Sujet Précédent Sujet Suivant

Besoin d'aide cheval de troie

Résolu
gue56514 Messages postés 9 Statut Membre -  
 gen-hackman -
Bonjour,

Je crois etre infecté par un cheval de troie que je ne peux neutraliser avec les programmes ad-aware et search and destroy, quelqu'un peux m'aider svp???

merci
Configuration: Windows XP Internet Explorer 7.0

48 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Une suspicion de cheval de Troie sous Windows XP est apparue lorsque Ad-Aware et Search and Destroy n'ont pas permis de le neutraliser. Des recommandations prioritaires préconisent Malwarebytes Anti-Malware (MBAM) : télécharger, installer, mettre à jour puis lancer un scan complet et supprimer les éléments détectés, en suivant le tutoriel disponible. En parallèle, d'autres conseils recommandent de désinstaller Ad-Aware, puis d'utiliser des outils complémentaires comme ZHPDiag/ZHPFix ou Malwarebytes pour des scans supplémentaires afin d'identifier les éléments récalcitrants et nettoyer le système. En pratique, plusieurs outils complémentaires restent utiles après le nettoyage, notamment la mise à jour du navigateur et de ses extensions et la vérification des paramètres de page d'accueil et de moteur de recherche.

Généré automatiquement par IA
sur la base des meilleures réponses
Réponse 1 / 48
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Salut, fais ceci pour commencer :

-+-+-+-> ZHPDiag <-+-+-+-

[x] Télécharge ZHPDiag ( de Nicolas coolman ).

[x] Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

[x] Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau

[x] Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

[x] Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

[x] Rend toi sur www.cjoint.com

[x] Clique sur " Parcourir " dans la partie " Joindre un fichier[...] "

[x] Séléctionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

[x] Clique ensuite sur " Créer le lien cjoint " et copie/colle le dans ton prochain message
0
Réponse 2 / 48
georges86400 Messages postés 1893 Statut Membre 143
 
Bonsoir
Ad-aware est depasse. Malwarebytes est superieur
tu le telecharges, installe le, fait une mise à jour et un scan.
tu supprimes tout ce qu'il aura trouve
http://www.malwarebytes.org/mbam.php
0
Réponse 3 / 48
Gue56514
 
https://www.cjoint.com/?kAqZvL4zE6

voila le lien
0
Réponse 4 / 48
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-> Lop S&D <-+-+-+-

[x] Télécharge Lop S&D (par Eric_71 & Angeldark) à cette adresse : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

[x] /!\ Désactive les protections résidentes : Antivirus, antispywares, controleurs d'intégrité, etc... pour que l'outil puisse s'exécuter correctement.

[x] Double clique sur " LopSD.exe " ( Vista : Clique droit -> Executer en tant qu'administrateur )

[x] Choisis l'option F pour français

[x] Ensuite, Choisis l'option 2 ( Suppression )

[x] Laisse l'outil travailler

[x] Copie/Colle le contenu du rapport qui s'ouvrira et poste le dans ton prochain message.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 48
Gue56514
 
voici le rapport:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ )
BIOS : BIOS Date: 10/15/08 11:57:09 Ver: 08.00.14
USER : Guillaume ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:244 Go (Free:0 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:221 Go (Free:85 Go)
F:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
G:\ (CD or DVD)
H:\ (USB) - FAT32 - Total:3906 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 2009-10-26|12:00 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\nsh5C7.tmp
Supprime! - C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\nsr12D.tmp
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@advertstream[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@imagevenue.advertserve[2].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@advertising[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@ero-advertising[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@www.adultadvertising[2].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@euroclick[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@partypoker[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@rawvegas[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@888[1].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[2009-03-31|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009-10-26|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\~0
[2009-01-18|04:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2009-03-04|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[2009-01-26|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2009-02-09|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
[2009-10-07|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[2009-01-15|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[2009-04-22|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2009-03-23|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2009-02-09|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[2009-03-31|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2009-10-26|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2009-01-25|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2009-10-22|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekService
[2009-02-10|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[2009-03-31|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2009-03-26|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks
[2009-01-27|23:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[2009-10-22|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[2009-01-15|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2009-01-15|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[2009-05-17|06:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[2009-01-14|19:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2009-04-28|19:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\1clickPro
[2009-01-18|04:55] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
[2009-01-18|04:55] C:\DOCUME~1\GUILLA~1\APPLIC~1\AdobeUM
[2009-03-04|19:36] C:\DOCUME~1\GUILLA~1\APPLIC~1\Ahead
[2009-02-08|22:53] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
[2009-02-10|18:12] C:\DOCUME~1\GUILLA~1\APPLIC~1\ArcSoft
[2009-08-18|13:32] C:\DOCUME~1\GUILLA~1\APPLIC~1\AVG8
[2009-10-22|15:07] C:\DOCUME~1\GUILLA~1\APPLIC~1\Azureus
[2009-09-18|17:50] C:\DOCUME~1\GUILLA~1\APPLIC~1\Cool Record Edit Pro
[2009-10-22|17:49] C:\DOCUME~1\GUILLA~1\APPLIC~1\dvdcss
[2009-09-18|17:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Free Sound Recorder
[2009-03-02|22:03] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
[2009-01-14|19:48] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
[2009-02-02|23:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\IGN_DLM
[2009-01-16|19:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\InstallShield
[2009-02-10|21:44] C:\DOCUME~1\GUILLA~1\APPLIC~1\KodakCredentialStore
[2009-02-20|21:16] C:\DOCUME~1\GUILLA~1\APPLIC~1\La Bataille pour la Terre du Milieu ™ II
[2009-01-18|13:49] C:\DOCUME~1\GUILLA~1\APPLIC~1\Leadertech
[2009-01-15|18:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
[2009-10-26|11:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\Malwarebytes
[2009-02-08|22:56] C:\DOCUME~1\GUILLA~1\APPLIC~1\Media Player Classic
[2009-02-20|21:25] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
[2009-10-26|07:04] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
[2009-10-02|17:17] C:\DOCUME~1\GUILLA~1\APPLIC~1\mIRC
[2009-04-21|00:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mozilla
[2009-04-02|13:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\Outertech
[2009-01-18|03:59] C:\DOCUME~1\GUILLA~1\APPLIC~1\SecuROM
[2009-08-18|13:29] C:\DOCUME~1\GUILLA~1\APPLIC~1\Skinux
[2009-04-02|16:27] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
[2009-09-09|15:02] C:\DOCUME~1\GUILLA~1\APPLIC~1\Syntrillium
[2009-09-19|22:40] C:\DOCUME~1\GUILLA~1\APPLIC~1\TVU networks
[2009-01-27|23:25] C:\DOCUME~1\GUILLA~1\APPLIC~1\Ubisoft
[2009-10-23|18:49] C:\DOCUME~1\GUILLA~1\APPLIC~1\Utherverse
[2009-01-20|01:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\vlc
[2009-10-21|21:55] C:\DOCUME~1\GUILLA~1\APPLIC~1\Vso
[2009-01-18|02:51] C:\DOCUME~1\GUILLA~1\APPLIC~1\WinRAR

