24/11/2007 20:24|--a------|6371578] D:\pink, mya, cristina aguilera, lil kim, missy elliot - 02 - lady marmalade.mp3
[20/06/2009 19:21|--ahs----|44032] D:\Thumbs.db
[13/05/2009 20:30|---------|16742799] D:\vlc-0.9.9-win32.exe
[28/05/2007 01:24|--a------|6705152] D:\Worlds Greatest.mp3
[13/02/2009 10:03|--a------|2770343] E:\attachments_2009_02_13.zip
[01/01/2050 00:00|--a------|46713] E:\Chapter30-Johnson.pdf
[01/01/2050 00:00|--a------|218665] E:\chaos1998.pdf
[01/01/2050 00:00|--a------|408987] E:\introduction.pdf
[01/01/2050 00:00|--a------|317922] E:\pert.pdf
[01/01/2050 00:00|--a------|327575] E:\planification.pdf
[01/01/2050 00:00|--a------|39664] E:\Plan-TypesDocuments.rtf
[01/01/2050 00:00|--a------|534859] E:\estimation.pdf
[01/01/2050 00:00|--a------|365077] E:\initiation.pdf
[01/01/2050 00:00|--a------|1196547] E:\GestionProjet.pdf
[01/01/2050 00:00|--a------|459311] E:\suivi.pdf
[20/05/2009 01:19|--ahs----|38400] E:\Thumbs.db
[25/07/2009 19:07|--a------|196] E:\boot.ini
[29/08/2009 17:39|--a------|781909] H:\RSIT.exe
[31/03/2009 07:11|--a------|734664704] H:\edenlake_xvid.avi
[21/02/2009 05:15|--a------|735913984] H:\Au-dela.De.L.Illusion.LiMiTED.TRUEFRENCH.DVDRIP.XVID-SYR.avi
[06/07/2009 10:36|--a------|237056] H:\Keygen Microsoft Office 2007 Pro Plus.exe
[31/03/2009 06:00|--a------|734652416] H:\Doubt.FRENCH.DVDRiP.XviD-ULTRASON.avi
[16/12/2008 10:08|--a------|7290156] H:\TSIMI TORO MERCI.wma
[23/03/2009 15:37|--a------|731797504] H:\Mad.Money.FRENCH.DVDRiP.XviD-MONK.avi
[20/03/2009 17:26|--a------|727562240] H:\Twilight.FRENCH.DVDRiP.READNFO.REPACK.1CD.XVID-FENUA.Upload.(Steph53).MININOVA.ORG..avi
[03/02/2009 08:06|--a------|733634560] H:\Rec.FRENCH.DVDRIP.XVID-ULTRASON.Upload.(Steph53).Mininova.org..avi
[16/02/2009 07:40|--a------|733782016] H:\Against.The.Dark.2009.Stv.French.Dvdrip.Xvid-RLD.Upload.(Steph53).Mininova.org..avi
[18/08/2007 12:27|--a------|37448588] H:\AVSEQ02.DAT
[07/08/2008 06:49|--a------|175308800] H:\AVSEQ03.DAT
[18/08/2007 12:27|--a------|30985292] H:\garou.DAT
[26/09/2008 21:55|--a------|340620460] H:\verite qui derange.avi
[14/02/2009 09:48|--a------|732092416] H:\Body.Of.Lies.FRENCH.REPACK.1CD.DVDRiP.XviD-GKS.#wWw.MeDiA-ArEnA.TK#.avi
[03/02/2009 04:26|--a------|733188096] H:\Mirrors.[2008.French].DVD.R5.Rip.DivX-LTT.avi
[27/08/2007 00:56|--a------|734412800] H:\uN HoMMe D eXCePTioN.FReNCH DVDRiP(700Mo)-FReDDYSToNESRoLLiNG.aVi
[20/02/2008 21:16|--a------|726351872] H:\La Colline a des yeux 2.avi
[03/03/2008 21:53|--a------|734451712] H:\Asterix.Aux.Jeux.Olympiques.avi
[29/08/2009 19:21|--a------|103364608] H:\ToutouLinux_4.1.2Retro.iso
[29/08/2009 18:07|--a------|35328] H:\La fibre optique.doc
[25/08/2009 21:01|--a------|125338] H:\TeaShark-419.jar
[29/01/2009 15:34|--a------|917733176] I:\Atonement.FRENCH.Reviens-moi.divx
[22/09/2009 03:31|--a------|1528398] I:\memoire.pdf
[26/08/2009 16:38|--a------|103364608] I:\ToutouLinux_4.1.2Retro.iso
[02/02/2007 01:43|--a------|12908502] J:\ben skin testament.mp3
[07/11/2007 08:00|--a------|17734] J:\eula.1028.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1031.txt
[07/11/2007 08:00|--a------|10134] J:\eula.1033.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1036.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1040.txt
[07/11/2007 08:00|--a------|118] J:\eula.1041.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1042.txt
[07/11/2007 08:00|--a------|17734] J:\eula.2052.txt
[07/11/2007 08:00|--a------|17734] J:\eula.3082.txt
[07/11/2007 08:00|--a------|1110] J:\globdata.ini
[07/11/2007 08:03|--a------|562688] J:\install.exe
[07/11/2007 08:00|--a------|843] J:\install.ini
[07/11/2007 08:03|--a------|76304] J:\install.res.1028.dll
[07/11/2007 08:03|--a------|96272] J:\install.res.1031.dll
[07/11/2007 08:03|--a------|91152] J:\install.res.1033.dll
[07/11/2007 08:03|--a------|97296] J:\install.res.1036.dll
[07/11/2007 08:03|--a------|95248] J:\install.res.1040.dll
[07/11/2007 08:03|--a------|81424] J:\install.res.1041.dll
[07/11/2007 08:03|--a------|79888] J:\install.res.1042.dll
[07/11/2007 08:03|--a------|75792] J:\install.res.2052.dll
[07/11/2007 08:03|--a------|96272] J:\install.res.3082.dll
[28/09/2009 11:00|--ahs----|3072] J:\Thumbs.db
[07/11/2007 08:00|--a------|5686] J:\vcredist.bmp
[07/11/2007 08:09|--a------|1442522] J:\VC_RED.cab
[07/11/2007 08:12|--a------|232960] J:\VC_RED.MSI

################## | Vaccination |

# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# H:\autorun.inf -> Folder created by UsbFix.
# I:\autorun.inf -> Folder created by UsbFix.
# J:\autorun.inf -> Folder created by UsbFix.

################## | Suspect | https://www.virustotal.com/gui/ |

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe"
09/10/2009 03:49 |Size 10171904 |Crc32 13cb982d |Md5 a36274ca32de7b49f3a0d8f509a8610a

"C:\Program Files\Java\jdk1.6.0_18\bin\serialver.exe"
07/10/2009 02:38 |Size 27648 |Crc32 5edb0286 |Md5 8657bd2bc333162f42579d121c7b2681

"H:\SOFTWARES\Avast AntiVirus PRO Edition v4.8.1169 + Keygen\setupengpro.exe"
01/04/2009 00:40 |Size 22110120 |Crc32 9cdff83d |Md5 17d951700ca400cf45842b2933663310

"H:\SOFTWARES\Lecteurs Multim‚dia\CyberLink PowerDVD 8 Ultra Keygen + Crack\CORE10k.EXE"
01/04/2009 00:42 |Size 137728 |Crc32 ee57ce98 |Md5 d581068e84510083ddea45e821ebde36

"H:\SOFTWARES\Lecteurs Multim‚dia\CyberLink PowerDVD 8 Ultra Keygen + Crack\powerdvd_powerdvd_8.2217d_francais_234614.exe"
09/02/2009 15:22 |Size 79718568 |Crc32 9374e662 |Md5 79c226360e6180f9d85c064bcfe1d87d

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\Crack_WinRAR_v32b2f.exe"
01/04/2009 00:42 |Size 14336 |Crc32 62d1d5f5 |Md5 831398ae8ffe287af2a232b1f7382989

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\Keyfilemaker.exe"
16/03/2003 15:38 |Size 169984 |Crc32 778cbd5d |Md5 41ddff6e0c2b186b7bb981c9c5026a19