[2009-08-18|13:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2009-08-18|13:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2009-10-26 12:00][--ah-----] C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009-10-26 11:57][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009-10-25 20:57][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009-10-26 10:12][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009-10-26 11:44][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[2009-10-22 15:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-04 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2009-04-29|20:09] C:\Program Files\Accessdiver
[2009-01-18|04:55] C:\Program Files\Adobe
[2009-03-02|12:39] C:\Program Files\AGEIA Technologies
[2009-01-15|20:24] C:\Program Files\AMD
[2009-01-16|19:23] C:\Program Files\ANI
[2009-04-22|17:26] C:\Program Files\Apollo DVD Copy
[2009-02-09|18:11] C:\Program Files\ArcSoft
[2009-01-15|18:32] C:\Program Files\AVG
[2009-01-15|17:49] C:\Program Files\bin32
[2009-08-21|02:42] C:\Program Files\CamStudio
[2009-08-18|13:11] C:\Program Files\Common Files
[2009-01-14|19:32] C:\Program Files\ComPlus Applications
[2009-09-09|15:02] C:\Program Files\coolpro2
[2009-10-17|01:12] C:\Program Files\DivX
[2009-01-16|19:23] C:\Program Files\D-Link
[2009-02-02|20:42] C:\Program Files\Download Manager
[2009-02-10|00:19] C:\Program Files\DVD Shrink
[2009-10-22|21:06] C:\Program Files\DVDFab 6
[2009-01-18|13:45] C:\Program Files\EA Sports
[2009-02-20|19:46] C:\Program Files\Electronic Arts
[2009-01-18|17:25] C:\Program Files\Firaxis Games
[2009-02-10|21:14] C:\Program Files\Free M4a to MP3 Converter
[2009-09-18|15:31] C:\Program Files\Free Sound Recorder
[2009-04-22|17:25] C:\Program Files\Gabest
[2009-03-20|02:06] C:\Program Files\G-Lock Software
[2009-05-17|06:11] C:\Program Files\Google
[2009-08-13|17:39] C:\Program Files\Hasbro Interactive
[2009-02-16|17:59] C:\Program Files\IC Media Corp
[2009-10-16|02:02] C:\Program Files\InstallShield Installation Information
[2009-06-21|02:10] C:\Program Files\Internet Explorer
[2009-04-02|16:28] C:\Program Files\Java
[2009-01-21|20:03] C:\Program Files\K-Lite Codec Pack
[2009-02-09|18:10] C:\Program Files\Kodak
[2009-03-31|10:11] C:\Program Files\Lavasoft
[2009-04-23|10:54] C:\Program Files\LG Software Innovations
[2009-01-15|17:49] C:\Program Files\log
[2009-01-26|23:40] C:\Program Files\Logitech
[2009-01-27|17:26] C:\Program Files\MagicDisc
[2009-01-27|01:15] C:\Program Files\MagicISO
[2009-10-26|11:55] C:\Program Files\Malwarebytes' Anti-Malware
[2009-01-27|17:35] C:\Program Files\max payne
[2009-01-27|17:34] C:\Program Files\MAX-FX Tools
[2009-01-15|18:43] C:\Program Files\Messenger
[2009-09-16|12:29] C:\Program Files\Microsoft
[2009-01-25|20:39] C:\Program Files\Microsoft ActiveSync
[2009-01-14|19:36] C:\Program Files\microsoft frontpage
[2009-01-25|20:39] C:\Program Files\Microsoft Office
[2009-09-18|15:01] C:\Program Files\Microsoft Silverlight
[2009-09-16|12:28] C:\Program Files\Microsoft SQL Server Compact Edition
[2009-10-02|17:14] C:\Program Files\mIRC
[2009-01-14|19:33] C:\Program Files\Movie Maker
[2009-10-25|16:39] C:\Program Files\Mozilla Firefox
[2009-01-14|19:31] C:\Program Files\MSN
[2009-01-14|19:31] C:\Program Files\MSN Gaming Zone
[2009-02-11|04:00] C:\Program Files\MSXML 4.0
[2009-03-04|19:33] C:\Program Files\Nero
[2009-01-14|19:33] C:\Program Files\NetMeeting
[2009-01-14|19:31] C:\Program Files\Online Services
[2009-01-14|19:33] C:\Program Files\Outlook Express
[2009-02-16|18:46] C:\Program Files\PC Camera
[2009-04-02|12:38] C:\Program Files\PowerISO
[2009-01-15|17:49] C:\Program Files\profile
[2009-01-18|03:11] C:\Program Files\PSC - Pilla Soft Coding
[2009-01-26|19:49] C:\Program Files\QuickTime
[2009-10-22|15:11] C:\Program Files\SeekService
[2009-10-03|00:26] C:\Program Files\Shared
[2009-02-10|00:18] C:\Program Files\SlySoft
[2009-05-11|23:30] C:\Program Files\Soulseek
[2009-03-31|09:56] C:\Program Files\Spybot - Search & Destroy
[2009-03-02|12:32] C:\Program Files\SystemRequirementsLab
[2009-01-15|20:37] C:\Program Files\THQ
[2009-01-15|19:26] C:\Program Files\True Sword 5
[2009-03-26|21:08] C:\Program Files\TVUPlayer
[2009-03-02|12:07] C:\Program Files\Ubisoft
[2009-01-14|19:48] C:\Program Files\Uninstall Information
[2009-10-23|17:53] C:\Program Files\Utherverse Digital Inc
[2009-01-15|17:56] C:\Program Files\VIA
[2009-01-19|19:46] C:\Program Files\VideoLAN
[2009-04-23|10:54] C:\Program Files\VSO
[2009-10-21|22:08] C:\Program Files\Vuze
[2009-08-18|12:34] C:\Program Files\Windows Antivirus Pro
[2009-09-16|12:29] C:\Program Files\Windows Live
[2009-01-15|19:01] C:\Program Files\Windows Live SkyDrive
[2009-01-15|19:36] C:\Program Files\Windows Media Connect 2
[2009-01-15|19:36] C:\Program Files\Windows Media Player
[2009-01-14|19:31] C:\Program Files\Windows NT
[2009-01-14|19:34] C:\Program Files\WindowsUpdate
[2009-01-18|02:51] C:\Program Files\WinRAR
[2009-09-09|15:29] C:\Program Files\Wondershare
[2009-01-14|19:36] C:\Program Files\xerox
[2009-10-26|11:49] C:\Program Files\ZHPDiag

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[2009-01-18|04:55] C:\Program Files\Common Files\Adobe
[2009-03-04|19:35] C:\Program Files\Common Files\Ahead
[2009-02-09|18:11] C:\Program Files\Common Files\ArcSoft
[2009-01-25|20:39] C:\Program Files\Common Files\Designer
[2009-04-21|00:34] C:\Program Files\Common Files\DivX Shared
[2009-01-15|22:40] C:\Program Files\Common Files\i4j_jres
[2009-01-27|01:07] C:\Program Files\Common Files\InstallShield
[2009-02-09|18:10] C:\Program Files\Common Files\Kodak
[2009-01-26|23:40] C:\Program Files\Common Files\Logitech
[2009-03-06|04:00] C:\Program Files\Common Files\Microsoft Shared
[2009-01-14|19:33] C:\Program Files\Common Files\MSSoap
[2002-01-01|17:21] C:\Program Files\Common Files\ODBC
[2009-02-16|18:46] C:\Program Files\Common Files\PCCamera
[2009-01-14|19:33] C:\Program Files\Common Files\Services
[2002-01-01|17:21] C:\Program Files\Common Files\SpeechEngines
[2009-01-25|20:39] C:\Program Files\Common Files\System
[2009-01-15|18:58] C:\Program Files\Common Files\Windows Live
[2009-01-15|19:28] C:\Program Files\Common Files\WindowsLiveInstaller
[2009-03-02|12:40] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 56 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-26 12:09:38
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 519

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\GUILLA~1\Application Data\Azureus\torrents\apollo_dvd_copy_and__keygen.4560694.TPB[1].torrent
C:\DOCUME~1\GUILLA~1\Application Data\Azureus\torrents\Battle_For_Middle_Earth_2___Crack___Serial.3520055.TPB[1].torrent
C:\DOCUME~1\GUILLA~1\Application Data\Azureus\torrents\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED_[mininova][1].torrent
C:\DOCUME~1\GUILLA~1\Cookies\guillaume@cuntcrack[1].txt
C:\DOCUME~1\GUILLA~1\Cookies\guillaume@www.cuntcrack[2].txt
C:\DOCUME~1\GUILLA~1\Local Settings\Temporary Internet Files\Content.IE5\8240SPMI\crack-serial-keygen[1].htm
C:\DOCUME~1\GUILLA~1\Local Settings\Temporary Internet Files\Content.IE5\DVM31OI7\full-download-dvdfab-platinum-6.0.1.0-crack-serial-torrent-keygen[1].htm
C:\DOCUME~1\GUILLA~1\Local Settings\Temporary Internet Files\Content.IE5\FE2G8C1Z\dvdfab-platinum-6.0.1.0-crack-serial-keygen-rapidshare-download[1].htm
C:\DOCUME~1\GUILLA~1\Local Settings\Temporary Internet Files\Content.IE5\WJAXBJO6\full-dvdfab-crack-keygen[1].htm
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Battle.For.Middle.Earth.2.The.Witch.King\Keygen.txt
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\BME 2\BME2 KeyGen.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch\Crack
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch\Max Payne Patch v1.05.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch\Crack\MaxPayne.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch\Crack
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch\Max Payne 2 Patch v1.01.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch\Crack\MaxPayne2.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED\reloaded.nfo
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED\rld-bme2.rar

[F:245][D:242]-> C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp
[F:3658][D:0]-> C:\DOCUME~1\GUILLA~1\Cookies
[F:19757][D:68]-> C:\DOCUME~1\GUILLA~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2009-10-26|12:12 - Option : [2]

--------------------\\ Fin du rapport a 12:12:42
0
Réponse 6 / 48
gue56514 Messages postés 9 Statut Membre
 
voici le rapport:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ )
BIOS : BIOS Date: 10/15/08 11:57:09 Ver: 08.00.14
USER : Guillaume ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:244 Go (Free:0 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:221 Go (Free:85 Go)
F:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
G:\ (CD or DVD)
H:\ (USB) - FAT32 - Total:3906 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 2009-10-26|12:00 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\nsh5C7.tmp
Supprime! - C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\nsr12D.tmp
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@advertstream[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@imagevenue.advertserve[2].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@advertising[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@ero-advertising[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@www.adultadvertising[2].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@euroclick[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@partypoker[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@rawvegas[1].txt
Supprime! - C:\DOCUME~1\GUILLA~1\Cookies\guillaume@888[1].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[2009-03-31|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009-10-26|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\~0
[2009-01-18|04:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2009-03-04|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[2009-01-26|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2009-02-09|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
[2009-10-07|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[2009-01-15|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[2009-04-22|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2009-03-23|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2009-02-09|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[2009-03-31|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2009-10-26|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2009-01-25|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2009-10-22|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekService
[2009-02-10|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[2009-03-31|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2009-03-26|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks
[2009-01-27|23:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[2009-10-22|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[2009-01-15|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2009-01-15|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[2009-05-17|06:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[2009-01-14|19:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2009-04-28|19:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\1clickPro
[2009-01-18|04:55] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
[2009-01-18|04:55] C:\DOCUME~1\GUILLA~1\APPLIC~1\AdobeUM
[2009-03-04|19:36] C:\DOCUME~1\GUILLA~1\APPLIC~1\Ahead
[2009-02-08|22:53] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
[2009-02-10|18:12] C:\DOCUME~1\GUILLA~1\APPLIC~1\ArcSoft
[2009-08-18|13:32] C:\DOCUME~1\GUILLA~1\APPLIC~1\AVG8
[2009-10-22|15:07] C:\DOCUME~1\GUILLA~1\APPLIC~1\Azureus
[2009-09-18|17:50] C:\DOCUME~1\GUILLA~1\APPLIC~1\Cool Record Edit Pro
[2009-10-22|17:49] C:\DOCUME~1\GUILLA~1\APPLIC~1\dvdcss
[2009-09-18|17:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Free Sound Recorder
[2009-03-02|22:03] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
[2009-01-14|19:48] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
[2009-02-02|23:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\IGN_DLM
[2009-01-16|19:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\InstallShield
[2009-02-10|21:44] C:\DOCUME~1\GUILLA~1\APPLIC~1\KodakCredentialStore
[2009-02-20|21:16] C:\DOCUME~1\GUILLA~1\APPLIC~1\La Bataille pour la Terre du Milieu ™ II
[2009-01-18|13:49] C:\DOCUME~1\GUILLA~1\APPLIC~1\Leadertech
[2009-01-15|18:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
[2009-10-26|11:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\Malwarebytes
[2009-02-08|22:56] C:\DOCUME~1\GUILLA~1\APPLIC~1\Media Player Classic
[2009-02-20|21:25] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
[2009-10-26|07:04] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
[2009-10-02|17:17] C:\DOCUME~1\GUILLA~1\APPLIC~1\mIRC
[2009-04-21|00:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mozilla
[2009-04-02|13:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\Outertech
[2009-01-18|03:59] C:\DOCUME~1\GUILLA~1\APPLIC~1\SecuROM
[2009-08-18|13:29] C:\DOCUME~1\GUILLA~1\APPLIC~1\Skinux
[2009-04-02|16:27] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
[2009-09-09|15:02] C:\DOCUME~1\GUILLA~1\APPLIC~1\Syntrillium
[2009-09-19|22:40] C:\DOCUME~1\GUILLA~1\APPLIC~1\TVU networks
[2009-01-27|23:25] C:\DOCUME~1\GUILLA~1\APPLIC~1\Ubisoft
[2009-10-23|18:49] C:\DOCUME~1\GUILLA~1\APPLIC~1\Utherverse
[2009-01-20|01:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\vlc
[2009-10-21|21:55] C:\DOCUME~1\GUILLA~1\APPLIC~1\Vso
[2009-01-18|02:51] C:\DOCUME~1\GUILLA~1\APPLIC~1\WinRAR