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\WinRAR_v32b2fr.exe"
01/04/2009 00:42 |Size 1100825 |Crc32 64a48b42 |Md5 83e529a190db99c26be1c8b128783941

"J:\DATA 1\data (G)\Downloads\Compressed\Internet Download Manager 5.14 Crack\IDMan.exe"
15/07/2008 09:39 |Size 931248 |Crc32 b87c1fef |Md5 3ffc4a1402aa983f070329304d169f24

################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\NINA\Bureau\UsbFix_Upload_Me_KAMI.zip : https://www.androidworld.fr/
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.044 ! |
0
Réponse 19 / 27
zanu Messages postés 1297 Statut Membre 38
 
bonjour,
je n'arrive vraiment pas a poster. ça va pas du tout. je sais pas ce qui se passe
0
Réponse 20 / 27
zanu Messages postés 1297 Statut Membre 38
 
############################## | UsbFix V6.044 |

User : NINA (Administrateurs) # KAMI
Update on 22/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 13:44:52 | 23/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Processeur Intel Pentium II
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Kaspersky Anti-Virus 6.0.1.411 [ (!) Disabled | (!) Outdated ]

C:\ -> Disque fixe local # 20,09 Go (4,86 Go free) # NTFS
D:\ -> Disque fixe local # 14 Go (5,95 Go free) [DATA] # NTFS
E:\ -> Disque fixe local # 34,57 Go (3,18 Go free) [ACERDATA] # FAT32
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque fixe local # 59,11 Go (7,72 Go free) [DISK THIERR] # FAT32
I:\ -> Disque fixe local # 39,9 Go (4,88 Go free) [DATA2] # NTFS
J:\ -> Disque fixe local # 50,01 Go (15,89 Go free) [DATA3] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wudfhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\DOCUME~1\NINA\Bureau\u95.exe