[2009-08-18|13:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2009-08-18|13:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2009-10-26 12:00][--ah-----] C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009-10-26 11:57][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009-10-25 20:57][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009-10-26 10:12][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009-10-26 11:44][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[2009-10-22 15:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-04 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2009-04-29|20:09] C:\Program Files\Accessdiver
[2009-01-18|04:55] C:\Program Files\Adobe
[2009-03-02|12:39] C:\Program Files\AGEIA Technologies
[2009-01-15|20:24] C:\Program Files\AMD
[2009-01-16|19:23] C:\Program Files\ANI
[2009-04-22|17:26] C:\Program Files\Apollo DVD Copy
[2009-02-09|18:11] C:\Program Files\ArcSoft
[2009-01-15|18:32] C:\Program Files\AVG
[2009-01-15|17:49] C:\Program Files\bin32
[2009-08-21|02:42] C:\Program Files\CamStudio
[2009-08-18|13:11] C:\Program Files\Common Files
[2009-01-14|19:32] C:\Program Files\ComPlus Applications
[2009-09-09|15:02] C:\Program Files\coolpro2
[2009-10-17|01:12] C:\Program Files\DivX
[2009-01-16|19:23] C:\Program Files\D-Link
[2009-02-02|20:42] C:\Program Files\Download Manager
[2009-02-10|00:19] C:\Program Files\DVD Shrink
[2009-10-22|21:06] C:\Program Files\DVDFab 6
[2009-01-18|13:45] C:\Program Files\EA Sports
[2009-02-20|19:46] C:\Program Files\Electronic Arts
[2009-01-18|17:25] C:\Program Files\Firaxis Games
[2009-02-10|21:14] C:\Program Files\Free M4a to MP3 Converter
[2009-09-18|15:31] C:\Program Files\Free Sound Recorder
[2009-04-22|17:25] C:\Program Files\Gabest
[2009-03-20|02:06] C:\Program Files\G-Lock Software
[2009-05-17|06:11] C:\Program Files\Google
[2009-08-13|17:39] C:\Program Files\Hasbro Interactive
[2009-02-16|17:59] C:\Program Files\IC Media Corp
[2009-10-16|02:02] C:\Program Files\InstallShield Installation Information
[2009-06-21|02:10] C:\Program Files\Internet Explorer
[2009-04-02|16:28] C:\Program Files\Java
[2009-01-21|20:03] C:\Program Files\K-Lite Codec Pack
[2009-02-09|18:10] C:\Program Files\Kodak
[2009-03-31|10:11] C:\Program Files\Lavasoft
[2009-04-23|10:54] C:\Program Files\LG Software Innovations
[2009-01-15|17:49] C:\Program Files\log
[2009-01-26|23:40] C:\Program Files\Logitech
[2009-01-27|17:26] C:\Program Files\MagicDisc
[2009-01-27|01:15] C:\Program Files\MagicISO
[2009-10-26|11:55] C:\Program Files\Malwarebytes' Anti-Malware
[2009-01-27|17:35] C:\Program Files\max payne
[2009-01-27|17:34] C:\Program Files\MAX-FX Tools
[2009-01-15|18:43] C:\Program Files\Messenger
[2009-09-16|12:29] C:\Program Files\Microsoft
[2009-01-25|20:39] C:\Program Files\Microsoft ActiveSync
[2009-01-14|19:36] C:\Program Files\microsoft frontpage
[2009-01-25|20:39] C:\Program Files\Microsoft Office
[2009-09-18|15:01] C:\Program Files\Microsoft Silverlight
[2009-09-16|12:28] C:\Program Files\Microsoft SQL Server Compact Edition
[2009-10-02|17:14] C:\Program Files\mIRC
[2009-01-14|19:33] C:\Program Files\Movie Maker
[2009-10-25|16:39] C:\Program Files\Mozilla Firefox
[2009-01-14|19:31] C:\Program Files\MSN
[2009-01-14|19:31] C:\Program Files\MSN Gaming Zone
[2009-02-11|04:00] C:\Program Files\MSXML 4.0
[2009-03-04|19:33] C:\Program Files\Nero
[2009-01-14|19:33] C:\Program Files\NetMeeting
[2009-01-14|19:31] C:\Program Files\Online Services
[2009-01-14|19:33] C:\Program Files\Outlook Express
[2009-02-16|18:46] C:\Program Files\PC Camera
[2009-04-02|12:38] C:\Program Files\PowerISO
[2009-01-15|17:49] C:\Program Files\profile
[2009-01-18|03:11] C:\Program Files\PSC - Pilla Soft Coding
[2009-01-26|19:49] C:\Program Files\QuickTime
[2009-10-22|15:11] C:\Program Files\SeekService
[2009-10-03|00:26] C:\Program Files\Shared
[2009-02-10|00:18] C:\Program Files\SlySoft
[2009-05-11|23:30] C:\Program Files\Soulseek
[2009-03-31|09:56] C:\Program Files\Spybot - Search & Destroy
[2009-03-02|12:32] C:\Program Files\SystemRequirementsLab
[2009-01-15|20:37] C:\Program Files\THQ
[2009-01-15|19:26] C:\Program Files\True Sword 5
[2009-03-26|21:08] C:\Program Files\TVUPlayer
[2009-03-02|12:07] C:\Program Files\Ubisoft
[2009-01-14|19:48] C:\Program Files\Uninstall Information
[2009-10-23|17:53] C:\Program Files\Utherverse Digital Inc
[2009-01-15|17:56] C:\Program Files\VIA
[2009-01-19|19:46] C:\Program Files\VideoLAN
[2009-04-23|10:54] C:\Program Files\VSO
[2009-10-21|22:08] C:\Program Files\Vuze
[2009-08-18|12:34] C:\Program Files\Windows Antivirus Pro
[2009-09-16|12:29] C:\Program Files\Windows Live
[2009-01-15|19:01] C:\Program Files\Windows Live SkyDrive
[2009-01-15|19:36] C:\Program Files\Windows Media Connect 2
[2009-01-15|19:36] C:\Program Files\Windows Media Player
[2009-01-14|19:31] C:\Program Files\Windows NT
[2009-01-14|19:34] C:\Program Files\WindowsUpdate
[2009-01-18|02:51] C:\Program Files\WinRAR
[2009-09-09|15:29] C:\Program Files\Wondershare
[2009-01-14|19:36] C:\Program Files\xerox
[2009-10-26|11:49] C:\Program Files\ZHPDiag

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[2009-01-18|04:55] C:\Program Files\Common Files\Adobe
[2009-03-04|19:35] C:\Program Files\Common Files\Ahead
[2009-02-09|18:11] C:\Program Files\Common Files\ArcSoft
[2009-01-25|20:39] C:\Program Files\Common Files\Designer
[2009-04-21|00:34] C:\Program Files\Common Files\DivX Shared
[2009-01-15|22:40] C:\Program Files\Common Files\i4j_jres
[2009-01-27|01:07] C:\Program Files\Common Files\InstallShield
[2009-02-09|18:10] C:\Program Files\Common Files\Kodak
[2009-01-26|23:40] C:\Program Files\Common Files\Logitech
[2009-03-06|04:00] C:\Program Files\Common Files\Microsoft Shared
[2009-01-14|19:33] C:\Program Files\Common Files\MSSoap
[2002-01-01|17:21] C:\Program Files\Common Files\ODBC
[2009-02-16|18:46] C:\Program Files\Common Files\PCCamera
[2009-01-14|19:33] C:\Program Files\Common Files\Services
[2002-01-01|17:21] C:\Program Files\Common Files\SpeechEngines
[2009-01-25|20:39] C:\Program Files\Common Files\System
[2009-01-15|18:58] C:\Program Files\Common Files\Windows Live
[2009-01-15|19:28] C:\Program Files\Common Files\WindowsLiveInstaller
[2009-03-02|12:40] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 56 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-26 12:09:38
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 519

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\GUILLA~1\Application Data\Azureus\torrents\apollo_dvd_copy_and__keygen.4560694.TPB[1].torrent
C:\DOCUME~1\GUILLA~1\Application Data\Azureus\torrents\Battle_For_Middle_Earth_2___Crack___Serial.3520055.TPB[1].torrent
C:\DOCUME~1\GUILLA~1\Application Data\Azureus\torrents\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED_[mininova][1].torrent
C:\DOCUME~1\GUILLA~1\Cookies\guillaume@cuntcrack[1].txt
C:\DOCUME~1\GUILLA~1\Cookies\guillaume@www.cuntcrack[2].txt
C:\DOCUME~1\GUILLA~1\Local Settings\Temporary Internet Files\Content.IE5\8240SPMI\crack-serial-keygen[1].htm
C:\DOCUME~1\GUILLA~1\Local Settings\Temporary Internet Files\Content.IE5\DVM31OI7\full-download-dvdfab-platinum-6.0.1.0-crack-serial-torrent-keygen[1].htm
C:\DOCUME~1\GUILLA~1\Local Settings\Temporary Internet Files\Content.IE5\FE2G8C1Z\dvdfab-platinum-6.0.1.0-crack-serial-keygen-rapidshare-download[1].htm
C:\DOCUME~1\GUILLA~1\Local Settings\Temporary Internet Files\Content.IE5\WJAXBJO6\full-dvdfab-crack-keygen[1].htm
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Battle.For.Middle.Earth.2.The.Witch.King\Keygen.txt
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\BME 2\BME2 KeyGen.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch\Crack
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch\Max Payne Patch v1.05.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch\Crack\MaxPayne.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch\Crack
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch\Max Payne 2 Patch v1.01.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch\Crack\MaxPayne2.exe
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED\reloaded.nfo
C:\DOCUME~1\GUILLA~1\My Documents\Azureus Downloads\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED\rld-bme2.rar

[F:245][D:242]-> C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp
[F:3658][D:0]-> C:\DOCUME~1\GUILLA~1\Cookies
[F:19757][D:68]-> C:\DOCUME~1\GUILLA~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2009-10-26|12:12 - Option : [2]

--------------------\\ Fin du rapport a 12:12:42
0
Réponse 7 / 48
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-> AD-Remover <-+-+-+-

[x] Télécharge Ad-remover (de C_XX) sur ton bureau.

[x] Lance l'installation avec les paramètres par défaut..

▶ Déconnecte toi et ferme toutes applications en cours !

[x] Double-clique sur le raccourci Ad-Remover sur ton Bureau. (Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista))

[x] Séléctionne l'option F pour français

[x] A la fenêtre qui s'affiche clique sur " oui "

[x] Séléctionne l'option L

[x] Laisse l'outil travailler.

[x] Une fois le scan fini, appuie sur une touche, le rapport s'ouvre

[x] Copie/colle le dans ton prochain post
0
Réponse 8 / 48
Gue56514
 
voici le rapport ad-remover

.
======= LOGFILE OF AD-REMOVER 1.1.4.6_A | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 18.10.2009 at 19:05
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 13:09:22, 2009-10-26 | Normal Boot | Option: CLEAN
Executed from: C:\Program Files\Ad-Remover\
Operating system: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Computer Name: BOTARD | Current user: Guillaume
.
============== NEUTRALIZED ELEMENT(S) ==============
.
Service: SeekService Service

HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeekService
HKLM\Software\SeekService
.
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekService
C:\Program Files\SeekService ... [b]NOT DELETED !![/b]
C:\DOCUME~1\GUILLA~1\Cookies\guillaume@rotator.adjuggler[1].txt
C:\DOCUME~1\GUILLA~1\Cookies\guillaume@www.trygames[1].txt

(!) -- Temp files deleted.