################## | Registre # Clés Run infectieuses |

Supprimé ! [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{aecebae6-9561-11de-8977-001e4c0a95b0}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[09/09/2009 04:21|--a------|150997] C:\09092009(001).jpg
[09/09/2009 04:22|--a------|164834] C:\09092009.jpg
[30/08/2009 11:23|--a------|0] C:\AUTOEXEC.BAT
[20/09/2009 15:30|---h-----|212] C:\boot.ini
[28/09/2001 14:00|-rahs----|4952] C:\Bootfont.bin
[30/08/2009 11:23|--a------|0] C:\CONFIG.SYS
[20/09/2009 23:12|--a------|108032] C:\demande.doc
[22/09/2009 14:22|--a------|109056] C:\demande2.doc
[11/10/2009 16:58|--a------|77418] C:\DSCN7992.JPG
[11/10/2009 19:31|--a------|131219] C:\FabriceDV.JPG
[11/10/2009 19:29|--a------|150468] C:\FrancineDV.JPG
[?|?|?] C:\hiberfil.sys
[30/08/2009 11:23|-rahs----|0] C:\IO.SYS
[29/09/2009 15:16|--a------|1155] C:\ip.txt
[30/08/2009 11:23|-rahs----|0] C:\MSDOS.SYS
[03/08/2004 23:38|-rahs----|47564] C:\NTDETECT.COM
[03/08/2004 23:59|-rahs----|251712] C:\ntldr
[?|?|?] C:\pagefile.sys
[11/10/2009 19:36|--a------|120838] C:\PAtouDV.JPG
[30/08/2009 23:16|--ah-----|268] C:\sqmdata00.sqm
[31/08/2009 08:47|--ah-----|268] C:\sqmdata01.sqm
[30/08/2009 23:16|--ah-----|244] C:\sqmnoopt00.sqm
[31/08/2009 08:47|--ah-----|244] C:\sqmnoopt01.sqm
[21/09/2009 01:21|--a------|744448] C:\standup project cameroon.doc
[11/10/2009 19:34|--a------|134786] C:\thierryDV.JPG
[23/10/2009 13:48|--a------|4002] C:\UsbFix.txt
[30/08/2009 14:43|--a------|140] C:\YServer.txt
[07/10/2009 03:13|---hs----|3223] D:\AlbumArtSmall.jpg
[07/10/2009 03:13|---hs----|13371] D:\AlbumArt_{5C307EDE-8241-46AE-B994-DBC97C557051}_Large.jpg
[07/10/2009 03:13|---hs----|3223] D:\AlbumArt_{5C307EDE-8241-46AE-B994-DBC97C557051}_Small.jpg
[06/09/2009 06:05|---hs----|10334] D:\AlbumArt_{F398A09E-72CB-42AF-8524-B81D50F8014C}_Large.jpg
[06/09/2009 06:04|---hs----|2699] D:\AlbumArt_{F398A09E-72CB-42AF-8524-B81D50F8014C}_Small.jpg
[06/09/2009 06:15|--a------|8683401] D:\Alexandra_Burke_-_Hallelujah.mp3
[16/07/2009 12:01|--a------|5362430] D:\Beyonce - Ego Remix Feat. Kanye West - Jooksed.com.mp3
[25/11/2007 15:14|--a------|6501900] D:\black eyes lack eyed peas feat macy gray - request line.mp3
[25/11/2007 06:37|--a------|3907712] D:\bob marley feat lauryn hill - turn your light down low.mp3
[28/01/2009 23:30|--a------|15028] D:\candidature.php.htm
[09/06/2009 23:42|--a------|18557] D:\candidaturePOLYTECH.php.htm
[07/10/2009 03:13|---hs----|345] D:\desktop.ini
[06/09/2009 06:15|--a------|4493902] D:\Do me feat Waye.mp3
[09/04/2009 16:05|--a------|89909] D:\DSCF0959.JPG
[09/04/2009 16:04|--a------|98879] D:\DSCF1068.JPG
[09/04/2009 16:04|--a------|78022] D:\DSCF1117.JPG
[20/06/2009 19:20|--a------|80447] D:\DSCF1912.JPG
[20/06/2009 19:21|--a------|473046] D:\DSCF1914.JPG
[08/09/2009 18:47|--a------|68608] D:\essay International Youth day 2009.doc
[07/10/2009 03:13|---hs----|13371] D:\Folder.jpg
[06/09/2009 06:59|--a------|5724518] D:\Hugo nyame-pardon madame.wma
[12/10/2009 08:51|--a------|5146624] D:\I WISH(rmx).mp3
[07/07/2009 02:18|--a------|5508862] D:\James Morrison ft Nelly Furtado. Broken Strings.mp3
[24/11/2007 22:15|--a------|4990268] D:\jonell feat method man - round and round (remix).mp3
[25/11/2007 06:48|--a------|3835655] D:\macy gray - i try(1).mp3
[25/11/2007 06:53|--a------|4806992] D:\mc solaar - solar pleure.mp3
[24/11/2007 21:08|--a------|8146892] D:\mc solar - da vinci claude.mp3
[17/07/2009 18:26|--a------|603504384] D:\Memento.mdf
[17/07/2009 18:26|--a------|486] D:\Memento.mds
[25/11/2007 07:00|--a------|5681152] D:\missy elliot - gossip folks.mp3
[25/11/2007 06:24|--a------|6615040] D:\missy elliot feat ludacris - one minute man.mp3
[25/06/2008 12:22|--a------|3063056] D:\nelly - all good things.mp3
[07/08/2008 15:28|--a------|4296655] D:\P-Square - No one like u.mp3
[24/11/2007 22:31|--a------|6021890] D:\parle a ma mai -fatal bazooka-yelle feat christelle.mp3
[06/09/2009 06:15|--a------|9288141] D:\Pink - It's All Your Fault.mp3
[24/11/2007 20:24|--a------|6371578] D:\pink, mya, cristina aguilera, lil kim, missy elliot - 02 - lady marmalade.mp3
[20/06/2009 19:21|--ahs----|44032] D:\Thumbs.db