.
============== Added scan ==============
.
.
* Mozilla FireFox Version 3.0.14 [fr] *
.
ProfilePath: xpo8uw8t.default (Guillaume)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Bing");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.bing.com/search?FORM=IEFM1&q=");
(Prefs.js) user_pref("browser.startup.homepage", "google.ca");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.14");
.
.
* Internet Explorer Version 7.0.5730.13 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\Guillaume\Application Data\Azureus\torrents\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED_[mininova][1].torrent
C:\Documents and Settings\Guillaume\Application Data\Azureus\torrents\1_click_dvd_copy_pro_v2.3.1.1___patch___copytodvd3se.3546406.TPB[1].torrent
C:\Documents and Settings\Guillaume\Application Data\Azureus\torrents\apollo_dvd_copy_and__keygen.4560694.TPB[1].torrent
C:\Documents and Settings\Guillaume\Application Data\Azureus\torrents\Battle_For_Middle_Earth_2___Crack___Serial.3520055.TPB[1].torrent
C:\Documents and Settings\Guillaume\Application Data\Azureus\torrents\DVDFab.Platinum.v6.0.7.0.Multilingual.WinAll.Cracked.REPACK-DJiNN_[BeLLBoY]_[mininova][1].torrent
C:\Documents and Settings\Guillaume\Local Settings\Temporary Internet Files\Content.IE5\W65H62EQ\DVDFab.Platinum.v6.0.7.0.Multilingual.WinAll.Cracked.REPACK-DJiNN_[BeLLBoY]_[mininova][1].torrent
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\1Click DVD COPY Pro 2.3.1.1\1Click.DVD.COPY.PRO.2.3.1.1 Patch_by_P!mPdOG!.exe
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\BME 2\BME2 KeyGen.exe
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\DVDFab.Platinum.v6.0.7.0.Multilingual.WinAll.Cracked.REPACK-DJiNN [BeLLBoY]\DJiNN.nfo
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\DVDFab.Platinum.v6.0.7.0.Multilingual.WinAll.Cracked.REPACK-DJiNN [BeLLBoY]\DJiNN\Crack\DVDFab.exe
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\DVDFab.Platinum.v6.0.7.0.Multilingual.WinAll.Cracked.REPACK-DJiNN [BeLLBoY]\DJiNN\Setup\DVDFab6070.exe
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch\Max Payne Patch v1.05.exe
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne\Crack & Patch\Crack\MaxPayne.exe
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch\Max Payne 2 Patch v1.01.exe
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\Max Payne 1 & 2 (The Collector's Edition)\Max Payne 2 - The Fall Of Max Payne\Crack & Patch\Crack\MaxPayne2.exe
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED\reloaded.nfo
C:\Documents and Settings\Guillaume\My Documents\Azureus Downloads\[NTi]_The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2.CRACK.ONLY-RELOADED\rld-bme2.rar
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_100_140_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_140_2101_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2101_2201_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2201_2202_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2202_2300_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2300_2301_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2301_2400_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2400_2500_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2400_2500_Patch.exe.torrent
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2500_2501_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2500_2501_Patch.exe.torrent
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2501_2502_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2501_2502_Patch.exe.torrent
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2502_2600_Patch.exe
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\EN_2502_2600_Patch.exe.torrent
C:\Documents and Settings\Guillaume\My Documents\My Games\Company of Heroes\Patch\RelicAutoPatcher_1102_English.exe
.
===================================
.
6763 Byte(s) - C:\Ad-Report-CLEAN[1].log
.
119 File(s) - C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp
3 File(s) - C:\WINDOWS\Temp
.
18 File(s) - C:\Program Files\Ad-Remover\BACKUP
6 File(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
End at: 13:26:10 | 2009-10-26 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 9 / 48
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-> Malwarebyte's Anti-Malware <-+-+-+-

[x] Télécharge Malwarebyte's anti-malware (MBAM) à cette adresse : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

[x] Installe le.

[x] Met le à jour.

[x] Lance un scan complet !

[x] Coche bien tout les éléments trouvés et supprime les !

[x] Un tutoriel pour son utilisation est disponible ici : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

[x] Suis les indications données sur le lien précédent puis copie/colle le rapport généré dans ton prochain message
0
Réponse 10 / 48
Gue56514
 
voici le rapport

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

2009-10-26 15:45:14
mbam-log-2009-10-26 (15-45-14).txt

Scan type: Quick Scan
Objects scanned: 113196
Time elapsed: 14 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
F:\autorun.inf (Worm.Agent.H) -> Delete on reboot.
0
Réponse 11 / 48
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Bien, fais un nouveau ZHPDiag maintenant
0
Réponse 12 / 48
gen-hackman
 
salut MBAM n est pas a jour
0
Réponse 13 / 48
shadox.shadox Messages postés 39 Statut Membre 1
 
Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

2009-10-26 15:45:14
mbam-log-2009-10-26 (15-45-14).txt

La mise à jour date d'hier, donc le programme est à jour.
0
Réponse 14 / 48
gen-hackman
 
MBAM a jour :

Malwarebytes' Anti-Malware 1.41
Database version: 3038
Windows 5.1.2600 Service Pack 3
0
Réponse 15 / 48
gue56514 Messages postés 9 Statut Membre
 
voici le rapport zhpdiag:

https://www.cjoint.com/?kBpCBYuEDc
0
Réponse 16 / 48
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Est ce que tu as un programme nommé " True Sword " dans ajout/suppression de programmes ?

Si oui, désinstalle le. Puis fais ceci :

-+-+-+-> RSIT <-+-+-+-

[x] Télécharge Random's System Information Tool à cette adresse : http://images.malwareremoval.com/random/RSIT.exe

[x] Double clique sur " RSIT.exe ".

[x] Clique sur " Continue ".

[x] Si hijackthis n'est pas présent il sera automatiquement téléchargé et tu devras accepter la license.

[x] Une fois l'analyse finie, deux fichiers ( info.txt & log.txt ) s'ouvriront.

[x] Rend toi sur www.cjoint.com

[x] Clique sur " Parcourir " dans la partie " Joindre un fichier[...] "

[x] Séléctionne le rapport info.txt qui se trouve sur ton bureau

[x] Clique ensuite sur " Créer le lien cjoint "

[x] Fais de même pour le log.txt

[x] Copie/colle ensuite les deux liens dans ton prochain message

[x] Note : si jamais tu as fermé les rapports sans faire attention, ils sont sous C:\rsit
0
Réponse 17 / 48
gue56514 Messages postés 9 Statut Membre
 
rapport log: https://www.cjoint.com/?kBqAvwsAgG

rapport info: https://www.cjoint.com/?kBqA4zuYIg
0
Réponse 18 / 48
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-+-> ComboFix <-+-+-+-

[x] Télécharge ComboFix ( de sUBs ) à cette adresse.

[x] /!\ Fermez toutes les fenêtres de programme ouvertes /!\

[x] /!\ Désactivez toutes les protections résidentes ( Antivirus, Pare-Feu, AntiSpyware ) /!\

[x] Double clique sur " Combofix.exe "

[x] Suis les indications qui sont données à l'écran, à un moment tu auras un message te demandant d'installer la console de récupération, fais le

[x] Combofix va maintenant déconnecter ton PC d'internet

[x] Pendant le scan, ne touche à rien ( souris, clavier )

[x] A la fin du scan, le rapport s'ouvrira automatiquement, copie/colle le dans ton prochain message.

[o] Nb : Si jamais il ne s'ouvrait pas, il se trouve sous C:\Combofix.txt
0
Réponse 19 / 48
gue56514 Messages postés 9 Statut Membre
 
voici le log

ComboFix 09-10-26.06 - Guillaume 2009-10-27 12:14.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.1791.1076 [GMT -4:00]
Lancé depuis: c:\documents and settings\Guillaume\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Guillaume\Application Data\inst.exe
c:\program files\Shared
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dahogemu.dll
c:\windows\system32\dasotegi.dll
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\images
c:\windows\system32\images\i1.gif
c:\windows\system32\images\i2.gif
c:\windows\system32\images\i3.gif
c:\windows\system32\images\j1.gif
c:\windows\system32\images\j2.gif
c:\windows\system32\images\j3.gif
c:\windows\system32\images\jj1.gif
c:\windows\system32\images\jj2.gif
c:\windows\system32\images\jj3.gif
c:\windows\system32\images\l1.gif
c:\windows\system32\images\l2.gif
c:\windows\system32\images\l3.gif
c:\windows\system32\images\pix.gif
c:\windows\system32\images\t1.gif
c:\windows\system32\images\t2.gif
c:\windows\system32\images\up1.gif
c:\windows\system32\images\up2.gif
c:\windows\system32\images\w1.gif
c:\windows\system32\images\w11.gif
c:\windows\system32\images\w2.gif
c:\windows\system32\images\w3.gif
c:\windows\system32\images\w3.jpg
c:\windows\system32\images\wt1.gif
c:\windows\system32\images\wt2.gif
c:\windows\system32\images\wt3.gif
c:\windows\system32\madipoha.dll
c:\windows\system32\mefivedo.dll.tmp
c:\windows\system32\mehumifo.dll.tmp
c:\windows\system32\nafiwofu.dll.tmp
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\wiwisoho.dll
c:\windows\system32\WS2Fix.exe
c:\windows\system32\yomisujo.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-27 au 2009-10-27 ))))))))))))))))))))))))))))))))))))
.

2009-10-27 15:24 . 2009-10-27 15:24 -------- d-----w- c:\program files\trend micro
2009-10-27 15:24 . 2009-10-27 15:24 -------- d-----w- C:\rsit
2009-10-26 17:09 . 2009-10-26 17:26 -------- d-----w- c:\program files\Ad-Remover
2009-10-26 15:58 . 2009-10-26 16:12 -------- d-----w- C:\Lop SD
2009-10-26 15:54 . 2009-10-26 15:54 -------- d-----w- c:\documents and settings\Guillaume\Application Data\Malwarebytes
2009-10-26 15:54 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-26 15:54 . 2009-10-26 15:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-26 15:54 . 2009-10-26 15:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-26 15:54 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-26 15:44 . 2009-10-26 15:49 -------- d-----w- c:\program files\ZHPDiag
2009-10-23 22:49 . 2009-10-23 22:49 -------- d-----w- c:\documents and settings\Guillaume\Application Data\Utherverse
2009-10-23 00:57 . 2009-10-23 00:57 -------- d-----w- c:\documents and settings\All Users\Application Data\vsosdk
2009-10-22 01:55 . 2009-10-23 01:06 -------- d-----w- c:\program files\DVDFab 6
2009-10-21 01:40 . 2009-10-21 01:40 304182 ----a-w- C:\StiImg.dat
2009-10-05 20:12 . 2009-10-26 15:44 -------- dc-h--w- c:\documents and settings\All Users\Application Data\~0