[13/05/2009 20:30|---------|16742799] D:\vlc-0.9.9-win32.exe
[28/05/2007 01:24|--a------|6705152] D:\Worlds Greatest.mp3
[13/02/2009 10:03|--a------|2770343] E:\attachments_2009_02_13.zip
[01/01/2050 00:00|--a------|46713] E:\Chapter30-Johnson.pdf
[01/01/2050 00:00|--a------|218665] E:\chaos1998.pdf
[01/01/2050 00:00|--a------|408987] E:\introduction.pdf
[01/01/2050 00:00|--a------|317922] E:\pert.pdf
[01/01/2050 00:00|--a------|327575] E:\planification.pdf
[01/01/2050 00:00|--a------|39664] E:\Plan-TypesDocuments.rtf
[01/01/2050 00:00|--a------|534859] E:\estimation.pdf
[01/01/2050 00:00|--a------|365077] E:\initiation.pdf
[01/01/2050 00:00|--a------|1196547] E:\GestionProjet.pdf
[01/01/2050 00:00|--a------|459311] E:\suivi.pdf
[20/05/2009 01:19|--ahs----|38400] E:\Thumbs.db
[25/07/2009 19:07|--a------|196] E:\boot.ini
[29/08/2009 17:39|--a------|781909] H:\RSIT.exe
[31/03/2009 07:11|--a------|734664704] H:\edenlake_xvid.avi
[21/02/2009 05:15|--a------|735913984] H:\Au-dela.De.L.Illusion.LiMiTED.TRUEFRENCH.DVDRIP.XVID-SYR.avi
[06/07/2009 10:36|--a------|237056] H:\Keygen Microsoft Office 2007 Pro Plus.exe
[31/03/2009 06:00|--a------|734652416] H:\Doubt.FRENCH.DVDRiP.XviD-ULTRASON.avi
[16/12/2008 10:08|--a------|7290156] H:\TSIMI TORO MERCI.wma
[23/03/2009 15:37|--a------|731797504] H:\Mad.Money.FRENCH.DVDRiP.XviD-MONK.avi
[20/03/2009 17:26|--a------|727562240] H:\Twilight.FRENCH.DVDRiP.READNFO.REPACK.1CD.XVID-FENUA.Upload.(Steph53).MININOVA.ORG..avi
[03/02/2009 08:06|--a------|733634560] H:\Rec.FRENCH.DVDRIP.XVID-ULTRASON.Upload.(Steph53).Mininova.org..avi
[16/02/2009 07:40|--a------|733782016] H:\Against.The.Dark.2009.Stv.French.Dvdrip.Xvid-RLD.Upload.(Steph53).Mininova.org..avi
[18/08/2007 12:27|--a------|37448588] H:\AVSEQ02.DAT
[07/08/2008 06:49|--a------|175308800] H:\AVSEQ03.DAT
[18/08/2007 12:27|--a------|30985292] H:\garou.DAT
[26/09/2008 21:55|--a------|340620460] H:\verite qui derange.avi
[14/02/2009 09:48|--a------|732092416] H:\Body.Of.Lies.FRENCH.REPACK.1CD.DVDRiP.XviD-GKS.#wWw.MeDiA-ArEnA.TK#.avi
[03/02/2009 04:26|--a------|733188096] H:\Mirrors.[2008.French].DVD.R5.Rip.DivX-LTT.avi
[27/08/2007 00:56|--a------|734412800] H:\uN HoMMe D eXCePTioN.FReNCH DVDRiP(700Mo)-FReDDYSToNESRoLLiNG.aVi
[20/02/2008 21:16|--a------|726351872] H:\La Colline a des yeux 2.avi
[03/03/2008 21:53|--a------|734451712] H:\Asterix.Aux.Jeux.Olympiques.avi
[29/08/2009 19:21|--a------|103364608] H:\ToutouLinux_4.1.2Retro.iso
[29/08/2009 18:07|--a------|35328] H:\La fibre optique.doc
[25/08/2009 21:01|--a------|125338] H:\TeaShark-419.jar
[29/01/2009 15:34|--a------|917733176] I:\Atonement.FRENCH.Reviens-moi.divx
[22/09/2009 03:31|--a------|1528398] I:\memoire.pdf
[26/08/2009 16:38|--a------|103364608] I:\ToutouLinux_4.1.2Retro.iso
[02/02/2007 01:43|--a------|12908502] J:\ben skin testament.mp3
[07/11/2007 08:00|--a------|17734] J:\eula.1028.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1031.txt
[07/11/2007 08:00|--a------|10134] J:\eula.1033.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1036.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1040.txt
[07/11/2007 08:00|--a------|118] J:\eula.1041.txt
[07/11/2007 08:00|--a------|17734] J:\eula.1042.txt
[07/11/2007 08:00|--a------|17734] J:\eula.2052.txt
[07/11/2007 08:00|--a------|17734] J:\eula.3082.txt
[07/11/2007 08:00|--a------|1110] J:\globdata.ini
[07/11/2007 08:03|--a------|562688] J:\install.exe
[07/11/2007 08:00|--a------|843] J:\install.ini
[07/11/2007 08:03|--a------|76304] J:\install.res.1028.dll
[07/11/2007 08:03|--a------|96272] J:\install.res.1031.dll
[07/11/2007 08:03|--a------|91152] J:\install.res.1033.dll
[07/11/2007 08:03|--a------|97296] J:\install.res.1036.dll
[07/11/2007 08:03|--a------|95248] J:\install.res.1040.dll
[07/11/2007 08:03|--a------|81424] J:\install.res.1041.dll
[07/11/2007 08:03|--a------|79888] J:\install.res.1042.dll
[07/11/2007 08:03|--a------|75792] J:\install.res.2052.dll
[07/11/2007 08:03|--a------|96272] J:\install.res.3082.dll
[28/09/2009 11:00|--ahs----|3072] J:\Thumbs.db
[07/11/2007 08:00|--a------|5686] J:\vcredist.bmp
[07/11/2007 08:09|--a------|1442522] J:\VC_RED.cab
[07/11/2007 08:12|--a------|232960] J:\VC_RED.MSI