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-27 15:40 . 2009-01-15 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-10-26 17:21 . 2009-09-18 19:31 -------- d-----w- c:\program files\SeekService
2009-10-22 21:49 . 2009-02-10 04:36 -------- d-----w- c:\documents and settings\Guillaume\Application Data\dvdcss
2009-10-22 19:07 . 2009-01-16 02:41 -------- d-----w- c:\documents and settings\Guillaume\Application Data\Azureus
2009-10-22 02:08 . 2009-01-16 02:40 -------- d-----w- c:\program files\Vuze
2009-10-22 01:55 . 2009-04-14 19:28 -------- d-----w- c:\documents and settings\Guillaume\Application Data\Vso
2009-10-22 01:55 . 2009-04-22 21:26 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-10-22 01:55 . 2009-04-14 19:28 47360 ----a-w- c:\documents and settings\Guillaume\Application Data\pcouffin.sys
2009-10-17 05:12 . 2009-02-12 02:30 -------- d-----w- c:\program files\DivX
2009-10-16 06:02 . 2009-01-15 00:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-02 21:17 . 2009-01-23 04:45 -------- d-----w- c:\documents and settings\Guillaume\Application Data\mIRC
2009-10-02 21:14 . 2009-01-23 04:45 -------- d-----w- c:\program files\mIRC
2009-09-20 02:40 . 2009-09-20 02:40 -------- d-----w- c:\documents and settings\Guillaume\Application Data\TVU networks
2009-09-18 21:50 . 2009-09-18 21:10 -------- d-----w- c:\documents and settings\Guillaume\Application Data\Cool Record Edit Pro
2009-09-18 21:10 . 2009-09-18 21:10 -------- d-----w- c:\documents and settings\Guillaume\Application Data\Free Sound Recorder
2009-09-18 19:31 . 2009-09-18 19:31 -------- d-----w- c:\program files\Free Sound Recorder
2009-09-18 19:01 . 2009-07-10 21:45 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-16 16:29 . 2009-09-16 16:26 -------- d-----w- c:\program files\Microsoft
2009-09-16 16:29 . 2009-01-15 23:28 -------- d-----w- c:\program files\Windows Live
2009-09-16 16:28 . 2009-09-16 16:28 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-09 19:29 . 2009-09-09 19:29 -------- d-----w- c:\program files\Wondershare
2009-09-09 19:02 . 2009-09-09 19:02 -------- d-----w- c:\documents and settings\Guillaume\Application Data\Syntrillium
2009-09-09 19:02 . 2009-09-09 19:01 -------- d-----w- c:\program files\coolpro2
2009-08-21 19:15 . 2009-08-21 19:15 557568 ----a-w- c:\windows\system32\B4FM.dll
2009-08-16 13:30 . 2009-01-15 22:32 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-16 13:30 . 2009-01-15 22:32 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-16 13:30 . 2009-01-15 22:32 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-13 21:57 . 2009-08-13 21:57 45056 ----a-w- c:\windows\system32\dpvhelp.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-07-27 02:52 . 2009-07-27 02:52 51712 --sha-w- c:\windows\system32\lenodanu.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-08-18_17.16.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2009-10-27 16:22 . 2009-10-27 16:22 16384 c:\windows\temp\Perflib_Perfdata_77c.dat
- 2009-01-15 23:36 . 2008-07-09 07:38 17272 c:\windows\system32\spmsg.dll
+ 2009-01-15 23:36 . 2007-11-30 12:39 17272 c:\windows\system32\spmsg.dll
+ 2009-07-26 20:44 . 2009-07-26 20:44 48448 c:\windows\system32\sirenacm.dll
- 2004-08-04 11:00 . 2009-08-18 17:01 58732 c:\windows\system32\perfc009.dat
+ 2004-08-04 11:00 . 2009-10-27 15:51 58732 c:\windows\system32\perfc009.dat
+ 1998-06-18 04:00 . 1998-06-18 04:00 77824 c:\windows\system32\MSBIND.DLL
+ 2009-01-16 00:01 . 2009-10-20 19:29 88589 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2009-03-31 14:24 . 2009-04-21 14:13 15688 c:\windows\system32\lsdelete.exe
+ 2009-03-31 14:24 . 2009-05-26 14:17 15688 c:\windows\system32\lsdelete.exe
+ 2009-09-09 19:29 . 2008-11-19 13:41 16640 c:\windows\system32\drivers\WsAudioDevice_383.sys
+ 2008-04-14 00:15 . 2004-07-09 09:27 48512 c:\windows\system32\drivers\stream.sys
+ 2009-01-15 21:56 . 2008-04-14 04:15 60160 c:\windows\system32\drivers\drmk.sys
- 2009-01-15 21:56 . 2008-04-14 05:15 60160 c:\windows\system32\drivers\drmk.sys
+ 2008-04-14 00:15 . 2004-07-09 09:27 48512 c:\windows\system32\dllcache\stream.sys
- 2009-01-15 21:56 . 2008-04-14 05:15 60160 c:\windows\system32\dllcache\drmk.sys
+ 2009-01-15 21:56 . 2008-04-14 04:15 60160 c:\windows\system32\dllcache\drmk.sys
+ 2009-08-18 17:20 . 2008-10-16 19:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-08-18 17:20 . 2008-04-14 11:42 13824 c:\windows\system32\dllcache\cache\wscntfy.exe
+ 2009-08-18 17:20 . 2008-04-14 11:42 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 26112 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-08-18 17:20 . 2008-04-14 11:42 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-08-18 17:20 . 2008-04-14 11:42 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-08-18 17:20 . 2008-04-14 11:42 88576 c:\windows\system32\dllcache\cache\rasauto.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 33792 c:\windows\system32\dllcache\cache\msgsvc.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-08-18 17:20 . 2008-04-14 11:41 22016 c:\windows\system32\dllcache\cache\lpk.dll
+ 2009-08-18 17:20 . 2008-04-14 06:09 24576 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-08-18 17:20 . 2008-04-14 06:23 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-08-18 17:20 . 2008-04-14 11:42 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2009-08-18 17:20 . 2008-04-14 06:27 14336 c:\windows\system32\dllcache\cache\asyncmac.sys
+ 2009-08-18 17:20 . 2004-08-04 11:00 11648 c:\windows\system32\dllcache\cache\acpiec.sys
+ 2009-01-14 23:47 . 2009-10-26 16:57 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-01-14 23:47 . 2009-03-31 14:16 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-14 23:47 . 2009-10-26 16:57 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-01-14 23:47 . 2009-03-31 14:16 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-01-14 23:47 . 2009-10-26 16:57 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-01-14 23:47 . 2009-03-31 14:16 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-09-16 16:28 . 2009-09-16 16:28 22016 c:\windows\Installer\339ba5da.msi
+ 2009-09-16 16:26 . 2009-09-16 16:26 27136 c:\windows\Installer\339ba56b.msi
+ 2009-09-16 16:26 . 2009-09-16 16:26 83456 c:\windows\Installer\339ba55f.msi
+ 2009-09-16 16:26 . 2009-09-16 16:26 59904 c:\windows\Installer\339ba559.msi
+ 2009-09-16 16:26 . 2009-09-16 16:26 62304 c:\windows\Installer\{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}\IconWlc.exe
+ 2009-09-16 16:27 . 2009-09-16 16:27 80395 c:\windows\Installer\{770F1BEC-2871-4E70-B837-FB8525FFA3B1}\MsblIco.Exe
+ 2009-09-16 16:28 . 2009-09-16 16:28 58945 c:\windows\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe
+ 2009-08-18 17:20 . 2008-04-14 11:42 5120 c:\windows\system32\dllcache\cache\sfc.dll
+ 2009-08-18 17:20 . 2004-08-04 11:00 2944 c:\windows\system32\dllcache\cache\null.sys
+ 2009-08-18 17:20 . 2004-08-04 11:00 4224 c:\windows\system32\dllcache\cache\beep.sys
+ 2009-07-10 17:01 . 2009-07-10 17:01 307560 c:\windows\WLXPGSS.SCR
+ 2007-11-07 05:19 . 2007-11-07 05:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 05:19 . 2007-11-07 05:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 00:23 . 2007-11-07 00:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2009-09-09 19:02 . 2001-10-19 18:39 572752 c:\windows\system32\wmvdmoe.dll
+ 2009-09-09 19:02 . 2001-10-19 18:40 665424 c:\windows\system32\wmv8dmoe.dll
+ 2009-09-09 19:02 . 2001-10-19 18:40 438608 c:\windows\system32\wmv8dmod.dll
+ 2008-04-14 11:42 . 2008-07-11 08:55 347648 c:\windows\system32\windowscodecsext.dll
- 2008-04-14 11:42 . 2008-04-14 11:42 712704 c:\windows\system32\windowscodecs.dll
+ 2008-04-14 11:42 . 2008-07-11 08:55 712704 c:\windows\system32\windowscodecs.dll
- 2004-08-04 11:00 . 2009-08-18 17:01 392432 c:\windows\system32\perfh009.dat
+ 2004-08-04 11:00 . 2009-10-27 15:51 392432 c:\windows\system32\perfh009.dat
+ 2009-09-18 19:31 . 2005-02-24 15:51 348160 c:\windows\system32\NCTWMAFile2.dll
+ 2009-09-18 19:31 . 2005-03-28 19:52 417792 c:\windows\system32\NCTTextToAudio2.dll
+ 2009-09-18 19:31 . 2005-03-28 19:54 479232 c:\windows\system32\NCTAudioVisualization2.dll
+ 2009-09-18 19:31 . 2005-04-04 21:21 602112 c:\windows\system32\NCTAudioTransform2.dll
+ 2009-09-18 19:31 . 2005-04-25 17:01 458752 c:\windows\system32\NCTAudioRecord2.dll
+ 2009-09-18 19:31 . 2005-04-25 17:01 458752 c:\windows\system32\NCTAudioPlayer2.dll
+ 2009-09-18 19:31 . 2005-04-15 16:08 880640 c:\windows\system32\NCTAudioEditor2.dll
+ 2009-09-18 19:31 . 2004-11-04 17:31 835584 c:\windows\system32\NCTAudioCDGrabber2.dll
+ 2009-09-18 19:31 . 2002-01-05 20:37 344064 c:\windows\system32\msvcr70.dll
+ 2003-08-28 10:43 . 2003-08-28 10:43 499712 c:\windows\system32\msvcp71.dll
+ 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\system32\Macromed\Flash\FlashUtil10c.exe
- 2009-01-15 21:56 . 2008-04-14 05:49 146048 c:\windows\system32\drivers\portcls.sys
+ 2009-01-15 21:56 . 2008-04-14 04:49 146048 c:\windows\system32\drivers\portcls.sys
- 2009-01-15 21:56 . 2008-04-14 05:49 146048 c:\windows\system32\dllcache\portcls.sys
+ 2009-01-15 21:56 . 2008-04-14 04:49 146048 c:\windows\system32\dllcache\portcls.sys
+ 2009-08-18 17:20 . 2008-04-14 11:42 507904 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-08-18 17:20 . 2009-04-29 04:56 827392 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 578560 c:\windows\system32\dllcache\cache\user32.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 295424 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-08-18 17:20 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-08-18 17:20 . 2008-04-14 11:42 171008 c:\windows\system32\dllcache\cache\srsvc.dll
+ 2009-08-18 17:20 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\cache\services.exe
+ 2009-08-18 17:20 . 2008-04-14 11:42 181248 c:\windows\system32\dllcache\cache\scecli.dll
+ 2009-08-18 17:20 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\cache\rpcss.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 409088 c:\windows\system32\dllcache\cache\qmgr.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 435200 c:\windows\system32\dllcache\cache\ntmssvc.dll
+ 2009-08-18 17:20 . 2008-04-14 06:45 574976 c:\windows\system32\dllcache\cache\ntfs.sys
+ 2009-08-18 17:20 . 2008-04-14 11:42 407040 c:\windows\system32\dllcache\cache\netlogon.dll
+ 2009-08-18 17:20 . 2008-04-14 06:50 182656 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-08-18 17:20 . 2008-04-14 11:41 927504 c:\windows\system32\dllcache\cache\mfc40u.dll
+ 2009-08-18 17:20 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-08-18 17:20 . 2008-04-14 11:41 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2009-08-18 17:20 . 2008-04-14 11:41 792064 c:\windows\system32\dllcache\cache\comres.dll
+ 2009-08-18 17:20 . 2008-04-14 11:41 617472 c:\windows\system32\dllcache\cache\comctl32.dll
+ 2009-08-18 17:20 . 2008-04-14 11:41 167936 c:\windows\system32\dllcache\cache\appmgmts.dll
+ 2009-08-18 17:20 . 2008-04-14 03:09 142592 c:\windows\system32\dllcache\cache\aec.sys
+ 2009-10-23 21:54 . 2009-10-23 21:54 228352 c:\windows\Installer\5b9924c.msi
+ 2009-09-16 16:29 . 2009-09-16 16:29 550400 c:\windows\Installer\339ba5f9.msi
+ 2009-09-16 16:29 . 2009-09-16 16:29 779264 c:\windows\Installer\339ba5f2.msi
+ 2009-09-16 16:29 . 2009-09-16 16:29 483328 c:\windows\Installer\339ba5ec.msi
+ 2009-09-16 16:28 . 2009-09-16 16:28 891904 c:\windows\Installer\339ba5e6.msi
+ 2009-09-16 16:28 . 2009-09-16 16:28 816640 c:\windows\Installer\339ba5e0.msi
+ 2009-09-16 16:27 . 2009-09-16 16:27 430080 c:\windows\Installer\339ba588.msi
+ 2009-09-16 16:26 . 2009-09-16 16:26 155648 c:\windows\Installer\339ba580.msi
+ 2009-09-16 16:26 . 2009-09-16 16:26 152576 c:\windows\Installer\339ba565.msi
+ 2009-09-16 16:26 . 2009-09-16 16:26 107008 c:\windows\Installer\339ba553.msi
+ 2009-09-16 16:26 . 2009-09-16 16:26 301056 c:\windows\Installer\339ba54d.msi
+ 2009-09-16 16:29 . 2009-09-16 16:29 132096 c:\windows\Installer\{B131E59D-202C-43C6-84C9-68F0C37541F1}\WLXPhotoGalleryIcon.exe
+ 2009-09-16 16:28 . 2009-09-16 16:28 236392 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
+ 2009-09-16 16:28 . 2008-04-14 11:42 346112 c:\windows\$NtUninstallKB954708$\windowscodecsext.dll
+ 2009-09-16 16:28 . 2008-04-14 11:42 712704 c:\windows\$NtUninstallKB954708$\windowscodecs.dll
+ 2009-09-16 16:28 . 2007-11-30 12:39 382840 c:\windows\$NtUninstallKB954708$\spuninst\updspapi.dll
+ 2009-09-16 16:28 . 2007-11-30 12:39 231288 c:\windows\$NtUninstallKB954708$\spuninst\spuninst.exe
+ 2009-09-09 19:02 . 2001-10-19 18:40 1683792 c:\windows\system32\wmvcore2.dll
+ 2009-09-18 19:31 . 2005-05-18 15:52 1212416 c:\windows\system32\NCTAudioInformation2.dll
+ 2009-09-18 19:31 . 2005-05-17 16:37 1986560 c:\windows\system32\NCTAudioFile2.dll
+ 2003-03-20 08:12 . 2003-03-20 08:12 1047552 c:\windows\system32\MFC71u.dll
+ 2003-03-20 08:20 . 2003-03-20 08:20 1060864 c:\windows\system32\MFC71.dll
+ 2008-08-28 11:16 . 2008-08-28 11:16 1773568 c:\windows\system32\gdiplus.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 1614848 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-08-18 17:20 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-08-18 17:20 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-08-18 17:20 . 2009-04-29 04:56 3596288 c:\windows\system32\dllcache\cache\mshtml.dll
+ 2009-08-18 17:20 . 2008-04-14 11:42 1033728 c:\windows\system32\dllcache\cache\explorer.exe
+ 2009-09-17 21:39 . 2009-09-17 21:39 15709696 c:\windows\Installer\1ae3311.msp
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-05-15 1103216]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2009-03-04 2567104]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-03 39408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-14 29831168]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-17 2025752]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"D-Link AirPlus XtremeG DWL-G520"="c:\program files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe" [2007-06-27 1327104]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-26 413696]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 88584]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-09-21 520024]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-02 148888]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-09 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Guillaume\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-1-27 575488]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Launchpad.lnk - c:\program files\IC Media Corp.\ICM532\Launchpad.exe [2009-2-16 49152]
Logiciel Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
Malwarebytes' Anti-Malware.lnk - c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-10-26 1312080]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-16 13:30 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Electronic Arts\\La Bataille pour la Terre du Milieu II\\game.dat"=
"c:\\Program Files\\Electronic Arts\\L'Avènement du Roi-sorcier\\game.dat"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Splinter Cell Double Agent\\SCDA-Offline\\System\\SplinterCell4.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"e:\\bfvit\\Battlefield Vietnam\\BfVietnam.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-31 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-15 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-15 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-06-20 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-15 297752]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2005-03-22 547744]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2009-01-15 31392]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-01-15 238080]
R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2009-09-09 16640]
S2 gupdate1c99ba430003e31;Service Google Update (gupdate1c99ba430003e31);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-02 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 1028432]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mbr
.
Contenu du dossier 'Tâches planifiées'

2009-10-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 14:12]

2009-10-27 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-03 02:02]

2009-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-03 02:02]

2009-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-03 02:02]
.
.
------- Examen supplémentaire -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvLsp.dll
FF - ProfilePath - c:\documents and settings\Guillaume\Application Data\Mozilla\Firefox\Profiles\xpo8uw8t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.startup.homepage - google.ca
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - plugin: c:\program files\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{e85e4a14-4c5e-49c1-9b47-22e523bed950} - gufulise.dll
WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
HKLM-Run-humetipav - c:\windows\system32\madipoha.dll
HKLM-Run-filijokazu - wipoveku.dll
SharedTaskScheduler-{5d452edd-32dc-4526-be4f-908cad9e357c} - c:\windows\system32\madipoha.dll
SSODL-bikikopej-{5d452edd-32dc-4526-be4f-908cad9e357c} - c:\windows\system32\madipoha.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-27 12:25
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-746137067-117609710-1801674531-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:69,20,f1,90,df,80,a7,06,82,fb,ef,60,bd,4b,77,54,1f,da,1a,2c,f0,b6,c0,
74,8c,a3,26,7e,fc,e1,76,25,9e,d5,3c,a4,9b,a8,c4,3b,8a,c4,b7,b6,af,25,db,80,\
"??"=hex:aa,99,e1,3d,41,df,35,11,97,a6,c3,00,40,86,d4,fe

[HKEY_USERS\S-1-5-21-746137067-117609710-1801674531-1003\Software\SecuROM\License information*]
"datasecu"=hex:a4,23,b5,e4,e9,16,67,05,9e,dd,e7,1c,b6,d7,65,c6,1e,93,25,76,42,
70,0e,b9,f5,14,2f,e7,aa,47,22,73,dd,c0,81,12,5a,ca,20,ce,41,0d,9d,2c,0e,22,\
"rkeysecu"=hex:e0,ff,90,bf,7d,92,d4,3a,74,b7,8c,e1,58,bf,94,ac
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(712)
c:\windows\system32\nvLsp.dll

- - - - - - - > 'explorer.exe'(3732)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\bin32\nSvcAppFlt.exe
c:\program files\bin32\nSvcIp.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\combofix\CF19496.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jucheck.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Heure de fin: 2009-10-27 12:30 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-27 16:30
ComboFix2.txt 2009-08-18 17:20

Avant-CF: 4 605 177 856 bytes free
Après-CF: 6 792 835 072 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - F31F3CC894FF3451D623391A3AFDE4A1
0
Réponse 20 / 48
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-> CFScript <-+-+-+-

[x] Crée un nouveau fichier texte ( .txt )

[x] Copie/Colle ceci dedans :


File::
c:\windows\system32\lenodanu.dll
c:\windows\system32\B4FM.dll



[x] Puis enregistre le en CFScript.txt sur ton bureau

[x] Fais glisser le fichier CFScript.txt sur l'icone de ComboFix.

[x] Combofix effectuera la tache demandée dans le script, puis ouvrira un rapport.

[x] Copie/Colle son contenu dans ton prochain message

Nb : Le rapport est sauvegardé sous C:\Combofix.txt
0
  • 1
  • 2
  • 3

Discussions similaires

Cheval de Troie- e.tre456.worm.windows
Ninou037 -
Ninou037 -

13 réponses
cheval dans oblivion
sernaldo53 -
sernaldo53 -

12 réponses
Virus potentiel
Ramon1 -
bazfile -

29 réponses
virus et ou cheval de troie
FLORE+60 -
bazfile -

1 réponse
expressions francaises
bifaka -
lanonyme -

4 réponses