################## | Vaccination |

# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# H:\autorun.inf -> Folder created by UsbFix.
# I:\autorun.inf -> Folder created by UsbFix.
# J:\autorun.inf -> Folder created by UsbFix.

################## | Suspect | https://www.virustotal.com/gui/ |

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe"
09/10/2009 03:49 |Size 10171904 |Crc32 13cb982d |Md5 a36274ca32de7b49f3a0d8f509a8610a

"C:\Program Files\Java\jdk1.6.0_18\bin\serialver.exe"
07/10/2009 02:38 |Size 27648 |Crc32 5edb0286 |Md5 8657bd2bc333162f42579d121c7b2681

"H:\SOFTWARES\Avast AntiVirus PRO Edition v4.8.1169 + Keygen\setupengpro.exe"
01/04/2009 00:40 |Size 22110120 |Crc32 9cdff83d |Md5 17d951700ca400cf45842b2933663310

"H:\SOFTWARES\Lecteurs Multim‚dia\CyberLink PowerDVD 8 Ultra Keygen + Crack\CORE10k.EXE"
01/04/2009 00:42 |Size 137728 |Crc32 ee57ce98 |Md5 d581068e84510083ddea45e821ebde36

"H:\SOFTWARES\Lecteurs Multim‚dia\CyberLink PowerDVD 8 Ultra Keygen + Crack\powerdvd_powerdvd_8.2217d_francais_234614.exe"
09/02/2009 15:22 |Size 79718568 |Crc32 9374e662 |Md5 79c226360e6180f9d85c064bcfe1d87d

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\Crack_WinRAR_v32b2f.exe"
01/04/2009 00:42 |Size 14336 |Crc32 62d1d5f5 |Md5 831398ae8ffe287af2a232b1f7382989

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\Keyfilemaker.exe"
16/03/2003 15:38 |Size 169984 |Crc32 778cbd5d |Md5 41ddff6e0c2b186b7bb981c9c5026a19

"H:\SOFTWARES\Compression\winRAR v3.20fr+crack\WinRAR_v32b2fr.exe"
01/04/2009 00:42 |Size 1100825 |Crc32 64a48b42 |Md5 83e529a190db99c26be1c8b128783941

"J:\DATA 1\data (G)\Downloads\Compressed\Internet Download Manager 5.14 Crack\IDMan.exe"
15/07/2008 09:39 |Size 931248 |Crc32 b87c1fef |Md5 3ffc4a1402aa983f070329304d169f24

################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\NINA\Bureau\UsbFix_Upload_Me_KAMI.zip : https://www.androidworld.fr/
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.044 ! |
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses